Sujet Précédent Sujet Suivant

Les fameux lien de Google redirigés ...

Résolu/Fermé
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011 - 30 sept. 2011 à 12:52
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011 - 12 oct. 2011 à 20:52
Bonjour,


J'ai un "petit" soucis sur mon ordinateur ... mes liens Google me redirige vers d'autres moteur de recherche et ce quelque soit mon browsers (ie, safari, chrome ou ff). J'ai bien regardé tous les forums que j'ai pu trouver traitant ce sujet mais j'ai vite compris qu'à chaque fois les manipulations étaient différentes en fonction de où le virus c'est installé ...

J'aurais bien aimé vous poster un rapport hijackthis ou malwarebytes mais là encore, nouveau problème, qui doit surement provenir du virus, quelque soit le logiciel de sécurité, dés que je commence une analyse, celui-ci se ferme immédiatement ... Du coup, je ne sais pas vraiment que faire.

Merci d'avance pour votre aide !

A voir également:

11 réponses

Réponse 1 / 11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
30 sept. 2011 à 13:01
Salut,


Passe un coup de TDSSKiller : https://forum.malekal.com/viewtopic.php?t=28637&start=
Poste le rapport ici.
1
Réponse 2 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
30 sept. 2011 à 22:11
Salut ! Merci de ta réponse ! C'est le premier analyseur qui fonctionne jusqu'au bout et qui n'est pas bloqué par le virus !

Ci-dessous le rapport :
22:06:11.0281 4892 TDSS rootkit removing tool 2.6.2.0 Sep 26 2011 18:56:43
22:06:11.0578 4892 ============================================================
22:06:11.0578 4892 Current date / time: 2011/09/30 22:06:11.0578
22:06:11.0578 4892 SystemInfo:
22:06:11.0578 4892
22:06:11.0578 4892 OS Version: 5.1.2600 ServicePack: 2.0
22:06:11.0578 4892 Product type: Workstation
22:06:11.0578 4892 ComputerName: HN100147A1
22:06:11.0578 4892 UserName: coudfr01
22:06:11.0578 4892 Windows directory: C:\WINDOWS
22:06:11.0578 4892 System windows directory: C:\WINDOWS
22:06:11.0578 4892 Processor architecture: Intel x86
22:06:11.0578 4892 Number of processors: 4
22:06:11.0578 4892 Page size: 0x1000
22:06:11.0578 4892 Boot type: Normal boot
22:06:11.0578 4892 ============================================================
22:06:11.0765 4892 Initialize success
22:06:20.0781 5460 ============================================================
22:06:20.0781 5460 Scan started
22:06:20.0781 5460 Mode: Manual; SigCheck; TDLFS;
22:06:20.0781 5460 ============================================================
22:06:21.0375 5460 24a74327 (8f2bb1827cac01aee6a16e30a1260199) C:\WINDOWS\658745124:3680025816.exe
22:06:21.0484 5460 Suspicious file (Hidden): C:\WINDOWS\658745124:3680025816.exe. md5: 8f2bb1827cac01aee6a16e30a1260199
22:06:21.0484 5460 24a74327 ( HiddenFile.Multi.Generic ) - warning
22:06:21.0484 5460 24a74327 - detected HiddenFile.Multi.Generic (1)
22:06:21.0546 5460 Abiosdsk - ok
22:06:21.0546 5460 abp480n5 - ok
22:06:21.0609 5460 Acceler (af1f178b0218b44876e63bf0b019e96b) C:\WINDOWS\system32\DRIVERS\Accelern.sys
22:06:22.0421 5460 Acceler - ok
22:06:22.0562 5460 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:06:22.0703 5460 ACPI - ok
22:06:22.0734 5460 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
22:06:22.0812 5460 ACPIEC - ok
22:06:22.0812 5460 adpu160m - ok
22:06:22.0859 5460 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
22:06:23.0046 5460 aec - ok
22:06:23.0078 5460 AESTAud (822d53766d57c90c437536232ece9023) C:\WINDOWS\system32\drivers\AESTAud.sys
22:06:23.0140 5460 AESTAud - ok
22:06:23.0234 5460 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
22:06:23.0296 5460 AFD - ok
22:06:23.0296 5460 Aha154x - ok
22:06:23.0312 5460 aic78u2 - ok
22:06:23.0312 5460 aic78xx - ok
22:06:23.0328 5460 AliIde - ok
22:06:23.0328 5460 amsint - ok
22:06:23.0375 5460 apf001 - ok
22:06:23.0406 5460 ApfiltrService (83299c470907b54bb861b7ad55011871) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:06:23.0406 5460 ApfiltrService - ok
22:06:23.0453 5460 Appfilt (c720f427c7197170649a9eac0525da4f) C:\WINDOWS\system32\Drivers\Appfilt.sys
22:06:23.0453 5460 Appfilt - ok
22:06:23.0468 5460 Arp1394 (f0d692b0bffb46e30eb3cea168bbc49f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
22:06:23.0546 5460 Arp1394 - ok
22:06:23.0546 5460 asc - ok
22:06:23.0562 5460 asc3350p - ok
22:06:23.0578 5460 asc3550 - ok
22:06:23.0609 5460 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:06:23.0671 5460 AsyncMac - ok
22:06:23.0718 5460 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\drivers\atapi.sys
22:06:23.0781 5460 atapi - ok
22:06:23.0796 5460 Atdisk - ok
22:06:23.0796 5460 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:06:23.0875 5460 Atmarpc - ok
22:06:23.0890 5460 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:06:23.0953 5460 audstub - ok
22:06:24.0031 5460 BCM43XX (345d38f298368dd6b0df5c4f37457a22) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
22:06:24.0203 5460 BCM43XX - ok
22:06:24.0218 5460 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:06:24.0296 5460 Beep - ok
22:06:24.0328 5460 BTWUSB (f9b15cfaef98d8117313c6c4215b9eac) C:\WINDOWS\system32\Drivers\btwusb.sys
22:06:24.0328 5460 BTWUSB - ok
22:06:24.0359 5460 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:06:24.0421 5460 cbidf2k - ok
22:06:24.0437 5460 CCDECODE (6163ed60b684bab19d3352ab22fc48b2) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:06:24.0500 5460 CCDECODE - ok
22:06:24.0515 5460 cd20xrnt - ok
22:06:24.0531 5460 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:06:24.0593 5460 Cdaudio - ok
22:06:24.0609 5460 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
22:06:24.0671 5460 Cdfs - ok
22:06:24.0687 5460 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:06:24.0750 5460 Cdrom - ok
22:06:24.0765 5460 Changer - ok
22:06:24.0796 5460 CISMBIOS (8acabab9bf4742840c51331b6573a94e) C:\WINDOWS\system32\drivers\cismbios.sys
22:06:24.0796 5460 CISMBIOS ( UnsignedFile.Multi.Generic ) - warning
22:06:24.0796 5460 CISMBIOS - detected UnsignedFile.Multi.Generic (1)
22:06:24.0828 5460 CmBatt (4266be808f85826aedf3c64c1e240203) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
22:06:24.0890 5460 CmBatt - ok
22:06:24.0906 5460 CmdIde - ok
22:06:24.0906 5460 Compbatt (df1b1a24bf52d0ebc01ed4ece8979f50) C:\WINDOWS\system32\DRIVERS\compbatt.sys
22:06:24.0984 5460 Compbatt - ok
22:06:24.0984 5460 Cpqarray - ok
22:06:25.0015 5460 cvusbdrv (d1697063e2cdb6575aa46d668ffee825) C:\WINDOWS\system32\Drivers\cvusbdrv.sys
22:06:25.0015 5460 cvusbdrv - ok
22:06:25.0015 5460 dac2w2k - ok
22:06:25.0031 5460 dac960nt - ok
22:06:25.0046 5460 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
22:06:25.0109 5460 Disk - ok
22:06:25.0140 5460 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
22:06:25.0234 5460 dmboot - ok
22:06:25.0234 5460 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
22:06:25.0312 5460 dmio - ok
22:06:25.0328 5460 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:06:25.0421 5460 dmload - ok
22:06:25.0453 5460 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
22:06:25.0531 5460 DMusic - ok
22:06:25.0546 5460 DNE (8436ae66e15a7abeddddb6f1aacb7649) C:\WINDOWS\system32\DRIVERS\dne2000.sys
22:06:25.0546 5460 DNE - ok
22:06:25.0562 5460 dpti2o - ok
22:06:25.0578 5460 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
22:06:25.0656 5460 drmkaud - ok
22:06:25.0671 5460 dsNcAdpt (4823163c246868863d41a2f5ee06a21e) C:\WINDOWS\system32\DRIVERS\dsNcAdpt.sys
22:06:25.0687 5460 dsNcAdpt - ok
22:06:25.0703 5460 e1kexpress (9f7ae949202f0ef6b17dd3cc5c117ad3) C:\WINDOWS\system32\DRIVERS\e1k5132.sys
22:06:25.0718 5460 e1kexpress - ok
22:06:25.0765 5460 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
22:06:25.0843 5460 Fastfat - ok
22:06:25.0843 5460 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\drivers\Fdc.sys
22:06:25.0921 5460 Fdc - ok
22:06:25.0937 5460 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
22:06:26.0015 5460 Fips - ok
22:06:26.0031 5460 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\drivers\Flpydisk.sys
22:06:26.0093 5460 Flpydisk - ok
22:06:26.0125 5460 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
22:06:26.0328 5460 FltMgr - ok
22:06:26.0343 5460 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:06:26.0421 5460 Fs_Rec - ok
22:06:26.0437 5460 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:06:26.0500 5460 Ftdisk - ok
22:06:26.0515 5460 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:06:26.0593 5460 Gpc - ok
22:06:26.0609 5460 HDAudBus (3fcc124b6e08ee0e9351f717dd136939) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:06:26.0656 5460 HDAudBus - ok
22:06:26.0687 5460 HidUsb (1de6783b918f540149aa69943bdfeba8) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:06:26.0750 5460 HidUsb - ok
22:06:26.0765 5460 hpn - ok
22:06:26.0781 5460 HTTP (cb77bb47e67e84deb17ba29632501730) C:\WINDOWS\system32\Drivers\HTTP.sys
22:06:26.0984 5460 HTTP - ok
22:06:27.0000 5460 i2omgmt - ok
22:06:27.0015 5460 i2omp - ok
22:06:27.0046 5460 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:06:27.0109 5460 i8042prt - ok
22:06:27.0109 5460 iaahci - ok
22:06:27.0156 5460 ialm (6f98ab7933e98f49654ac5e1b9f87cf3) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
22:06:27.0328 5460 ialm - ok
22:06:27.0390 5460 iaStor (26541a068572f650a2fa490726fe81be) C:\WINDOWS\system32\DRIVERS\iaStor.sys
22:06:27.0406 5460 iaStor - ok
22:06:27.0453 5460 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:06:27.0515 5460 Imapi - ok
22:06:27.0546 5460 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\WINDOWS\system32\DRIVERS\Impcd.sys
22:06:27.0578 5460 Impcd - ok
22:06:27.0593 5460 ini910u - ok
22:06:27.0593 5460 IntcDAud (6fc3b9c53f1a8e19fc1761a8022da8eb) C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:06:27.0640 5460 IntcDAud - ok
22:06:27.0640 5460 IntelIde - ok
22:06:27.0671 5460 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:06:27.0765 5460 intelppm - ok
22:06:27.0796 5460 Ip6Fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
22:06:27.0875 5460 Ip6Fw - ok
22:06:27.0890 5460 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:06:27.0984 5460 IpFilterDriver - ok
22:06:28.0000 5460 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:06:28.0078 5460 IpInIp - ok
22:06:28.0125 5460 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:06:28.0343 5460 IpNat - ok
22:06:28.0375 5460 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:06:28.0437 5460 IPSec - ok
22:06:28.0484 5460 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:06:28.0531 5460 IRENUM - ok
22:06:28.0562 5460 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:06:28.0671 5460 isapnp - ok
22:06:28.0718 5460 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:06:28.0796 5460 Kbdclass - ok
22:06:28.0828 5460 kbdhid (e182fa8e49e8ee41b4adc53093f3c7e6) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:06:28.0906 5460 kbdhid - ok
22:06:28.0953 5460 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
22:06:29.0171 5460 kmixer - ok
22:06:29.0203 5460 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
22:06:29.0265 5460 KSecDD - ok
22:06:29.0281 5460 lbrtfdc - ok
22:06:29.0312 5460 ldblank (b42d0d37f8c76ed9a462404afe520edb) C:\WINDOWS\system32\DRIVERS\ldblank.sys
22:06:29.0343 5460 ldblank - ok
22:06:29.0390 5460 ldmirror (a3b89beb5fb3ad3bef5e58a5885aea63) C:\WINDOWS\system32\DRIVERS\ldmirror.sys
22:06:29.0406 5460 ldmirror - ok
22:06:29.0421 5460 mirrorflt (aadae4ec10f7075217e87c5cfc0580c9) C:\WINDOWS\system32\DRIVERS\mirrorflt.sys
22:06:29.0421 5460 mirrorflt - ok
22:06:29.0453 5460 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:06:29.0531 5460 mnmdd - ok
22:06:29.0562 5460 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
22:06:29.0656 5460 Modem - ok
22:06:29.0687 5460 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:06:29.0750 5460 Mouclass - ok
22:06:29.0796 5460 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:06:29.0875 5460 mouhid - ok
22:06:29.0890 5460 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
22:06:29.0968 5460 MountMgr - ok
22:06:29.0984 5460 mraid35x - ok
22:06:30.0015 5460 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:06:30.0250 5460 MRxDAV - ok
22:06:30.0250 5460 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:06:30.0296 5460 MRxSmb - ok
22:06:30.0359 5460 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
22:06:30.0437 5460 Msfs - ok
22:06:30.0468 5460 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:06:30.0546 5460 MSKSSRV - ok
22:06:30.0562 5460 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:06:30.0640 5460 MSPCLOCK - ok
22:06:30.0640 5460 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
22:06:30.0718 5460 MSPQM - ok
22:06:30.0750 5460 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:06:30.0828 5460 mssmbios - ok
22:06:30.0828 5460 MSTEE (bf13612142995096ab084f2db7f40f77) C:\WINDOWS\system32\drivers\MSTEE.sys
22:06:30.0906 5460 MSTEE - ok
22:06:30.0921 5460 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
22:06:31.0000 5460 Mup - ok
22:06:31.0046 5460 NABTSFEC (5c8dc6429c43dc6177c1fa5b76290d1a) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:06:31.0125 5460 NABTSFEC - ok
22:06:31.0156 5460 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
22:06:31.0234 5460 NDIS - ok
22:06:31.0250 5460 NdisIP (520ce427a8b298f54112857bcf6bde15) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:06:31.0328 5460 NdisIP - ok
22:06:31.0359 5460 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:06:31.0437 5460 NdisTapi - ok
22:06:31.0453 5460 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:06:31.0515 5460 Ndisuio - ok
22:06:31.0531 5460 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:06:31.0609 5460 NdisWan - ok
22:06:31.0609 5460 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
22:06:31.0671 5460 NDProxy - ok
22:06:31.0687 5460 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:06:31.0765 5460 NetBIOS - ok
22:06:31.0828 5460 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:06:31.0890 5460 NetBT - ok
22:06:31.0937 5460 NIC1394 (5c5c53db4fef16cf87b9911c7e8c6fbc) C:\WINDOWS\system32\DRIVERS\nic1394.sys
22:06:32.0031 5460 NIC1394 - ok
22:06:32.0046 5460 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
22:06:32.0109 5460 Npfs - ok
22:06:32.0140 5460 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
22:06:32.0359 5460 Ntfs - ok
22:06:32.0406 5460 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:06:32.0468 5460 Null - ok
22:06:32.0500 5460 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:06:32.0562 5460 NwlnkFlt - ok
22:06:32.0578 5460 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:06:32.0640 5460 NwlnkFwd - ok
22:06:32.0687 5460 OA015Afx (0f538df1673e5216f3baacb6911d9d0f) C:\WINDOWS\system32\Drivers\OA015Afx.sys
22:06:32.0703 5460 OA015Afx - ok
22:06:32.0718 5460 OA015Vid (1a4a57d16df0b6a48ba117eaf913a22f) C:\WINDOWS\system32\DRIVERS\OA015Vid.sys
22:06:32.0718 5460 OA015Vid - ok
22:06:32.0734 5460 oem7 - ok
22:06:32.0750 5460 ohci1394 (0951db8e5823ea366b0e408d71e1ba2a) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
22:06:32.0812 5460 ohci1394 - ok
22:06:32.0843 5460 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
22:06:32.0921 5460 Parport - ok
22:06:32.0937 5460 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
22:06:33.0015 5460 PartMgr - ok
22:06:33.0046 5460 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:06:33.0109 5460 ParVdm - ok
22:06:33.0125 5460 PBADRV (4088c1ecd1f54281a92fa663b0fdc36f) C:\WINDOWS\system32\DRIVERS\PBADRV.sys
22:06:33.0140 5460 PBADRV - ok
22:06:33.0140 5460 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
22:06:33.0218 5460 PCI - ok
22:06:33.0218 5460 PCIDump - ok
22:06:33.0234 5460 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
22:06:33.0296 5460 PCIIde - ok
22:06:33.0312 5460 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
22:06:33.0375 5460 Pcmcia - ok
22:06:33.0390 5460 PDCOMP - ok
22:06:33.0390 5460 PDFRAME - ok
22:06:33.0406 5460 PDRELI - ok
22:06:33.0406 5460 PDRFRAME - ok
22:06:33.0421 5460 perc2 - ok
22:06:33.0421 5460 perc2hib - ok
22:06:33.0437 5460 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:06:33.0515 5460 PptpMiniport - ok
22:06:33.0531 5460 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:06:33.0593 5460 Ptilink - ok
22:06:33.0609 5460 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:06:33.0609 5460 PxHelp20 - ok
22:06:33.0625 5460 ql1080 - ok
22:06:33.0625 5460 Ql10wnt - ok
22:06:33.0640 5460 ql12160 - ok
22:06:33.0640 5460 ql1240 - ok
22:06:33.0656 5460 ql1280 - ok
22:06:33.0656 5460 QtineFtr (3cb7926170e8a43577b11e0bc5c89d39) C:\WINDOWS\system32\Drivers\QtineFtr.sys
22:06:33.0671 5460 QtineFtr - ok
22:06:33.0671 5460 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:06:33.0734 5460 RasAcd - ok
22:06:33.0750 5460 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:06:33.0828 5460 Rasl2tp - ok
22:06:33.0828 5460 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:06:33.0906 5460 RasPppoe - ok
22:06:33.0906 5460 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:06:33.0984 5460 Raspti - ok
22:06:34.0015 5460 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:06:34.0234 5460 Rdbss - ok
22:06:34.0250 5460 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:06:34.0328 5460 RDPCDD - ok
22:06:34.0359 5460 rdpdr (a2cae2c60bc37e0751ef9dda7ceaf4ad) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:06:34.0437 5460 rdpdr - ok
22:06:34.0484 5460 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
22:06:34.0687 5460 RDPWD - ok
22:06:34.0718 5460 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
22:06:34.0750 5460 RimVSerPort - ok
22:06:34.0781 5460 risdpcie (f3095d13ba9ed73b10005c94ec0118f4) C:\WINDOWS\system32\DRIVERS\risdpe86.sys
22:06:34.0812 5460 risdpcie - ok
22:06:34.0812 5460 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
22:06:34.0906 5460 ROOTMODEM - ok
22:06:34.0937 5460 SAVOnAccessControl (c2ce783153bfefdb28cf3abd2fb84b48) C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys
22:06:34.0937 5460 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys. Real md5: c2ce783153bfefdb28cf3abd2fb84b48, Fake md5: d9df915972694b5274facc8d00492acd
22:06:34.0937 5460 SAVOnAccessControl ( Rootkit.Win32.ZAccess.e ) - infected
22:06:34.0937 5460 SAVOnAccessControl - detected Rootkit.Win32.ZAccess.e (0)
22:06:34.0937 5460 SAVOnAccessFilter (31b35cca652a3553fa4fb99ea79c35bf) C:\WINDOWS\system32\DRIVERS\savonaccessfilter.sys
22:06:34.0968 5460 SAVOnAccessFilter - ok
22:06:35.0000 5460 scfdriver (34c16fe4a6e981aa7f28883fa1fcb69c) C:\WINDOWS\system32\Drivers\scfdriver.sys
22:06:35.0015 5460 scfdriver - ok
22:06:35.0031 5460 scfint (e808fad73e036b8d4ab402bbf9007465) C:\WINDOWS\system32\DRIVERS\scfint.sys
22:06:35.0031 5460 scfint - ok
22:06:35.0046 5460 sdcfilter (a957fd57a6ae1597943e4590de10669b) C:\WINDOWS\system32\DRIVERS\sdcfilter.sys
22:06:35.0062 5460 sdcfilter - ok
22:06:35.0093 5460 Secdrv (d26e26ea516450af9d072635c60387f4) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:06:35.0125 5460 Secdrv - ok
22:06:35.0140 5460 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\drivers\Serial.sys
22:06:35.0218 5460 Serial - ok
22:06:35.0234 5460 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:06:35.0296 5460 Sfloppy - ok
22:06:35.0312 5460 Simbad - ok
22:06:35.0328 5460 SLIP (5caeed86821fa2c6139e32e9e05ccdc9) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:06:35.0406 5460 SLIP - ok
22:06:35.0437 5460 SophosBootDriver (3bdf94e0827d13e44249a646f6c0eb7c) C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys
22:06:35.0484 5460 SophosBootDriver - ok
22:06:35.0500 5460 Sparrow - ok
22:06:35.0531 5460 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
22:06:35.0734 5460 splitter - ok
22:06:35.0750 5460 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
22:06:35.0796 5460 sr - ok
22:06:35.0859 5460 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
22:06:35.0937 5460 Srv - ok
22:06:35.0953 5460 stdflt (a5b83c8050572622e5c43b5b3326a129) C:\WINDOWS\system32\DRIVERS\stdfltn.sys
22:06:35.0953 5460 stdflt - ok
22:06:36.0046 5460 STHDA (391d03926371e2a14775ad3005bfed3b) C:\WINDOWS\system32\drivers\sthda.sys
22:06:36.0078 5460 STHDA - ok
22:06:36.0125 5460 streamip (284c57df5dc7abca656bc2b96a667afb) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:06:36.0218 5460 streamip - ok
22:06:36.0234 5460 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:06:36.0296 5460 swenum - ok
22:06:36.0328 5460 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
22:06:36.0390 5460 swmidi - ok
22:06:36.0406 5460 symc810 - ok
22:06:36.0421 5460 symc8xx - ok
22:06:36.0421 5460 sym_hi - ok
22:06:36.0437 5460 sym_u3 - ok
22:06:36.0453 5460 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
22:06:36.0515 5460 sysaudio - ok
22:06:36.0562 5460 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:06:36.0593 5460 Tcpip - ok
22:06:36.0625 5460 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:06:36.0703 5460 TDPIPE - ok
22:06:36.0734 5460 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
22:06:36.0828 5460 TDTCP - ok
22:06:36.0828 5460 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:06:36.0890 5460 TermDD - ok
22:06:36.0937 5460 TIEHDUSB (a1124ebc672aa3ae1b327096c1dcc346) C:\WINDOWS\system32\drivers\tiehdusb.sys
22:06:36.0937 5460 TIEHDUSB ( UnsignedFile.Multi.Generic ) - warning
22:06:36.0937 5460 TIEHDUSB - detected UnsignedFile.Multi.Generic (1)
22:06:36.0937 5460 TosIde - ok
22:06:36.0968 5460 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
22:06:37.0031 5460 Udfs - ok
22:06:37.0046 5460 ultra - ok
22:06:37.0078 5460 Update (5a51b4cd1709c6a12fe6715b51229ed0) C:\WINDOWS\system32\DRIVERS\update.sys
22:06:37.0281 5460 Update - ok
22:06:37.0312 5460 usbccgp (bffd9f120cc63bcbaa3d840f3eef9f79) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:06:37.0375 5460 usbccgp - ok
22:06:37.0437 5460 USBCCID (64ca8ed4b0980aae46beb3727046e860) C:\WINDOWS\system32\DRIVERS\usbccid.sys
22:06:37.0468 5460 USBCCID - ok
22:06:37.0515 5460 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:06:37.0609 5460 usbehci - ok
22:06:37.0656 5460 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:06:37.0718 5460 usbhub - ok
22:06:37.0750 5460 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:06:37.0828 5460 usbscan - ok
22:06:37.0875 5460 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:06:37.0953 5460 USBSTOR - ok
22:06:38.0000 5460 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
22:06:38.0062 5460 VgaSave - ok
22:06:38.0078 5460 ViaIde - ok
22:06:38.0093 5460 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
22:06:38.0156 5460 VolSnap - ok
22:06:38.0187 5460 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:06:38.0265 5460 Wanarp - ok
22:06:38.0296 5460 WavxDMgr (81f117b7834fa0b78c2354208d185528) C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
22:06:38.0296 5460 WavxDMgr ( UnsignedFile.Multi.Generic ) - warning
22:06:38.0296 5460 WavxDMgr - detected UnsignedFile.Multi.Generic (1)
22:06:38.0328 5460 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
22:06:38.0343 5460 Wdf01000 - ok
22:06:38.0359 5460 WDICA - ok
22:06:38.0375 5460 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
22:06:38.0593 5460 wdmaud - ok
22:06:38.0625 5460 WmiAcpi (ae2c8544e747c20062db27456ea2d67a) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
22:06:38.0687 5460 WmiAcpi - ok
22:06:38.0718 5460 WSTCODEC (d5842484f05e12121c511aa93f6439ec) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:06:38.0781 5460 WSTCODEC - ok
22:06:38.0828 5460 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
22:06:39.0125 5460 \Device\Harddisk0\DR0 - ok
22:06:39.0125 5460 Boot (0x1200) (2663a7a93eaa3573f329b53542d93d05) \Device\Harddisk0\DR0\Partition0
22:06:39.0125 5460 \Device\Harddisk0\DR0\Partition0 - ok
22:06:39.0125 5460 ============================================================
22:06:39.0125 5460 Scan finished
22:06:39.0125 5460 ============================================================
22:06:39.0265 5452 Detected object count: 5
22:06:39.0265 5452 Actual detected object count: 5
22:06:55.0390 5452 HKLM\SYSTEM\ControlSet001\services\24a74327 - will be deleted on reboot
22:06:55.0390 5452 HKLM\SYSTEM\ControlSet002\services\24a74327 - will be deleted on reboot
22:06:55.0390 5452 C:\WINDOWS\658745124:3680025816.exe - will be deleted on reboot
22:06:55.0390 5452 24a74327 ( HiddenFile.Multi.Generic ) - User select action: Delete
22:06:55.0390 5452 HKLM\SYSTEM\ControlSet001\services\CISMBIOS - will be deleted on reboot
22:06:55.0390 5452 HKLM\SYSTEM\ControlSet002\services\CISMBIOS - will be deleted on reboot
22:06:55.0390 5452 C:\WINDOWS\system32\drivers\cismbios.sys - will be deleted on reboot
22:06:55.0390 5452 CISMBIOS ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:06:55.0562 5452 Backup copy found, using it..
22:06:55.0562 5452 C:\WINDOWS\system32\DRIVERS\savonaccesscontrol.sys - will be cured on reboot
22:06:55.0562 5452 SAVOnAccessControl ( Rootkit.Win32.ZAccess.e ) - User select action: Cure
22:06:55.0562 5452 HKLM\SYSTEM\ControlSet001\services\TIEHDUSB - will be deleted on reboot
22:06:55.0562 5452 HKLM\SYSTEM\ControlSet002\services\TIEHDUSB - will be deleted on reboot
22:06:55.0562 5452 C:\WINDOWS\system32\drivers\tiehdusb.sys - will be deleted on reboot
22:06:55.0562 5452 TIEHDUSB ( UnsignedFile.Multi.Generic ) - User select action: Delete
22:06:55.0578 5452 HKLM\SYSTEM\ControlSet001\services\WavxDMgr - will be deleted on reboot
22:06:55.0578 5452 HKLM\SYSTEM\ControlSet002\services\WavxDMgr - will be deleted on reboot
22:06:55.0578 5452 C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys - will be deleted on reboot
22:06:55.0578 5452 WavxDMgr ( UnsignedFile.Multi.Generic ) - User select action: Delete
0
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
1 oct. 2011 à 02:01
faut pas faire delete sur tous les drivers :/

là tu vas avoir des trucs qui vont plus marcher :/

comment se comporte le PC là ?
0
Utilisateur anonyme
1 oct. 2011 à 02:22
hello Mak enorme ce rapport !!
0
Réponse 3 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
1 oct. 2011 à 09:32
T'inquiète pour les drivers, j'ai ce qu'il faut pour les réinstaller si besoin ! Alors niveau comportement de l'ordinateur :
- à chaque fin d'analyse il me proposait de redémarrer mon ordi et retrouver le meme virus après analyse.
- les liens google ne fonctionne toujours pas
- je peux toujours pas faire d'analyse avec hijackthis ou malwarebytes par contre j'ai réussi à mettre malwarebytes en démarrage automatique donc il démarre quand je démarre l'ordi et il emepeche l'ouverture d'à peu prés 15 ou 20 pages de pub !

Marche à suivre pour la suite ?!

Merci en tout cas de ton aide
0
Réponse 4 / 11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
1 oct. 2011 à 10:14
Passe ça : https://www.malekal.com/zeroaccesssirefef-remover/
Poste le rapport ici.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
1 oct. 2011 à 10:40
J'ai passé ce que tu m'as dit et redémarrer l'ordinateur. Rien à changé. Rapport ci-dessous :
Webroot AntiZeroAccess 0.8 Log File
Execution time: 01/10/2011 - 10:15
Host operation System: Windows Xp X86 version 5.1.2600 Service Pack 2
10:15:45 - CheckSystem - Begin to check system...
10:15:45 - OpenRootDrive - Opening system root volume and physical drive....
10:15:45 - C Root Drive: Disk number: 0 Start sector: 0x0000003F Partition Size: 0x12A18A82 sectors.
10:15:45 - PrevX Main driver extracted in "C:\WINDOWS\system32\drivers\ZeroAccess.sys".
10:15:45 - InstallAndStartDriver - Main driver was installed and now is running.
10:15:45 - CheckSystem - Warning! Disk class driver is INFECTED.
10:15:47 - CheckFile - Warning! File "QtineFtr.sys" is Infected by ZeroAccess Rootkit.
10:15:57 - DoSecondPhaseCheck - Found and destroyed ZeroAccess self defense Service Key: "24a74327".
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\LANDesk\Shared Files\residentagent.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\juniper networks\common files\dsncservice.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\stmicroelectronics\accelerometerp11\installfilterservice.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\LANDesk\LDClient\LocalSch.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\windows\system32\cba\pds.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\progra~1\landesk\ldclient\issuser.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Java\jre6\bin\jqs.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\common files\juniper networks\juns\dsaccessservice.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\LANDesk\LDClient\policy.client.invoker.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\landesk\ldclient\tmcsvc.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe
10:15:57 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe
10:15:57 - CheckExecutableEP - Unable to open "C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe" file. CreateFile last error: 5
10:15:58 - CheckExecutableEP - Unable to open "C:\Program Files\LANDesk\LDClient\softmon.exe" file. CreateFile last error: 5
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\AutoUpdate\ALsvc.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Sophos Compliance Agent\AgentAPI.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: C:\Program Files\Sophos\Remote Management System\RouterNT.exe
10:15:58 - DoSecondPhaseCheck - Warning! Found a ZeroAccess forged PE: c:\drivers\divers\stacsv.exe
10:16:06 - DoRepair - Begin to perform system repair....
10:16:07 - DoRepair - System Disk class driver was repaired.
10:16:07 - DoRepair - Infected "QtineFtr.sys" file was renamed.
10:16:07 - DoRepair - Infected "QtineFtr.sys" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\adobe\photoshop elements 3.0\photoshopelementsfileagent.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\adobe\photoshop elements 3.0\Pre39.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "photoshopelementsfileagent.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "photoshopelementsfileagent.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Dell\Dell ControlPoint\Pre3A.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "DCPButtonSvc.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "DCPButtonSvc.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\LANDesk\Shared Files\residentagent.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\LANDesk\Shared Files\Pre3B.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "residentagent.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "residentagent.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\Pre3C.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "HostControlService.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "HostControlService.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\Pre3D.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "HostStorageService.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "HostStorageService.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Dell\Dell ControlPoint\System Manager\Pre3E.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "DCPSysMgrSvc.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "DCPSysMgrSvc.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\juniper networks\common files\dsncservice.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\juniper networks\common files\Pre3F.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "dsncservice.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "dsncservice.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\stmicroelectronics\accelerometerp11\installfilterservice.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\stmicroelectronics\accelerometerp11\Pre40.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "installfilterservice.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "installfilterservice.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\LANDesk\LDClient\LocalSch.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\LANDesk\LDClient\Pre41.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "LocalSch.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "LocalSch.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\windows\system32\cba\pds.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\windows\system32\cba\Pre42.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "pds.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "pds.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\progra~1\landesk\ldclient\issuser.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\progra~1\landesk\ldclient\Pre43.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "issuser.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "issuser.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Java\jre6\bin\jqs.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Java\jre6\bin\Pre44.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "jqs.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "jqs.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\common files\juniper networks\juns\dsaccessservice.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\common files\juniper networks\juns\Pre45.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "dsaccessservice.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "dsaccessservice.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\LANDesk\LDClient\policy.client.invoker.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\LANDesk\LDClient\Pre46.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "policy.client.invoker.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "policy.client.invoker.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\landesk\ldclient\tmcsvc.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\landesk\ldclient\Pre47.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "tmcsvc.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "tmcsvc.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Malwarebytes' Anti-Malware\Pre48.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "mbamservice.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "mbamservice.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\Pre49.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "MDM.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "MDM.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.exe" file.
10:16:07 - DoRepair - Infected "OSE.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\program files\adobe\photoshop elements 3.0\photoshopelementsdeviceconnect.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\program files\adobe\photoshop elements 3.0\Pre4A.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "photoshopelementsdeviceconnect.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "photoshopelementsdeviceconnect.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Sophos Anti-Virus\Pre4B.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "SAVAdminService.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "SAVAdminService.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Remote Management System\ManagementAgentNT.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Remote Management System\Pre4C.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "ManagementAgentNT.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "ManagementAgentNT.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\AutoUpdate\ALsvc.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\AutoUpdate\Pre4D.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "ALsvc.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "ALsvc.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Sophos Client Firewall\SCFService.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Sophos Client Firewall\Pre4E.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "SCFService.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "SCFService.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Sophos Client Firewall\SCFManager.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Sophos Client Firewall\Pre4F.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "SCFManager.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "SCFManager.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Sophos Compliance Agent\AgentAPI.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Sophos Compliance Agent\Pre50.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "AgentAPI.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "AgentAPI.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "C:\Program Files\Sophos\Remote Management System\RouterNT.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "C:\Program Files\Sophos\Remote Management System\Pre51.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "RouterNT.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "RouterNT.exe" file was successfully cleaned!
10:16:07 - CheckExecutableEP - Error! Unable to repair read-only "c:\drivers\divers\stacsv.exe" file.
10:16:07 - CheckExecutableEP - Successfuly rewritten repaired "c:\drivers\divers\Pre52.tmp" file.
10:16:07 - DoRepair - Unable to repair read-only "stacsv.exe" file, file was copied and patched with another name. Reboot system to complete repair process.
10:16:07 - DoRepair - Infected "stacsv.exe" file was successfully cleaned!
10:16:07 - DoRepair - "c_12345.nls" ZeroAccess file NOT found.
10:16:07 - DoRepair - Warning! Unable to delete "desktop.ini" ZeroAccess file, last error: 5. This file will be removed at next reboot.
10:16:20 - StopAndRemoveDriver - AntiZeroAccess Driver is stopped and removed.
10:16:20 - StopAndRemoveDriver - File "ZeroAccess.sys" was deleted!
10:16:20 - Execution Ended!
0
Réponse 6 / 11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
1 oct. 2011 à 14:08
humm..

10:16:07 - DoRepair - "c_12345.nls" ZeroAccess file NOT found.

TDSSKiller trouve encore des trucs ?

* Télécharge http://www.geekstogo.com/forum/files/file/398-otl-oldtimers-list-it/ sur ton bureau.
(Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)

* Lance OTL
* Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%temp%\.exe /s
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
/md5start
explorer.exe
winlogon.exe
wininit.exe
/md5stop
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
CREATERESTOREPOINT
nslookup www.google.fr /c
SAVEMBR:0
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
* Clique sur le bouton Analyse.
* Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
0
Réponse 7 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
2 oct. 2011 à 13:39
Salut,

Impossible de faire le scan ... le logiciel ne répond plus dés que le scan débute ... J'ai relancé les autres logiciels que tu m'a donné et j'ai toujours les memes virus qui sont détectés ... Une idée ?
0
Réponse 8 / 11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
2 oct. 2011 à 14:06
Ca sent le formatage :)

Sauvegarde tes documents importants.


Désactive les logiciels de protection (Antivirus, Antispywares) ensuite :

Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur combofix, accepte la licence d'utilisation et laisse toi guider.

Eventuellement, installe la console de récupération comme cela est conseillé

Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
Si le rapport ne passe pas, envoie le sur ce site : http://pjjoint.malekal.com/
et donne le lien ici :)

Tu as le tutorial sur ce lien pour t'aider : https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

PS : si Combofix ne se lance pas, renomme le fichier Combofix et retente.

Si pas mieux, tente en mode sans échec sans prise en charge du réseau : Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.
0
Réponse 9 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
11 oct. 2011 à 10:31
Salut !

Désolé pour le retard, j'étais en déplacement professionnel à l'étranger, donc pas de possibilité de toucher trop trop à mon ordi sous peine de perdre quelques heures de travail !

Enfin bon, je m'y suis mis hier et j'ai passé Combofox 2 fois :
premier log : https://pjjoint.malekal.com/files.php?read=d11l15l9u10e15t10w11b5d15v12z15p8y12b7g12n8i12y9p10u14
Deuxième log : https://pjjoint.malekal.com/files.php?read=g1312l914s12m9f12g13z13k7u146m9w5s9l11p10u910f14

Depuis, rootkit access zéro ne fonctionne plus !!! Yeeehaaa merci bien !!!

Maintenant, il faut que j'arrive à supprimer tous les autres virus qui se sont installés depuis que j'ai eu ce premier virus .... :( !

J'ai donc encore quelques virus : le double accent circonflexe (pas très pratique ! ^^), des pages qui veulent s'ouvrir toutes seules mais qui sont pour l'instant bloquées par Malware (la version d'évaluation s'arr^^ete dans deux jours donc après, ça va ^^etre autre chose ... ) !

J'ai donc passé MalwareByte :
rapport : https://pjjoint.malekal.com/files.php?read=s15n14g9c7p9j11p10l14g13c8s5q12u11c15t14g5z15d6d6j13

J'ai également passé deux autres antivirus juste pour bugbear et badtrans au cas où car ce sont les deux virus les plus courant pour ce double accent circonflexe ... sans résultat (les logiciels : bremove.exe badtrgui.com AntiBugBear.exe)

En tout cas, je peux repasser des antivirus, c'est déjà une très bonne chose !

Merci !
0
Réponse 10 / 11
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 661
Modifié par Malekal_morte- le 11/10/2011 à 11:35
hum...

2011-09-30 20:02 . 2011-10-10 18:42 48016 --sha-w- c:\windows\system32\c_64435.nl_

Rloader ?
http://www.malekal.com/2011/09/04/win32rloader-b-247-sys-c_7265211-nls/

Mais normalement c'est c_7265211.nls qui est mis.

Affiche les fichiers cachés : https://www.commentcamarche.net/informatique/windows/185-afficher-les-extensions-et-les-fichiers-caches-sous-windows/

Tu peux scanner ce fichier sur https://www.virustotal.com/gui/
pour voir et donner le lien de scan ici.


Supprime ces deux dossiers :
c:\documents and settings\coudfr01\Application Data\Lood
c:\documents and settings\coudfr01\Application Data\Kyirz

SHUT THE F*C*K UP, WE HAVE OTHER SONGS TOO !!
0
Réponse 11 / 11
Fanfoue73 Messages postés 7 Date d'inscription vendredi 30 septembre 2011 Statut Membre Dernière intervention 12 octobre 2011
12 oct. 2011 à 20:52
Salut,

Non, je n'avais pas essayé celui-ci. Ce matin, gros soucis, zero rootkit access était revenu, j e ne pouvais plus accéder à aucun programme, que ce soit lotus note ou encore le pack office, rien à faire ... Ca sentait le formatage, celui-ci est maintenant fiat ... ! La prochaine fois, je commencerai par là je crois ! ;-) ! Désolé de t'avoir fait perdre ton temps et un grand merci pour ton aide dans tout les cas :-) !

Encore merci ! Je passe ce sujet en résolu !

Bonne soirée,

Fanfoué !
0

Discussions similaires

"Aucune application permettant d'ouvrir cette URL"
sidojaice -
JIP -

24 réponses
lien copié
alaurore -
LEFEUVRE -

7 réponses