virus GOMEO ?? Fermé

Question

Bonjour !   
Beaucoup de soucis me mènent la vie dure avec mon ordinateur,   

Impossibilité d'installer un logiciel anti virus, les pages de recherche ne sont pas affichés et j'atteris sur des pages diverses de publicité sont dex exemples de certains gros problèmes !   

J'ai réussi à faire un rapport avec Hijack et ZHPDiag en mode sans echec sous windows XP service pack 3.   

Je vous mets donc à disposition ces deux rapports en espérant qu'une âme charitable pourra m'aider pour m'en sortir sans avoir à tout formater !   

Merci beaucoup !   


Rapport Hijack : http://www.box.net/shared/99zhozimf0mbdexof7k8  

Rapport ZHPDiag : http://www.box.net/shared/ahqh28y9as3joczxs4dh

Smart91 · Answer

Bonjour,


Il y a un souci avec ton site d"herbergement du rapport ZHPDiag.
Peux tu le poster via: http://cijoint.fr .

Smart

Smart91 · Answer

@placebo33

Tu es bien infecté

Tu vas faire tout d'abord ceci:

- Télécharge sur le bureau RogueKiller de Tigzy
- Quitte tous tes programmes en cours
- Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
- Sinon lance simplement RogueKiller.exe
- Lorsque demandé, tape 1 [SCAN] et valide
- Un rapport (RKreport.txt) a du se créer sur le bureau, poste-le.

* Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois. Si cela ne passe toujours pas , (cela peut arriver), renommer RogueKiller.exe en Winlogon.exe

Ensuite ceci:

-  Rends-toi à cette adresse afin de télécharger AD-Remover (créé par C_XX) : http://www.teamxscript.org/adremoverTelechargement.html
- Clique sur TÉLÉCHARGER et enregistre-le sur ton bureau.
- Déconnecte toi et ferme toutes les applications en cours 
- Double clique sur le fichier d'installation de AD-Remover, le programme s'installera automatiquement.  
- Au menu principal choisi l'option "Nettoyage" et tape sur [entrée] . 
- Laisse travailler l'outil et ne touche à rien ... 
- Poste le rapport qui apparait à la fin. (Le rapport est sauvegardé aussi sous C:\Ad-report.log) 
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller ) 

Cela fait deux rappots à poste, tu peux le faie directement dans tes réponses

Smart

Smart91 · Answer

OK  :-)

Smart

placebo33 · Answer

Voici donc les deux rapports : RKreport : RogueKiller V5.3.4 [30/08/2011] par Tigzy contact sur http://www.sur-la-toile.com mail: tigzyRKgmailcom Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode sans echec avec prise en charge reseau Utilisateur: nadia [Droits d'admin] Mode: Recherche -- Date : 31/08/2011 22:56:57 Processus malicieux: 2 [SUSP PATH] 1492735178:900400807.exe -- c:\windows\1492735178:900400807.exe -> KILLED [TermProc] [RESIDUE] 1492735178:900400807.exe -- c:\windows\1492735178:900400807.exe -> KILLED [TermProc] Entrees de registre: 15 [HJ NAME] HKLM\[...]\Run : tray_ico0 (C:\WINDOWS\update.tray-2-0\svchost.exe) -> FOUND [SUSP PATH] HKLM\[...]\Run : 3129897.exe ("C:\WINDOWS\TEMP\3129897.exe") -> FOUND [SUSP PATH] HKLM\[...]\Run : sysdriver32.exe ("C:\WINDOWS\sysdriver32.exe" rezerv) -> FOUND [SUSP PATH] HKLM\[...]\Run : sysdriver32_.exe ("C:\WINDOWS\sysdriver32_.exe" rezerv) -> FOUND [SUSP PATH] HKLM\[...]\Run : 9611090.exe ("C:\DOCUME~1\nadia\LOCALS~1\Temp\9611090.exe") -> FOUND [SUSP PATH] HKLM\[...]\Run : 5129758.exe ("C:\WINDOWS\TEMP\5129758.exe") -> FOUND [SUSP PATH] HKLM\[...]\Run : systemup ("C:\WINDOWS\systemup.exe" stand) -> FOUND [SUSP PATH] HKLM\[...]\Run : 70614475-loader2.exe ("C:\WINDOWS\TEMP\70614475-loader2.exe") -> FOUND [SUSP PATH] HKLM\[...]\Run : 2365019.exe ("C:\WINDOWS\TEMP\2365019.exe") -> FOUND [SUSP PATH] HKLM\[...]\Run : l1rezerv.exe ("C:\WINDOWS\l1rezerv.exe") -> FOUND [BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\WINDOWS\update.5.0\svchost.exe srv) -> FOUND [BLACKLIST] HKLM\[...]\services : srviecheck (C:\WINDOWS\update.2\svchost.exe srv) -> FOUND [BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\WINDOWS\sysdriver32.exe srv) -> FOUND [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND Fichiers / Dossiers particuliers: Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 af-za.facebook.com 127.0.0.1 az-az.facebook.com 127.0.0.1 id-id.facebook.com 127.0.0.1 ms-my.facebook.com 127.0.0.1 bs-ba.facebook.com 127.0.0.1 ca-es.facebook.com 127.0.0.1 cs-cz.facebook.com 127.0.0.1 cy-gb.facebook.com 127.0.0.1 da-dk.facebook.com 127.0.0.1 de-de.facebook.com 127.0.0.1 et-ee.facebook.com 127.0.0.1 en-gb.facebook.com 127.0.0.1 es-la.facebook.com 127.0.0.1 eo-eo.facebook.com 127.0.0.1 eu-es.facebook.com 127.0.0.1 tl-ph.facebook.com 127.0.0.1 fo-fo.facebook.com [...] Termine : << RKreport[1].txt >> RKreport[1].txt

placebo33 · Answer

Je n'arrive pas à poster l'autre rapport quand je valide j'ai un message d'erreur titre du message non renseigné !

placebo33 · Answer

http://www.box.net/shared/p445nza41nvsi0pu20sj

Voici le rapport d'Ad-R car je n'arrive pas à le poster directement dans le message !

Smart91 · Answer

OK
OK Relance RogueKiller et choisis l'option 2 et poste le rapport
ensuite tu choisis l'option 3 et tu postes le rapport.

Relance AD-Remover et choisis désinstaller

Ensuite tu vas faire ceci si possible en démarrage du PC en mode normal.

* Télécharge TDSSKiller (de Kaspersky Labs) sur ton Bureau.
* Lance le (si tu utilises Windows Vista ou 7 : fais un clic-droit dessus et choisis "Exécuter en tant qu'administrateur")
* Clique sur Start Scan pour démarrer l'analyse.
* Si des éléments néfastes sont identifiés par l'outil, vérifie que Cure est bien coché. S'il indique "suspicious", laisse l'option Skip.
* Ensuite, clique sur Continue puis sur Reboot Now si nécessaire.
* Un rapport s'ouvrira au redémarrage de l'ordinateur.
* Copie/colle son contenu dans ta prochaine réponse.
Note : Le rapport se trouve également sous C:\TDSSKiller.N°deversion_Date_Heure_log.txt

Smart

placebo33 · Answer

Je réitère mes remerciements pour ton aide :) je ne sais pas ce que je fais car je n'ai aucune connaissance en informatique mais je suis pas à pas ce que tu me dis ! Voici les rapports dans l'ordre que tu as cité : RogueKiller V5.3.4 [30/08/2011] par Tigzy contact sur http://www.sur-la-toile.com mail: tigzyRKgmailcom Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: nadia [Droits d'admin] Mode: Suppression -- Date : 01/09/2011 22:29:36 Processus malicieux: 9 [SUSP PATH] 1492735178:900400807.exe -- c:\windows\1492735178:900400807.exe -> KILLED [TermProc] [SVCHOST] svchost.exe -- c:\windows\update.tray-2-0\svchost.exe -> KILLED [TermProc] [SUSP PATH] l1rezerv.exe -- c:\windows\l1rezerv.exe -> KILLED [TermProc] [HJ NAME] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED [TermProc] [HJ NAME] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc] [SVCHOST] svchost.exe -- c:\windows\update.5.0\svchost.exe -> KILLED [TermProc] [SUSP PATH] sysdriver32.exe -- c:\windows\sysdriver32.exe -> KILLED [TermProc] [SVCHOST] svchost.exe -- c:\windows\update.2\svchost.exe -> KILLED [TermProc] [RESIDUE] 1492735178:900400807.exe -- c:\windows\1492735178:900400807.exe -> KILLED [TermProc] Entrees de registre: 15 [HJ NAME] HKLM\[...]\Run : tray_ico0 (C:\WINDOWS\update.tray-2-0\svchost.exe) -> DELETED [SUSP PATH] HKLM\[...]\Run : 3129897.exe ("C:\WINDOWS\TEMP\3129897.exe") -> DELETED [SUSP PATH] HKLM\[...]\Run : sysdriver32.exe ("C:\WINDOWS\sysdriver32.exe" rezerv) -> DELETED [SUSP PATH] HKLM\[...]\Run : sysdriver32_.exe ("C:\WINDOWS\sysdriver32_.exe" rezerv) -> DELETED [SUSP PATH] HKLM\[...]\Run : 9611090.exe ("C:\DOCUME~1\nadia\LOCALS~1\Temp\9611090.exe") -> DELETED [SUSP PATH] HKLM\[...]\Run : 5129758.exe ("C:\WINDOWS\TEMP\5129758.exe") -> DELETED [SUSP PATH] HKLM\[...]\Run : systemup ("C:\WINDOWS\systemup.exe" stand) -> DELETED [SUSP PATH] HKLM\[...]\Run : 70614475-loader2.exe ("C:\WINDOWS\TEMP\70614475-loader2.exe") -> DELETED [SUSP PATH] HKLM\[...]\Run : 2365019.exe ("C:\WINDOWS\TEMP\2365019.exe") -> DELETED [SUSP PATH] HKLM\[...]\Run : l1rezerv.exe ("C:\WINDOWS\l1rezerv.exe") -> DELETED [BLACKLIST] HKLM\[...]\services : srvbtcclient (C:\WINDOWS\update.5.0\svchost.exe srv) -> DELETED [BLACKLIST] HKLM\[...]\services : srviecheck (C:\WINDOWS\update.2\svchost.exe srv) -> DELETED [BLACKLIST] HKLM\[...]\services : srvsysdriver32 (C:\WINDOWS\sysdriver32.exe srv) -> DELETED [HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1) [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) Fichiers / Dossiers particuliers: Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 af-za.facebook.com 127.0.0.1 az-az.facebook.com 127.0.0.1 id-id.facebook.com 127.0.0.1 ms-my.facebook.com 127.0.0.1 bs-ba.facebook.com 127.0.0.1 ca-es.facebook.com 127.0.0.1 cs-cz.facebook.com 127.0.0.1 cy-gb.facebook.com 127.0.0.1 da-dk.facebook.com 127.0.0.1 de-de.facebook.com 127.0.0.1 et-ee.facebook.com 127.0.0.1 en-gb.facebook.com 127.0.0.1 es-la.facebook.com 127.0.0.1 eo-eo.facebook.com 127.0.0.1 eu-es.facebook.com 127.0.0.1 tl-ph.facebook.com 127.0.0.1 fo-fo.facebook.com [...] Termine : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt Ensuite : RogueKiller V5.3.4 [30/08/2011] par Tigzy contact sur http://www.sur-la-toile.com mail: tigzyRKgmailcom Remontees: http://www.sur-la-toile.com/discussion-193725-1-BRogueKillerD-Remontees.html Systeme d'exploitation: Windows XP (5.1.2600 Service Pack 3) 32 bits version Demarrage : Mode normal Utilisateur: nadia [Droits d'admin] Mode: HOSTS RAZ -- Date : 01/09/2011 22:29:57 Processus malicieux: 1 [SUSP PATH] 1492735178:900400807.exe -- c:\windows\1492735178:900400807.exe -> KILLED [TermProc] Fichier HOSTS: 127.0.0.1 localhost 127.0.0.1 facebook.com 127.0.0.1 www.facebook.com 127.0.0.1 af-za.facebook.com 127.0.0.1 az-az.facebook.com 127.0.0.1 id-id.facebook.com 127.0.0.1 ms-my.facebook.com 127.0.0.1 bs-ba.facebook.com 127.0.0.1 ca-es.facebook.com 127.0.0.1 cs-cz.facebook.com 127.0.0.1 cy-gb.facebook.com 127.0.0.1 da-dk.facebook.com 127.0.0.1 de-de.facebook.com 127.0.0.1 et-ee.facebook.com 127.0.0.1 en-gb.facebook.com 127.0.0.1 es-la.facebook.com 127.0.0.1 eo-eo.facebook.com 127.0.0.1 eu-es.facebook.com 127.0.0.1 tl-ph.facebook.com 127.0.0.1 fo-fo.facebook.com [...] Nouveau fichier HOSTS: 127.0.0.1 localhost Termine : << RKreport[3].txt >> RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt Et enfin le rapport TDSSkiller 2011/09/01 22:30:19.0250 1672 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/09/01 22:30:19.0359 1672 ================================================================================ 2011/09/01 22:30:19.0359 1672 SystemInfo: 2011/09/01 22:30:19.0359 1672 2011/09/01 22:30:19.0359 1672 OS Version: 5.1.2600 ServicePack: 3.0 2011/09/01 22:30:19.0359 1672 Product type: Workstation 2011/09/01 22:30:19.0359 1672 ComputerName: NADIA-18C96A8A2 2011/09/01 22:30:19.0359 1672 UserName: nadia 2011/09/01 22:30:19.0359 1672 Windows directory: C:\WINDOWS 2011/09/01 22:30:19.0359 1672 System windows directory: C:\WINDOWS 2011/09/01 22:30:19.0359 1672 Processor architecture: Intel x86 2011/09/01 22:30:19.0359 1672 Number of processors: 1 2011/09/01 22:30:19.0359 1672 Page size: 0x1000 2011/09/01 22:30:19.0359 1672 Boot type: Normal boot 2011/09/01 22:30:19.0359 1672 ================================================================================ 2011/09/01 22:30:19.0843 1672 Initialize success 2011/09/01 22:30:23.0703 0296 ================================================================================ 2011/09/01 22:30:23.0703 0296 Scan started 2011/09/01 22:30:23.0703 0296 Mode: Manual; 2011/09/01 22:30:23.0703 0296 ================================================================================ 2011/09/01 22:30:23.0984 0296 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/09/01 22:30:24.0062 0296 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 2011/09/01 22:30:24.0156 0296 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/09/01 22:30:24.0250 0296 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 2011/09/01 22:30:24.0390 0296 AgereSoftModem (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 2011/09/01 22:30:25.0000 0296 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/09/01 22:30:25.0078 0296 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/09/01 22:30:25.0187 0296 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/09/01 22:30:25.0281 0296 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/09/01 22:30:25.0359 0296 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/09/01 22:30:25.0468 0296 ca54f958 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\1492735178:900400807.exe 2011/09/01 22:30:26.0156 0296 Suspicious file (Hidden): C:\WINDOWS\1492735178:900400807.exe. md5: 8f2bb1827cac01aee6a16e30a1260199 2011/09/01 22:30:26.0156 0296 ca54f958 - detected HiddenFile.Multi.Generic (1) 2011/09/01 22:30:26.0281 0296 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/09/01 22:30:26.0328 0296 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 2011/09/01 22:30:26.0406 0296 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/09/01 22:30:26.0578 0296 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/09/01 22:30:26.0609 0296 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/09/01 22:30:26.0656 0296 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 2011/09/01 22:30:26.0703 0296 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 2011/09/01 22:30:26.0796 0296 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/09/01 22:30:26.0828 0296 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys 2011/09/01 22:30:26.0859 0296 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/09/01 22:30:26.0906 0296 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/09/01 22:30:26.0953 0296 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/09/01 22:30:27.0000 0296 eamon (59d9e5dbcfef1e0e3dbac1b55c718f2d) C:\WINDOWS\system32\DRIVERS\eamon.sys 2011/09/01 22:30:27.0078 0296 ehdrv (3bd67a869964bf57266cbbd1dca38c6a) C:\WINDOWS\system32\DRIVERS\ehdrv.sys 2011/09/01 22:30:27.0125 0296 epfwtdir (aa0af2830fc14ffd7e80611614ecac74) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 2011/09/01 22:30:27.0171 0296 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/09/01 22:30:27.0203 0296 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 2011/09/01 22:30:27.0234 0296 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys 2011/09/01 22:30:27.0250 0296 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/09/01 22:30:27.0265 0296 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 2011/09/01 22:30:27.0328 0296 fssfltr (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys 2011/09/01 22:30:27.0375 0296 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/09/01 22:30:27.0406 0296 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/09/01 22:30:27.0453 0296 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/09/01 22:30:27.0468 0296 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/09/01 22:30:27.0546 0296 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/09/01 22:30:27.0656 0296 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/09/01 22:30:27.0781 0296 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/09/01 22:30:28.0078 0296 ialm (612194abc69a6db0e2c49e1544ca93a0) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 2011/09/01 22:30:28.0359 0296 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\DRIVERS\iaStor.sys 2011/09/01 22:30:28.0421 0296 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/09/01 22:30:28.0656 0296 IntcAzAudAddService (00c5e8161d71f6a51885026e1853c027) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/09/01 22:30:28.0750 0296 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/09/01 22:30:28.0765 0296 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 2011/09/01 22:30:28.0812 0296 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/09/01 22:30:28.0843 0296 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/09/01 22:30:28.0875 0296 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/09/01 22:30:28.0906 0296 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/09/01 22:30:28.0984 0296 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/09/01 22:30:29.0062 0296 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/09/01 22:30:29.0125 0296 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/09/01 22:30:29.0156 0296 kbdhid (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/09/01 22:30:29.0218 0296 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/09/01 22:30:29.0296 0296 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/09/01 22:30:29.0437 0296 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/09/01 22:30:29.0515 0296 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys 2011/09/01 22:30:29.0562 0296 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/09/01 22:30:29.0640 0296 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/09/01 22:30:29.0703 0296 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/09/01 22:30:29.0781 0296 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/09/01 22:30:29.0875 0296 MRxSmb (3c77225dd6bbe6cc3d0cf6567c27e8e3) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/09/01 22:30:29.0875 0296 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: 3c77225dd6bbe6cc3d0cf6567c27e8e3, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 2011/09/01 22:30:29.0890 0296 MRxSmb - detected Rootkit.Win32.ZAccess.f (0) 2011/09/01 22:30:29.0953 0296 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/09/01 22:30:30.0000 0296 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/09/01 22:30:30.0031 0296 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/09/01 22:30:30.0109 0296 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/09/01 22:30:30.0171 0296 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/09/01 22:30:30.0234 0296 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 2011/09/01 22:30:30.0281 0296 MTsensor (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys 2011/09/01 22:30:30.0359 0296 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/09/01 22:30:30.0437 0296 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 2011/09/01 22:30:30.0531 0296 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 2011/09/01 22:30:30.0593 0296 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 2011/09/01 22:30:30.0656 0296 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/09/01 22:30:30.0703 0296 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/09/01 22:30:30.0734 0296 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/09/01 22:30:30.0828 0296 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/09/01 22:30:30.0921 0296 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/09/01 22:30:30.0984 0296 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/09/01 22:30:31.0046 0296 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys 2011/09/01 22:30:31.0109 0296 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/09/01 22:30:31.0171 0296 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/09/01 22:30:31.0296 0296 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/09/01 22:30:31.0359 0296 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/09/01 22:30:31.0406 0296 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/09/01 22:30:31.0593 0296 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys 2011/09/01 22:30:31.0625 0296 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS\nwlnknb.sys 2011/09/01 22:30:31.0687 0296 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys 2011/09/01 22:30:31.0781 0296 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS\nwrdr.sys 2011/09/01 22:30:31.0843 0296 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys 2011/09/01 22:30:31.0890 0296 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/09/01 22:30:31.0937 0296 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/09/01 22:30:31.0984 0296 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/09/01 22:30:32.0093 0296 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/09/01 22:30:32.0140 0296 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/09/01 22:30:32.0468 0296 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/09/01 22:30:32.0515 0296 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/09/01 22:30:32.0562 0296 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/09/01 22:30:32.0859 0296 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/09/01 22:30:32.0937 0296 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/09/01 22:30:32.0984 0296 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/09/01 22:30:33.0062 0296 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/09/01 22:30:33.0109 0296 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/09/01 22:30:33.0171 0296 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/09/01 22:30:33.0250 0296 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/09/01 22:30:33.0312 0296 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/09/01 22:30:33.0406 0296 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/09/01 22:30:33.0562 0296 RTL8023xp (1e11171c0b9989e1bdaa59e96b2e81c4) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys 2011/09/01 22:30:33.0640 0296 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS 2011/09/01 22:30:33.0734 0296 RTL8187B (de4924fe414bba15dd098aecf3711137) C:\WINDOWS\system32\DRIVERS\RTL8187B.sys 2011/09/01 22:30:33.0796 0296 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/09/01 22:30:33.0875 0296 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys 2011/09/01 22:30:33.0937 0296 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 2011/09/01 22:30:34.0062 0296 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 2011/09/01 22:30:34.0187 0296 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/09/01 22:30:34.0234 0296 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/09/01 22:30:34.0312 0296 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/09/01 22:30:34.0390 0296 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 2011/09/01 22:30:34.0421 0296 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/09/01 22:30:34.0437 0296 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/09/01 22:30:34.0593 0296 SynTP (51cdbb8836893d683b22dde0913af3e1) C:\WINDOWS\system32\DRIVERS\SynTP.sys 2011/09/01 22:30:34.0640 0296 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/09/01 22:30:34.0718 0296 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/09/01 22:30:34.0750 0296 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/09/01 22:30:34.0812 0296 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/09/01 22:30:34.0843 0296 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/09/01 22:30:34.0968 0296 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/09/01 22:30:35.0062 0296 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 2011/09/01 22:30:35.0140 0296 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 2011/09/01 22:30:35.0203 0296 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/09/01 22:30:35.0265 0296 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/09/01 22:30:35.0328 0296 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/09/01 22:30:35.0390 0296 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/09/01 22:30:35.0437 0296 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/09/01 22:30:35.0468 0296 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/09/01 22:30:35.0531 0296 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/09/01 22:30:35.0656 0296 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/09/01 22:30:35.0812 0296 VX1000 (2fbf9e882fc28a315a86aa1f831c144e) C:\WINDOWS\system32\DRIVERS\VX1000.sys 2011/09/01 22:30:35.0953 0296 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/09/01 22:30:36.0062 0296 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/09/01 22:30:36.0203 0296 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 2011/09/01 22:30:36.0250 0296 MBR (0x1B8) (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0 2011/09/01 22:30:36.0453 0296 MBR (0x1B8) (c18880083716ffd0e3f63524c6c45513) \Device\Harddisk1\DR3 2011/09/01 22:30:41.0406 0296 Boot (0x1200) (700b6808cd912b1d8aba683dba00b3bf) \Device\Harddisk0\DR0\Partition0 2011/09/01 22:30:41.0421 0296 Boot (0x1200) (329937c972ae05aa417fa9231a96b249) \Device\Harddisk0\DR0\Partition1 2011/09/01 22:30:41.0437 0296 ================================================================================ 2011/09/01 22:30:41.0437 0296 Scan finished 2011/09/01 22:30:41.0437 0296 ================================================================================ 2011/09/01 22:30:41.0468 1708 Detected object count: 2 2011/09/01 22:30:41.0468 1708 Actual detected object count: 2 2011/09/01 22:31:07.0843 1708 HiddenFile.Multi.Generic(ca54f958) - User select action: Skip 2011/09/01 22:31:07.0937 1708 MRxSmb (3c77225dd6bbe6cc3d0cf6567c27e8e3) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/09/01 22:31:07.0953 1708 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: 3c77225dd6bbe6cc3d0cf6567c27e8e3, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 2011/09/01 22:31:08.0578 1708 Backup copy found, using it.. 2011/09/01 22:31:08.0609 1708 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured after reboot 2011/09/01 22:31:08.0609 1708 Rootkit.Win32.ZAccess.f(MRxSmb) - User select action: Cure 2011/09/01 22:31:16.0671 1356 Deinitialize success

Smart91 · Answer

Redémarre le PC
Relance TDDSKiller 
Si des éléments néfastes sont identifiés par l'outil, vérifie que Cure est bien coché. et si tu vois ces éléments:
2011/09/01 22:30:26.0156 0296 Suspicious file (Hidden): C:\WINDOWS\1492735178:900400807.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/01 22:30:26.0156 0296 ca54f958 - detected HiddenFile.Multi.Generic (1) 
Coche  delete
Et poste le rapport

Smart

placebo33 · Answer

Salut après le week-end on reprend l'opération de désinfection ;) j'ai bien vu les programmes dont tu as parlé, j'ai coché donc comme tu as dis supprimé en cliquant sur "delete"

Voici le rapport :

2011/09/05 21:07:10.0656 2876	TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57
2011/09/05 21:07:10.0718 2876	================================================================================
2011/09/05 21:07:10.0718 2876	SystemInfo:
2011/09/05 21:07:10.0718 2876	
2011/09/05 21:07:10.0718 2876	OS Version: 5.1.2600 ServicePack: 3.0
2011/09/05 21:07:10.0718 2876	Product type: Workstation
2011/09/05 21:07:10.0718 2876	ComputerName: NADIA-18C96A8A2
2011/09/05 21:07:10.0718 2876	UserName: nadia
2011/09/05 21:07:10.0718 2876	Windows directory: C:\WINDOWS
2011/09/05 21:07:10.0718 2876	System windows directory: C:\WINDOWS
2011/09/05 21:07:10.0718 2876	Processor architecture: Intel x86
2011/09/05 21:07:10.0718 2876	Number of processors: 1
2011/09/05 21:07:10.0718 2876	Page size: 0x1000
2011/09/05 21:07:10.0718 2876	Boot type: Normal boot
2011/09/05 21:07:10.0718 2876	================================================================================
2011/09/05 21:07:11.0390 2876	Initialize success
2011/09/05 21:07:18.0687 2920	================================================================================
2011/09/05 21:07:18.0687 2920	Scan started
2011/09/05 21:07:18.0687 2920	Mode: Manual; 
2011/09/05 21:07:18.0687 2920	================================================================================
2011/09/05 21:07:18.0703 2924	================================================================================
2011/09/05 21:07:18.0703 2924	Scan started
2011/09/05 21:07:18.0703 2924	Mode: Manual; 
2011/09/05 21:07:18.0703 2924	================================================================================
2011/09/05 21:07:19.0437 2920	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/05 21:07:19.0453 2924	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/05 21:07:19.0578 2924	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/05 21:07:19.0578 2920	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/05 21:07:19.0906 2924	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/05 21:07:19.0906 2920	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/05 21:07:19.0968 2924	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/05 21:07:19.0984 2920	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/05 21:07:20.0109 2924	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/05 21:07:20.0171 2920	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/05 21:07:20.0687 2920	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/05 21:07:20.0781 2920	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/05 21:07:20.0875 2924	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/05 21:07:20.0890 2920	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/05 21:07:20.0906 2924	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/05 21:07:20.0953 2920	MBR (0x1B8)     (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/09/05 21:07:21.0109 2924	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/05 21:07:21.0250 2924	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/05 21:07:21.0312 2920	MBR (0x1B8)     (c18880083716ffd0e3f63524c6c45513) \Device\Harddisk1\DR3
2011/09/05 21:07:21.0359 2924	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/05 21:07:21.0390 2924	ca54f958        (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\1492735178:900400807.exe
2011/09/05 21:07:22.0093 2924	Suspicious file (Hidden): C:\WINDOWS\1492735178:900400807.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/05 21:07:22.0093 2924	ca54f958 - detected HiddenFile.Multi.Generic (1)
2011/09/05 21:07:22.0203 2924	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/05 21:07:22.0234 2924	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/05 21:07:22.0281 2924	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/05 21:07:22.0328 2924	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/05 21:07:22.0359 2924	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/05 21:07:22.0406 2924	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/05 21:07:22.0453 2924	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/05 21:07:22.0562 2924	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/05 21:07:22.0593 2924	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/05 21:07:22.0609 2924	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/05 21:07:22.0656 2924	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/05 21:07:22.0703 2924	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/05 21:07:22.0765 2924	eamon           (59d9e5dbcfef1e0e3dbac1b55c718f2d) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/09/05 21:07:22.0796 2924	ehdrv           (3bd67a869964bf57266cbbd1dca38c6a) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/09/05 21:07:22.0828 2924	epfwtdir        (aa0af2830fc14ffd7e80611614ecac74) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/09/05 21:07:22.0875 2924	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/05 21:07:22.0937 2924	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/05 21:07:23.0000 2924	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/05 21:07:23.0078 2924	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/05 21:07:23.0109 2924	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/05 21:07:23.0187 2924	fssfltr         (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/09/05 21:07:23.0234 2924	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/05 21:07:23.0343 2924	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/05 21:07:23.0406 2924	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/05 21:07:23.0468 2924	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/05 21:07:23.0562 2924	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/05 21:07:23.0703 2924	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/05 21:07:23.0890 2924	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/05 21:07:24.0171 2924	ialm            (612194abc69a6db0e2c49e1544ca93a0) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/05 21:07:24.0421 2924	iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/09/05 21:07:24.0468 2924	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/05 21:07:24.0718 2924	IntcAzAudAddService (00c5e8161d71f6a51885026e1853c027) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/05 21:07:24.0812 2924	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/05 21:07:24.0843 2924	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/05 21:07:24.0890 2924	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/05 21:07:24.0937 2924	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/05 21:07:24.0984 2924	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/05 21:07:25.0031 2924	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/05 21:07:25.0109 2924	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/05 21:07:25.0171 2924	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/05 21:07:25.0218 2924	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/05 21:07:25.0250 2924	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/05 21:07:25.0296 2924	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/05 21:07:25.0359 2924	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/05 21:07:25.0531 2924	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/05 21:07:25.0609 2924	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/05 21:07:25.0656 2924	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/05 21:07:25.0718 2924	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/05 21:07:25.0781 2924	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/05 21:07:25.0890 2924	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/05 21:07:25.0984 2924	MRxSmb          (550778d291b66c6323b83c599e9a5546) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/05 21:07:25.0984 2924	Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: 550778d291b66c6323b83c599e9a5546, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0
2011/09/05 21:07:26.0000 2924	MRxSmb - detected Rootkit.Win32.ZAccess.c (0)
2011/09/05 21:07:26.0062 2924	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/05 21:07:26.0109 2924	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/05 21:07:26.0140 2924	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/05 21:07:26.0187 2924	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/05 21:07:26.0234 2924	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/05 21:07:26.0390 2924	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/05 21:07:26.0421 2920	Boot (0x1200)   (700b6808cd912b1d8aba683dba00b3bf) \Device\Harddisk0\DR0\Partition0
2011/09/05 21:07:26.0453 2920	Boot (0x1200)   (329937c972ae05aa417fa9231a96b249) \Device\Harddisk0\DR0\Partition1
2011/09/05 21:07:26.0453 2920	================================================================================
2011/09/05 21:07:26.0453 2920	Scan finished
2011/09/05 21:07:26.0453 2920	================================================================================
2011/09/05 21:07:26.0500 2908	Detected object count: 0
2011/09/05 21:07:26.0500 2908	Actual detected object count: 0
2011/09/05 21:07:26.0531 2924	MTsensor        (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
2011/09/05 21:07:26.0546 2924	Scan interrupted by user!
2011/09/05 21:07:26.0546 2924	Scan interrupted by user!
2011/09/05 21:07:26.0546 2924	Scan interrupted by user!
2011/09/05 21:07:26.0546 2924	================================================================================
2011/09/05 21:07:26.0546 2924	Scan finished
2011/09/05 21:07:26.0546 2924	================================================================================
2011/09/05 21:07:26.0546 2912	Detected object count: 2
2011/09/05 21:07:26.0546 2912	Actual detected object count: 2
2011/09/05 21:07:43.0500 2912	HKLM\SYSTEM\ControlSet002\services\ca54f958 - will be deleted after reboot
2011/09/05 21:07:43.0546 2912	HKLM\SYSTEM\ControlSet004\services\ca54f958 - will be deleted after reboot
2011/09/05 21:07:43.0562 2912	C:\WINDOWS\1492735178:900400807.exe - will be deleted after reboot
2011/09/05 21:07:43.0562 2912	HiddenFile.Multi.Generic(ca54f958) - User select action: Delete 
2011/09/05 21:07:43.0656 2912	MRxSmb          (550778d291b66c6323b83c599e9a5546) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/05 21:07:43.0656 2912	Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\mrxsmb.sys. Real md5: 550778d291b66c6323b83c599e9a5546, Fake md5: 7d304a5eb4344ebeeab53a2fe3ffb9f0
2011/09/05 21:07:44.0250 2912	Backup copy found, using it..
2011/09/05 21:07:44.0265 2912	C:\WINDOWS\system32\DRIVERS\mrxsmb.sys - will be cured after reboot
2011/09/05 21:07:44.0265 2912	Rootkit.Win32.ZAccess.c(MRxSmb) - User select action: Cure 
2011/09/05 21:07:47.0500 2864	Deinitialize success

Smart91 · Answer

OK Tu as bien fait de rebooter :-)   
Cela à l'air d'être OK   

Comme il y a une nouvelle version de TDSSKIller.   
Supprimme TDSSKiller qui est sur ton bureau. Télécharge la nouvelle version:   
TDSSKiller   
Refais un scan et poste le rapport.   

Smart   
"Si tu n'as pas d'ambitions, tu t'installes au bord de la chute" (Kundera)

placebo33 · Answer

Re ! Il semble que les menaces trouvées aient la dent dure, elles sont toujours présentes. Voici le rapport :

2011/09/06 01:47:52.0781 2656	TDSS rootkit removing tool 2.5.18.0 Sep  5 2011 09:53:09
2011/09/06 01:47:52.0890 2656	================================================================================
2011/09/06 01:47:52.0890 2656	SystemInfo:
2011/09/06 01:47:52.0890 2656	
2011/09/06 01:47:52.0890 2656	OS Version: 5.1.2600 ServicePack: 3.0
2011/09/06 01:47:52.0890 2656	Product type: Workstation
2011/09/06 01:47:52.0890 2656	ComputerName: NADIA-18C96A8A2
2011/09/06 01:47:52.0890 2656	UserName: nadia
2011/09/06 01:47:52.0890 2656	Windows directory: C:\WINDOWS
2011/09/06 01:47:52.0890 2656	System windows directory: C:\WINDOWS
2011/09/06 01:47:52.0890 2656	Processor architecture: Intel x86
2011/09/06 01:47:52.0890 2656	Number of processors: 1
2011/09/06 01:47:52.0890 2656	Page size: 0x1000
2011/09/06 01:47:52.0890 2656	Boot type: Normal boot
2011/09/06 01:47:52.0890 2656	================================================================================
2011/09/06 01:47:53.0453 2656	Initialize success
2011/09/06 01:47:54.0875 2704	================================================================================
2011/09/06 01:47:54.0875 2704	Scan started
2011/09/06 01:47:54.0875 2704	Mode: Manual; 
2011/09/06 01:47:54.0875 2704	================================================================================
2011/09/06 01:47:55.0609 2704	ACPI            (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2011/09/06 01:47:55.0671 2704	ACPIEC          (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
2011/09/06 01:47:55.0734 2704	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2011/09/06 01:47:55.0796 2704	AFD             (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys
2011/09/06 01:47:56.0062 2704	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
2011/09/06 01:47:56.0343 2704	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2011/09/06 01:47:56.0375 2704	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2011/09/06 01:47:56.0468 2704	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2011/09/06 01:47:56.0546 2704	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2011/09/06 01:47:56.0625 2704	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2011/09/06 01:47:56.0656 2704	ca54f958        (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\1492735178:900400807.exe
2011/09/06 01:47:57.0375 2704	Suspicious file (Hidden): C:\WINDOWS\1492735178:900400807.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
2011/09/06 01:47:57.0390 2704	ca54f958 - detected HiddenFile.Multi.Generic (1)
2011/09/06 01:47:57.0468 2704	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2011/09/06 01:47:57.0500 2704	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2011/09/06 01:47:57.0562 2704	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2011/09/06 01:47:57.0609 2704	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2011/09/06 01:47:57.0640 2704	Cdrom           (ce12b7a74531bde26b7533ac43bd16fa) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/06 01:47:57.0640 2704	Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: ce12b7a74531bde26b7533ac43bd16fa, Fake md5: 1f4260cc5b42272d71f79e570a27a4fe
2011/09/06 01:47:57.0656 2704	Cdrom - detected Rootkit.Win32.ZAccess.c (0)
2011/09/06 01:47:57.0703 2704	CmBatt          (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
2011/09/06 01:47:57.0750 2704	Compbatt        (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2011/09/06 01:47:57.0859 2704	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2011/09/06 01:47:57.0890 2704	dmio            (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys
2011/09/06 01:47:57.0921 2704	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2011/09/06 01:47:57.0953 2704	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2011/09/06 01:47:58.0000 2704	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2011/09/06 01:47:58.0062 2704	eamon           (59d9e5dbcfef1e0e3dbac1b55c718f2d) C:\WINDOWS\system32\DRIVERS\eamon.sys
2011/09/06 01:47:58.0109 2704	ehdrv           (3bd67a869964bf57266cbbd1dca38c6a) C:\WINDOWS\system32\DRIVERS\ehdrv.sys
2011/09/06 01:47:58.0140 2704	epfwtdir        (aa0af2830fc14ffd7e80611614ecac74) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
2011/09/06 01:47:58.0234 2704	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2011/09/06 01:47:58.0281 2704	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2011/09/06 01:47:58.0343 2704	Fips            (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys
2011/09/06 01:47:58.0437 2704	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2011/09/06 01:47:58.0500 2704	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2011/09/06 01:47:58.0609 2704	fssfltr         (960f5e5e4e1f720465311ac68a99c2df) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2011/09/06 01:47:58.0718 2704	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2011/09/06 01:47:58.0750 2704	Ftdisk          (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2011/09/06 01:47:58.0828 2704	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2011/09/06 01:47:58.0890 2704	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2011/09/06 01:47:58.0953 2704	HidUsb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2011/09/06 01:47:59.0109 2704	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2011/09/06 01:47:59.0265 2704	i8042prt        (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2011/09/06 01:47:59.0531 2704	ialm            (612194abc69a6db0e2c49e1544ca93a0) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
2011/09/06 01:47:59.0859 2704	iaStor          (997e8f5939f2d12cd9f2e6b395724c16) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2011/09/06 01:47:59.0906 2704	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2011/09/06 01:48:00.0187 2704	IntcAzAudAddService (00c5e8161d71f6a51885026e1853c027) C:\WINDOWS\system32\drivers\RtkHDAud.sys
2011/09/06 01:48:00.0328 2704	intelppm        (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2011/09/06 01:48:00.0406 2704	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2011/09/06 01:48:00.0484 2704	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2011/09/06 01:48:00.0546 2704	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2011/09/06 01:48:00.0593 2704	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2011/09/06 01:48:00.0640 2704	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2011/09/06 01:48:00.0718 2704	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2011/09/06 01:48:00.0812 2704	isapnp          (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2011/09/06 01:48:00.0843 2704	Kbdclass        (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2011/09/06 01:48:00.0890 2704	kbdhid          (94c59cb884ba010c063687c3a50dce8e) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2011/09/06 01:48:00.0937 2704	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2011/09/06 01:48:01.0000 2704	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2011/09/06 01:48:01.0125 2704	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2011/09/06 01:48:01.0250 2704	Modem           (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys
2011/09/06 01:48:01.0296 2704	Mouclass        (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2011/09/06 01:48:01.0375 2704	mouhid          (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2011/09/06 01:48:01.0468 2704	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2011/09/06 01:48:01.0531 2704	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2011/09/06 01:48:01.0625 2704	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2011/09/06 01:48:01.0734 2704	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2011/09/06 01:48:01.0781 2704	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2011/09/06 01:48:01.0812 2704	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2011/09/06 01:48:01.0859 2704	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2011/09/06 01:48:01.0906 2704	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2011/09/06 01:48:01.0968 2704	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2011/09/06 01:48:02.0046 2704	MTsensor        (1c0f480b7c6136ddb5fb909995af014a) C:\WINDOWS\system32\DRIVERS\ATKACPI.sys
2011/09/06 01:48:02.0140 2704	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
2011/09/06 01:48:02.0218 2704	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2011/09/06 01:48:02.0296 2704	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2011/09/06 01:48:02.0359 2704	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2011/09/06 01:48:02.0437 2704	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS
distapi.sys
2011/09/06 01:48:02.0500 2704	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS
disuio.sys
2011/09/06 01:48:02.0609 2704	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS
diswan.sys
2011/09/06 01:48:02.0718 2704	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
2011/09/06 01:48:02.0796 2704	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS
etbios.sys
2011/09/06 01:48:02.0859 2704	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS
etbt.sys
2011/09/06 01:48:02.0937 2704	Netdevio        (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS
etdevio.sys
2011/09/06 01:48:03.0015 2704	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2011/09/06 01:48:03.0093 2704	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2011/09/06 01:48:03.0218 2704	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2011/09/06 01:48:03.0281 2704	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS
wlnkflt.sys
2011/09/06 01:48:03.0343 2704	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS
wlnkfwd.sys
2011/09/06 01:48:03.0375 2704	NwlnkIpx        (8b8b1be2dba4025da6786c645f77f123) C:\WINDOWS\system32\DRIVERS
wlnkipx.sys
2011/09/06 01:48:03.0421 2704	NwlnkNb         (56d34a67c05e94e16377c60609741ff8) C:\WINDOWS\system32\DRIVERS
wlnknb.sys
2011/09/06 01:48:03.0468 2704	NwlnkSpx        (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\WINDOWS\system32\DRIVERS
wlnkspx.sys
2011/09/06 01:48:03.0546 2704	NWRDR           (36b9b950e3d2e100970a48d8bad86740) C:\WINDOWS\system32\DRIVERS
wrdr.sys
2011/09/06 01:48:03.0656 2704	Parport         (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys
2011/09/06 01:48:03.0703 2704	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2011/09/06 01:48:03.0765 2704	ParVdm          (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys
2011/09/06 01:48:03.0796 2704	PCI             (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys
2011/09/06 01:48:03.0906 2704	PCIIde          (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys
2011/09/06 01:48:03.0953 2704	Pcmcia          (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\drivers\Pcmcia.sys
2011/09/06 01:48:04.0359 2704	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERSaspptp.sys
2011/09/06 01:48:04.0406 2704	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2011/09/06 01:48:04.0453 2704	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2011/09/06 01:48:04.0703 2704	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERSasacd.sys
2011/09/06 01:48:04.0765 2704	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERSasl2tp.sys
2011/09/06 01:48:04.0812 2704	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERSaspppoe.sys
2011/09/06 01:48:04.0906 2704	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERSaspti.sys
2011/09/06 01:48:04.0953 2704	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERSdbss.sys
2011/09/06 01:48:04.0984 2704	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2011/09/06 01:48:05.0031 2704	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERSdpdr.sys
2011/09/06 01:48:05.0140 2704	RDPWD           (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
2011/09/06 01:48:05.0203 2704	redbook         (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERSedbook.sys
2011/09/06 01:48:05.0296 2704	RTL8023xp       (1e11171c0b9989e1bdaa59e96b2e81c4) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2011/09/06 01:48:05.0343 2704	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
2011/09/06 01:48:05.0390 2704	RTL8187B        (de4924fe414bba15dd098aecf3711137) C:\WINDOWS\system32\DRIVERS\RTL8187B.sys
2011/09/06 01:48:05.0437 2704	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2011/09/06 01:48:05.0500 2704	Serial          (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys
2011/09/06 01:48:05.0546 2704	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2011/09/06 01:48:05.0625 2704	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2011/09/06 01:48:05.0765 2704	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2011/09/06 01:48:05.0796 2704	sr              (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys
2011/09/06 01:48:05.0859 2704	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
2011/09/06 01:48:05.0921 2704	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2011/09/06 01:48:05.0968 2704	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2011/09/06 01:48:05.0984 2704	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2011/09/06 01:48:06.0156 2704	SynTP           (51cdbb8836893d683b22dde0913af3e1) C:\WINDOWS\system32\DRIVERS\SynTP.sys
2011/09/06 01:48:06.0171 2704	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2011/09/06 01:48:06.0265 2704	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS	cpip.sys
2011/09/06 01:48:06.0375 2704	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2011/09/06 01:48:06.0437 2704	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2011/09/06 01:48:06.0484 2704	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS	ermdd.sys
2011/09/06 01:48:06.0609 2704	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2011/09/06 01:48:06.0703 2704	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2011/09/06 01:48:06.0812 2704	usbaudio        (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
2011/09/06 01:48:06.0890 2704	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2011/09/06 01:48:06.0921 2704	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2011/09/06 01:48:06.0937 2704	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2011/09/06 01:48:07.0000 2704	usbscan         (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2011/09/06 01:48:07.0015 2704	USBSTOR         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2011/09/06 01:48:07.0046 2704	usbuhci         (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2011/09/06 01:48:07.0078 2704	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2011/09/06 01:48:07.0125 2704	VolSnap         (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys
2011/09/06 01:48:07.0234 2704	VX1000          (2fbf9e882fc28a315a86aa1f831c144e) C:\WINDOWS\system32\DRIVERS\VX1000.sys
2011/09/06 01:48:07.0390 2704	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2011/09/06 01:48:07.0484 2704	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2011/09/06 01:48:07.0625 2704	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2011/09/06 01:48:07.0687 2704	MBR (0x1B8)     (c99c3199cfaa4cbdcd91493f6d113a50) \Device\Harddisk0\DR0
2011/09/06 01:48:07.0859 2704	MBR (0x1B8)     (c18880083716ffd0e3f63524c6c45513) \Device\Harddisk1\DR3
2011/09/06 01:48:12.0781 2704	Boot (0x1200)   (700b6808cd912b1d8aba683dba00b3bf) \Device\Harddisk0\DR0\Partition0
2011/09/06 01:48:12.0796 2704	Boot (0x1200)   (329937c972ae05aa417fa9231a96b249) \Device\Harddisk0\DR0\Partition1
2011/09/06 01:48:12.0796 2704	================================================================================
2011/09/06 01:48:12.0796 2704	Scan finished
2011/09/06 01:48:12.0796 2704	================================================================================
2011/09/06 01:48:12.0812 2696	Detected object count: 2
2011/09/06 01:48:12.0812 2696	Actual detected object count: 2
2011/09/06 01:48:45.0000 2696	HKLM\SYSTEM\ControlSet002\services\ca54f958 - will be deleted after reboot
2011/09/06 01:48:45.0046 2696	HKLM\SYSTEM\ControlSet004\services\ca54f958 - will be deleted after reboot
2011/09/06 01:48:45.0062 2696	C:\WINDOWS\1492735178:900400807.exe - will be deleted after reboot
2011/09/06 01:48:45.0062 2696	HiddenFile.Multi.Generic(ca54f958) - User select action: Delete 
2011/09/06 01:48:45.0156 2696	Cdrom           (ce12b7a74531bde26b7533ac43bd16fa) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2011/09/06 01:48:45.0156 2696	Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\cdrom.sys. Real md5: ce12b7a74531bde26b7533ac43bd16fa, Fake md5: 1f4260cc5b42272d71f79e570a27a4fe
2011/09/06 01:48:47.0390 2696	Backup copy found, using it..
2011/09/06 01:48:47.0390 2696	C:\WINDOWS\system32\DRIVERS\cdrom.sys - will be cured after reboot
2011/09/06 01:48:47.0390 2696	Rootkit.Win32.ZAccess.c(Cdrom) - User select action: Cure 
2011/09/06 01:48:52.0125 2652	Deinitialize success

g3n-h@ckm@n · Answer

salut smart j'ai eu le meme que toi à regler ici voila comment j'ai fait :

(Placebo33 :

attends smart pour agir)

https://forums.commentcamarche.net/forum/affich-23062132-les-antivirus-sont-inefficaces?page=2#34

Smart91 · Answer

En effet il était revenu. Mais je veux voir si même après le passage de la dernière version de TDSSKiller, il a bien été shooté ou s'il va revenir.
Quelle m**de ce ZAccess :-)

Redémarre le PC et refais un scan TDSSKiller et poste le rapport

Smart

placebo33 · Answer

Salut, je ne suis pas chez moi mais hier soir j'ai essayé de relancer TDSS Killer après reboot avec la nouvelle version et effectivement il me détectait toujours les mêmes menaces. Je n'ai pas posté le rapport mais je le ferai ce soir !

A bientôt!

Smart91 · Answer

Tu as donc refais un autre scan après 1h48 ?
OK à ce soir. Bien que je ne serais pas beaucpou dispo. On va faire autrement

Smart

placebo33 · Answer

Oui dans la foulée à 1h50, après le reboot j'ai rescanné pour voir si les éléments étaient toujours présents, et c'était le cas. Ok si t'es pas dispo c'est pas grave on fait en fonction de tes disponibilités c'est déjà agréable d'avoir de l'aide car tout seul j'étais bon pour tout formater !

Smart91 · Answer

On n'est pas sorti de l'auberge car c'est une véritable m**rde ce truc. Je te conseille quand même de faire une sauvegarde de tes documents personnels. Mais ne auvegarde aucun fichier système et exécutable. On ne sait jamais si on doit formater.
J'attend le rapport pour voir quel driver a été patché car il change de driver dès que TDSSKiller a été passé.

Smart

Smart91 · Answer

Tu peux poster le rapport ComboFix. Le rapport se trouve également là : C:\ComboFix.txt
Il semblerait qu'il n y ait plus de rootkit

Smart

Smart91 · Answer

En effet le rapport MBAM montre beucoup d'infection mais la plupart sont dans la quarantaine de USBFix et de ComboFix.
ComBofix montre églement que plusieurs programmes ont été infectés , il faut donc les désintaller et les réinstaller.

je pense que t aversion d'XP n'est pas légale mais c'est une version crackée.
Cela va être dure de désinfecter car cela va toujour revenir.

Relance MBAM:
* Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme). C'est très important
* Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet puis "Rechercher"
* Ne t'inquiète pas, l'analyse peut durer plusieurs heures en fonction du nombre de fichiers et infections à analyser 
* A la fin de l'analyse, clique sur "Afficher les résultats"
* Coche tous les éléments détectés puis clique sur "Supprimer la sélection"
* Enregistre le rapport
* S'il t'est demandé de redémarrer l'ordinateur, clique sur Yes
* Un rapport apparait après la suppression : poste le dans ta prochaine réponse.

Ensuite tu vas faire ceci:
1. Télécharge WinChk (d'Xplode) sur ton bureau
2. Double clique sur winchk.exe
3. Clique sur le bouton Exécuter
4. Patiente durant la création du rapport..
5. Celui-ci s'affiche à l'écran à la fin de l'analyse. Si rien n'apparaît, le rapport est présent à la racine du disque dur : C:\WinChk.txt
6. Poste ce rapport dans ta réponse

Smart

placebo33 · Answer

Bonjour, voici le rapport MBAM

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Version de la base de données: 7680

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/09/2011 01:08:41
mbam-log-2011-09-09 (01-08-41).txt

Type d'examen: Examen complet (C:\|D:\|E:\|)
Elément(s) analysé(s): 238774
Temps écoulé: 34 minute(s), 21 seconde(s)

Processus mémoire infecté(s): 1
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1155

Processus mémoire infecté(s):
c:\documents and settings	azebama.dl_ (Trojan.Dropper) -> 1152 -> Unloaded process successfully.

Module(s) mémoire infecté(s):
c:\documents and settings	azebama.dll (Worm.Mabezat) -> Delete on reboot.

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
c:\documents and settings	azebama.dl_ (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings	azebama.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\zPharaoh.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\hook.dl_ (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings
adia\Bureauk_quarantine\l1rezerv.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings
adia\Bureauk_quarantine\svchost.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings
adia\Bureauk_quarantine\sysdriver32_.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings
adia\Bureauk_quarantine\systemup.exe.vir (Trojan.Agent.H) -> Quarantined and deleted successfully.
c:\documents and settings
adia\mes documents\mes telechargements internetemovewga.exe (PUP.RemoveWGA) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\fast browser search\IE\searchguardplus.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\fast browser search\IE\update.exe.vir (PUP.Fbsearch) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\mozilla firefox\plugins
pclntax_hotbarsa.dll.vir (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\program files\ad-remover\quarantine\C\program files\shoppingreport\Bin\2.6.58\shoppingreport.dll.vir (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\Qoobox\qoobox                                                                                               .exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\zpharaoh.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings\hook.dl_.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings	azebama.dll.vir (Worm.Mabezat) -> Delete on reboot.
c:\Qoobox\quarantine\C\documents and settings	azebama.dll.vir.vir (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\documents and settings	azebama.dl_.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\l1rezerv.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\sysdriver32_.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\systemup.exe.vir (Trojan.Agent.H) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\update.1\svchost.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\update.5.0\svchost.exe.vir (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\C\WINDOWS\update.7.1\svchostdriver.exe.vir (Spyware.Agent) -> Quarantined and deleted successfully.
c:\Qoobox\quarantine\D\zpharaoh.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872056.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872329.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872343.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872452.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872465.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872502.exe (PUP.Fbsearch) -> Not selected for removal.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872761.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872762.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872763.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872764.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872766.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872767.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872517.dll (Adware.SmartShopper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872520.dll (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872525.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872534.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872545.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872769.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872770.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872771.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0873247.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0872512.exe (PUP.Fbsearch) -> Not selected for removal.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0873251.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0873267.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP640\A0873272.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP641\A0874277.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP641\A0874281.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874287.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874291.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874295.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874299.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874303.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP642\A0874307.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874318.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874320.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874322.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874324.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874327.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874328.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874330.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874332.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0874348.ini (Backdoor.0Access) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875307.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875342.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875358.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875359.exe (Trojan.Agent.H) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875360.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875362.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875363.exe (Spyware.Agent) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875364.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\system volume information\_restore{5517ad9a-8676-437b-ac91-1cb6045f802c}\RP643\A0875400.dll (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\zpharaoh.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings\hook.dl_.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings	azebama.dll.vir (Worm.Mabezat) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings	azebama.dl_.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\zpharaoh.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\azur\azur .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\Barsa\barsa .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\bg\bg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\Bilbao\bilbao .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\Bordeaux\bordeaux .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\Bordeaux\bordeaux en printemps\bordeaux en printemps .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\Bordeaux\Venci\venci .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\C\documents and settings
adia\local settings\application data\microsoft\cd burning\carcassonne\carcassonne .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\zpharaoh.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\bg subtitles\bg subtitles                                                                                         .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\d200342e597687c397f52d\d200342e597687c397f52d .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\diskeeper\diskeeper                                                                                            .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\efadbece8743258130bc7006426aa835\efadbece8743258130bc7006426aa835 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\Enigma\enigma                                                                                               .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\ffc17bb0ef16b03560436a55230cc9a5\ffc17bb0ef16b03560436a55230cc9a5 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\karti\karti                                                                                                .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D\mission.london.dvdrip.xvid.ac3-kings\mission.london.dvdrip.xvid.ac3-kings .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pour widows xp pro .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro\crack  xp titi\crack  xp titi .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro\crack  xp titi\activation windows xp option 1\activation windows xp option 1 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro\crack  xp titi\activation windows xp option 2\activation windows xp option 2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro\crack  xp titi\activation windows xp option 2\outils\outils .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40
adia pilote tosiba l40 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\accessibility\accessibility .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\accessibility\French\french .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\acoustic silencer\acoustic silencer .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\acoustic silencer\French\french .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\assist\assist .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\assist\French\french .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset utility .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\chipset driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\All\all .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\lang .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\chip .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ARA\ara .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ARB\arb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\CHS\chs .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\CHT\cht .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\CSY\csy .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\DAN\dan .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\DEU\deu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ELL\ell .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ENG\eng .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ENU\enu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ESP\esp .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\FIN\fin .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\FRA\fra .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\FRC\frc .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\HEB\heb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\HUN\hun .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\ITA\ita .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\JPN\jpn .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\KOR\kor .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\NLD
ld .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\NOR
or .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PLK\plk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PLK\winrrarserialinstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PTB
okian73tools.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PTB\ptb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PTG\make windows original.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\PTG\ptg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\RUS\office2003 cd-key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\RUSus .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\SVE\office2007 serial.txt.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\SVE\sve .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\THA\kaspersky6.0 key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\THA	ha .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\TRK\jetaudio dump.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Lang\CHIP\TRK	rk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\Vista\vista .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\chipset utility\chipset driver\x64\x64 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\config free .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\card reader controller\card reader controller .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\card reader controllericoh r5c8xx media driver\MS\ms .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\card reader controllericoh r5c8xx media driver\XD\xd .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\french .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\eng .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\fug .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF1\cf1 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF1\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF2\cf2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF2\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF2\img2\img2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF3\cf3 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF3\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\ENG\FUG\CF3\img2\img2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\fre .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\fug .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF1\cf1 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF1\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF2\cf2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF2\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF2\img2\img2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF3\cf3 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF3\img\img .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\FRE\FUG\CF3\img2\img2 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles
dsfiles .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\cfskin .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\blue horizon\blue horizon .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\blue horizon\jetaudio dump.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\cyberspace\cyberspace .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\cyberspace\installmsn11ar.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\digital seed\digital seed .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\digital seed\installmsn11en.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\green hill\green hill .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\green hill\lock folder.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\metal work\crack_googleearthpro.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\metal work\metal work .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin
ature\americanonline.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin
ature
ature .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin
ormal\msjavx86.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin
ormal
ormal .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\psychedelic\floppydiskpartion.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\psychedelic\psychedelic .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\solid jaguar\installmsn11ar.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin\solid jaguar\solid jaguar .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin	oy\hp_laserjetallinoneconfig.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFSkin	oy	oy .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFView\cfview .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\cfwanimage\cfwanimage .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFXICON\cfxicon .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\CFXICON\winrrarserialinstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\ICON\icon .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\ICON
okian73tools.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Image\image .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Image\make windows original.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\launcher .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\office2003 cd-key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\image .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\microsoft windows network.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\Large\adjust time.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\Large\large .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\Normal
ormal .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\Launcher\Image\Normalecycle bin.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\samplejpeg\office2007 serial.txt.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\samplejpeg\samplejpeg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\SMSGIMG\kaspersky6.0 key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\NDSFiles\SMSGIMG\smsgimg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\REGeg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\config free\French\Service\service .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\display driver intel .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\windowsxp startmenu settings.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\graphics .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\makeurownfamilytree.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\browseallusers.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\lang .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\hdmi .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\showdesktop.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ara\ara .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ara\cd burner.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\chs\chs .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\cht\cht .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\csy\csy .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\dan\dan .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\deu\deu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ell\ell .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ENU\enu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\esp\esp .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\fin\fin .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\fra\fra .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\heb\heb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\hun\hun .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ita\ita .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\jpn\jpn .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\kor\kor .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI
ld
ld .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI
or
or .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\plk\plk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ptb\ptb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\ptg\ptg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMIusus .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\SKY\sky .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\SLV\slv .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI\sve\sve .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI	ha	ha .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Graphics\LANG\HDMI	rk	rk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\HDMI\hdmi .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\HDMI\win98compatiblexp.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\lang .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\lockwindowspartition.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\disk defragmenter.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\hdmi .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ara\ara .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\araecyclebinprotect.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\chs\chs .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\chs\faxsend.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\cht\cht .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\cht\windows keys secrets.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\csy\csy .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\csy\ide conector p2p.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\dan\dan .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\dan\winrrarserialinstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\deu\deu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\deu
okian73tools.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ell\ell .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ell\winrrarserialinstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ENU\enu .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ENU
okian73tools.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\esp\esp .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\fin\fin .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\fra\fra .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\heb\heb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\hun\hun .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ita\ita .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\jpn\jpn .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\kor\kor .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI
ld
ld .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI
or
or .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\plk\plk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ptb\ptb .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\ptg\ptg .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMIusus .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\SKY\sky .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\SLV\slv .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI\sve\sve .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI	ha	ha .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\display driver\display driver intel\Lang\HDMI	rk	rk .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\hotkey utilities for display devices\French\french .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\hotkey utilities for display devices\French\sony erikson digitalcam.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\installation instructions\installation instructions .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver\lan driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\microsoft msn.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver
etwork driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WIN2000adiotv.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WIN2000\win2000 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WIN98SE\antenna2net.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WIN98SE\win98se .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WINME\panasonicdvd_digitalcam.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WINME\winme .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WINXP\googletoolbarnotifier.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\lan driver
etwork driver\WINXP\winxp .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\modem driver\modem driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\modem driver\France\france .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\online product information\online product information .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40ealtek wireless lan adapter 8187bealtek wireless lan adapter 8187b .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sd utilities\sd utilities .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sd utilities\sd utilities\sd utilities .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sd utilities\sd utilities\winrrarserialinstall.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver
okian73tools.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\sound driver .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Config\config .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Config\make windows original.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\mshdqfe .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\office2003 cd-key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K3\installmsn11ar.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K3\win2k3 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K3\us\lock folder.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K3\us\us .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K_XP\installmsn11en.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K_XP\win2k_xp .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K_XP\us\crack_googleearthpro.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\MSHDQFE\Win2K_XP\us\us .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Vista\office2007 serial.txt.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Vista\vista .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Vista64\kaspersky6.0 key.doc.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\Vista64\vista64 .exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound driver\WDM\jetaudio dump.exe.vir (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\UsbFix\quarantine\D
adia pour widows xp pro
adia pilote tosiba l40\sound driver\sound drive

placebo33 · Answer

Et voici le rapport winchk 

Rapport WinChk v2.0 - 09/09/2011 à 12:01
Mis à jour le 08/07/11 à 16h par Xplode
Système d'exploitation : Microsoft Windows XP (32 bits) [version 5.1.2600] Service Pack 3
Nom d'utilisateur : nadia - NADIA-18C96A8A2 (Administrateur)
Exécuté depuis : C:\Documents and Settings
adia\Mes documents\Téléchargements\winchk0.exe


¤¤¤¤¤ Recherche | Registre ¤¤¤¤¤

... OK !

¤¤¤¤¤ Recherche | AntiWPA ¤¤¤¤¤

... OK !

¤¤¤¤¤ Recherche | KMS ¤¤¤¤¤

... OK !

¤¤¤¤¤ Recherche | Fichiers suspect ¤¤¤¤¤

... OK !

¤¤¤¤¤ Vérification | Fichiers système ¤¤¤¤¤

... OK !

¤¤¤¤¤ Vérification | Fichier Hosts ¤¤¤¤¤

... OK !

¤¤¤¤¤ Vérification | Windows Update ¤¤¤¤¤

¤ Paramètres : Les mises à jour automatiques sont activées et sont installées automatiquement.

¤ Dernière mise à jour détectée le 2011-09-09 à 00:04:51
¤ Dernière mise à jour téléchargée le 2011-09-09 à 00:25:45
¤ Dernière mise à jour installée le 2011-09-09 à 02:18:14

########## EOF - "C:\WinChk.txt" - [1075 octets] ##########

Smart91 · Answer

Relance MBAM et vide la quarantaine
Redémarre le PC.

Je voudrais également que tu passes cet outil:
https://support.kaspersky.com/fr/viruses/kvrt2015?level=2

Ferme touts tes applications
Lance Kaspersky removal tool
Clique sur la petite roue et dans zone d'analyse tu coches les cases suivantes:
- disque c:
- Mes documents.
ensuite dans actions, tu électionnes Executer l'action et tu coches les deux cases.
  
Tu cliques sur analyse automatique, tu lances une analyses
Un fois l'ananlyse terminée tu clique su l'icone documents pour les rapportsDans rapport danalyse tu fais exporter et tu postes le rapport dans ta réponse

Smart

Smart91 · Answer

Les rapports ne semblent rien montrer, mais ils sont tellement longs que j'ai peut-être loupé qq chose. As-tu vu lors de l'analyse des éléments infectieux détectés Tu peux refaire un scan complet avec MBAM. A la fin de l'analyse, clique sur "Afficher les résultats" * Coche tous les éléments détectés puis clique sur "Supprimer la sélection" Et poste le rapport directement dans ta réponse Smart

Virus GOMEO ??

24 réponses

Discussions similaires