Plein de trojan trouvé..comment les eliminer!

jipi -  
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   -
Bonjour,
voici le rapport de Kapersky on line ........7 virus et 197 infected ...

Plien de trojans.principalement celui-ci------ Trojan.Win32.Gorshok.a...
Une aide me serait bien utile .Merci
------------------------------------------------------------------------------------------------------
Wednesday, December 19, 2007 12:42:10 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/12/2007
Kaspersky Anti-Virus database records: 486393

Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 109150
Number of viruses found 7
Number of infected objects 197
Number of suspicious objects 0
Duration of the scan process 01:36:43

Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

C:\WINDOWS\system32\config\Media Ce.evt Object is locked skipped

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

C:\WINDOWS\system32\config\DEFAULT Object is locked skipped

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped

C:\WINDOWS\system32\config\SYSTEM Object is locked skipped

C:\WINDOWS\system32\config\SAM Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

C:\WINDOWS\system32\h323log.txt Object is locked skipped

C:\WINDOWS\system32\IEDFix.exe Infected: Trojan.Win32.BHO.agh skipped

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_6e4.dat Object is locked skipped

C:\WINDOWS\Temp\Perflib_Perfdata_2c4.dat Object is locked skipped

C:\WINDOWS\Debug\WPD\wpdtrace.log Object is locked skipped

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{3D155E62-6E32-484F-8195-F1664FAC20CF}.crmlog Object is locked skipped

C:\WINDOWS\SoftwareDistribution\EventCache\{E1E8A0F8-0183-4E0E-8ACC-CA20AC0AE6EF}.bin Object is locked skipped

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

C:\WINDOWS\wiaservc.log Object is locked skipped

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

C:\WINDOWS\Sti_Trace.log Object is locked skipped

C:\WINDOWS\wiadebug.log Object is locked skipped

C:\WINDOWS\nretcip.exe Infected: not-a-virus:AdWare.Win32.Vapsup.qf skipped

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\NetworkService\ntuser.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped

C:\Documents and Settings\jp\ntuser.dat.LOG Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\msn6000.fdr Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\~DFB091.tmp Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\~DFB0A6.tmp Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\~DFBEDB.tmp Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\~DFBF04.tmp Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temp\BIT95.tmp Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Historique\History.IE5\index.dat Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Historique\History.IE5\MSHist012007121820071219\index.dat Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\Microsoft\Windows Live Contacts\helicotropicalserv@hotmail.com\real\members.stg Object is locked skipped

C:\Documents and Settings\jp\Local Settings\Application Data\Microsoft\Windows Live Contacts\helicotropicalserv@hotmail.com\shadow\members.stg Object is locked skipped

C:\Documents and Settings\jp\ntuser.dat Object is locked skipped

C:\Documents and Settings\jp\Bureau\Navilog1.exe/file09 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\jp\Bureau\Navilog1.exe Inno: infected - 1 skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix\SmitfraudFix\IEDFix.exe Infected: Trojan.Win32.BHO.agh skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix\IEDFix.exe Infected: Trojan.Win32.BHO.agh skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix.exe/data.rar/SmitfraudFix/IEDFix.exe Infected: Trojan.Win32.BHO.agh skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\Documents and Settings\jp\Bureau\SmitfraudFix.exe RarSFX: infected - 3 skipped

C:\Documents and Settings\jp\Bureau\mix\Nero-8.1.1.0b_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped

C:\Documents and Settings\jp\Bureau\mix\Nero-8.1.1.0b_fra_trial.exe 7-Zip: infected - 1 skipped

C:\Documents and Settings\jp\Cookies\index.dat Object is locked skipped

C:\Documents and Settings\jp\Application Data\MSN6\UserData\{9DCE0E8A-35FC-01C7-0300-0000A0D9FE27}\favthumb.dbx Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\FM_log.txt Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\TlibCmnDlgs_log.txt Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\HookStarter_log.txt Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\SpecificUSB_log.txt Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\DM_log.txt Object is locked skipped

C:\Documents and Settings\jp\Application Data\Sony Ericsson\Teleca\Telecalib\Logging\Application logs\appLauncher_all_log.txt Object is locked skipped

C:\Program Files\MSN\MSNCoreFiles\ui.mar Object is locked skipped

C:\Program Files\MSN\MSNCoreFiles\market.mar Object is locked skipped

C:\Program Files\MSN\MSNCoreFiles\market32.mar Object is locked skipped

C:\Program Files\MSN\MSNCoreFiles\themedef32.mar Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\inuse.txt Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\storydb.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\storydb.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\chn.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\chn.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_die.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_die.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_dnd.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_dnd.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_ext.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_ext.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_rcv.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs_rcv.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\prs.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\main.log Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\L0000003.FCS Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\chandir.dat Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\chandir.idx Object is locked skipped

C:\Program Files\Logitech\Desktop Messenger\8876480\Users\jp\Data\D0000000.FCS Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped

C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

C:\Program Files\Alwil Software\Avast4\DATA\clnr0.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000118.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000149.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP2\A0000249.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP2\A0000273.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP3\A0000292.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP3\A0001120.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP5\A0001182.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP5\A0001322.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP5\A0002322.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP5\A0002345.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002384.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002419.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002443.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002481.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002500.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP7\A0002559.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP8\A0002595.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP8\A0002620.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP8\A0002639.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP9\A0002672.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP9\A0002721.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP9\A0002758.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP9\A0002780.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP9\A0002799.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP10\A0002818.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP12\A0002828.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP12\A0003828.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP12\A0003863.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP12\A0003884.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP13\A0003911.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP13\A0003941.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP14\A0003982.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP14\A0004023.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP14\A0005023.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP15\A0006023.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006036.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006108.exe/WISE0044.BIN/stream/data0005 Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006108.exe/WISE0044.BIN/stream Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006108.exe/WISE0044.BIN Infected: not-a-virus:AdWare.Win32.Mostofate.j skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006108.exe WiseSFX: infected - 3 skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006108.exe WiseSFXDropper: infected - 3 skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006631.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP16\A0006667.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP17\A0006748.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP17\A0007748.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP17\A0007770.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP17\A0007797.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP18\A0007818.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP18\A0007845.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP19\A0007881.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP19\A0008845.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP19\A0008869.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP20\A0008907.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP20\A0009703.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP21\A0010703.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP21\A0010744.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP21\A0010766.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP21\A0010784.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP22\A0010813.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP22\A0010837.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP22\A0010886.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP23\A0012279.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP23\A0013279.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP23\A0014279.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP24\A0014353.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP24\A0014372.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP24\A0014393.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP25\A0014444.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP25\A0014466.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP25\A0015466.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP25\A0015486.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP25\A0015504.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP26\A0016504.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016523.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016539.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016557.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016575.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016595.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP27\A0016640.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0017640.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0017661.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0017718.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0017741.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0018741.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0019740.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0019772.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0019787.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP28\A0019816.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP29\A0019935.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP29\A0019989.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP30\A0020989.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP30\A0021022.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP31\A0021044.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP31\A0021055.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP32\A0022055.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP32\A0023055.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP33\A0023135.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP33\A0023157.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP33\A0024157.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP34\A0024177.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP34\A0024218.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0025218.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0025234.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0025303.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0026302.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0026321.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP35\A0027321.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0027355.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0027370.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0028370.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0028390.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0028416.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP36\A0028435.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP37\A0028459.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP37\A0028496.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP38\A0029496.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP38\A0029521.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP39\A0030521.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP40\A0030556.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP40\A0030579.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP41\A0030604.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP42\A0030624.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP42\A0031604.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP42\A0031626.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP43\A0031646.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP44\A0032626.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP46\A0033626.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP46\A0033652.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP46\A0033678.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP47\A0033710.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP47\A0033820.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP47\A0033840.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0033900.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0034900.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0034916.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0034933.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0035933.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0035949.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0035967.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP48\A0036967.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP49\A0037967.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP49\A0038967.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP49\A0039000.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039050.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039092.exe/data.rar/xpkey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039092.exe/data.rar/officekey.exe Infected: not-a-virus:PSWTool.Win32.RAS.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039092.exe/data.rar Infected: not-a-virus:PSWTool.Win32.RAS.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039092.exe RarSFX: infected - 3 skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0039101.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0040101.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP50\A0040126.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP51\A0040237.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP51\A0040283.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP52\A0040339.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP52\A0041338.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP52\A0041383.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP53\A0041401.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP53\A0041422.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP53\A0041471.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP54\A0041499.dll Infected: not-a-virus:AdWare.Win32.Vapsup.qf skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP54\A0041516.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP55\A0042516.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP55\A0042543.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP55\A0042566.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0042783.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0042812.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0044797.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0044843.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0044873.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP56\A0044924.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP57\A0045924.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP57\A0045972.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP57\A0046071.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP57\A0046101.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP57\A0047101.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP58\A0047147.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP58\A0047200.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP58\A0048209.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP58\A0048217.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP59\change.log Object is locked skipped

C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP59\A0048277.dll Infected: Trojan.Win32.Gorshok.a skipped

C:\_OTMoveIt\MovedFiles\WINDOWS\jetctrl.dll Infected: not-a-virus:AdWare.Win32.Vapsup.qf skipped

C:\_OTMoveIt\MovedFiles\WINDOWS\vipextmdx.dll Infected: not-a-virus:AdWare.Win32.Vapsup.qf skipped

C:\eDS_PSD_drive.vmdf Object is locked skipped

D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

D:\System Volume Information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP59\change.log Object is locked skipped

Scan process completed.
Configuration: Windows XP
Internet Explorer 7.0

15 réponses

  1. Utilisateur anonyme
     
    Salut,

    ha bah didon !

    Je regarde...

    Commence par poster un rapport HijackThis stp,
    Télécharge HiJackThis

    > Lance Hijackthis
    Puis sélectionne < do a system scan and save a logfile >,
    Et envoie, par collier/coller, ton log Hijackthis sur le forum,

    A+
    0
  2. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    bonsoir

    tu as déjà fait du ménage avec smitfraud, SDFix et OTMoveIT

    supprime tout ça, et refait un scan, on y verra déjà plus clair
    0
  3. jipi
     
    merci de repondre .........voici le rapport

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:00, on 2007-12-19
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    c:\program files\a-squared free\a2service.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Lexmark 2500 Series\lxddmon.exe
    C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files\NASDAK\OmniMouse Driver\4.1\MOUSE32A.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\lxddcoms.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MSNMES~2\msnmsgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\UltraDVD\DVDMon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
    C:\DOCUME~1\jp\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\MSN\MSNCoreFiles\msn6.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Documents and Settings\jp\Bureau\ToolsCleaner2.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.commentcamarche.net/forum/forum 7 virus securite
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.ca.acer.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
    O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
    O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.1\MOUSE32A.EXE
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [Gnetmous] C:\Program Files\KYE\RF Wireless PowerScroll Mouse\gnetmous.exe
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~2\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [UltraDVDMon] "C:\Program Files\UltraDVD\DVDMon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Photo Express SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe (file missing)
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
    0
  4. philae83 Messages postés 12854 Statut Contributeur sécurité 206
     
    fait ce que je te disais plus haut

    tu fais également du téléchargement. Crack etc....pas bon !

    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Et ensuite peux-tu faire un scanne d'un fichier :
    > Rends toi ensuite sur ce site virustotal et fais analyser le fichier :

    c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe

    et poste moi le resultat par copier/coller stp.
    0
    1. philae83 Messages postés 12854 Statut Contributeur sécurité 206
       
      bonsoir

      tu prends la suite ?
      0
      1. Utilisateur anonyme > philae83 Messages postés 12854 Statut Contributeur sécurité
         
        Bonsoir,

        Je sais pas...

        Non, je vais suivre et je m'exprimerai parfois (si tu n'y vois pas d'objection...).

        --
        0
  7. jipi
     
    voila le log .......

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 01:14, on 2007-12-19
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    c:\program files\a-squared free\a2service.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Lexmark 2500 Series\lxddmon.exe
    C:\Program Files\Lexmark 2500 Series\lxddamon.exe
    C:\Program Files\NASDAK\OmniMouse Driver\4.1\MOUSE32A.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\lxddcoms.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\MSNMES~2\msnmsgr.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\UltraDVD\DVDMon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
    C:\DOCUME~1\jp\LOCALS~1\Temp\RtkBtMnt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\MSN\MSNCoreFiles\msn6.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.commentcamarche.net/forum/forum 7 virus securite
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60327
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60327
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://fr.ca.acer.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
    O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
    O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\NASDAK\OmniMouse Driver\4.1\MOUSE32A.EXE
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [Gnetmous] C:\Program Files\KYE\RF Wireless PowerScroll Mouse\gnetmous.exe
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 1
    O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [LXDDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXDDtime.dll,_RunDLLEntry@16
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~2\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [UltraDVDMon] "C:\Program Files\UltraDVD\DVDMon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Photo Express SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LockServ - Unknown owner - C:\Acer\Empowering Technology\eLock\LockServ.exe (file missing)
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
    0
  8. Utilisateur anonyme
     
    Peux tu aussi analyser :

    > Rends toi ensuite sur ce site virustotal et fais analyser le fichier :
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    Pour trouver l'emplacement tape LManager.exe dans rechercher (démarrer => rechercher => tous les fichiers ou dossiers)
    et poste moi le resultat par copier/coller stp.
    --
    0
  9. jipi
     
    v oila , mais rien n est trouve

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2007.12.19.10 2007.12.18 -
    AntiVir 7.6.0.45 2007.12.18 -
    Authentium 4.93.8 2007.12.19 -
    Avast 4.7.1098.0 2007.12.18 -
    AVG 7.5.0.503 2007.12.19 -
    BitDefender 7.2 2007.12.18 -
    CAT-QuickHeal 9.00 2007.12.18 -
    ClamAV 0.91.2 2007.12.18 -
    DrWeb 4.44.0.09170 2007.12.18 -
    eSafe 7.0.15.0 2007.12.18 -
    eTrust-Vet 31.3.5386 2007.12.18 -
    Ewido 4.0 2007.12.18 -
    FileAdvisor 1 2007.12.19 -
    Fortinet 3.14.0.0 2007.12.18 -
    F-Prot 4.4.2.54 2007.12.18 -
    F-Secure 6.70.13030.0 2007.12.18 -
    Ikarus T3.1.1.15 2007.12.18 -
    Kaspersky 7.0.0.125 2007.12.19 -
    McAfee 5188 2007.12.18 -
    Microsoft 1.3109 2007.12.18 -
    NOD32v2 2731 2007.12.18 -
    Norman 5.80.02 2007.12.18 -
    Panda 9.0.0.4 2007.12.18 -
    Prevx1 V2 2007.12.19 -
    Rising 20.23.12.00 2007.12.18 -
    Sophos 4.24.0 2007.12.18 -
    Sunbelt 2.2.907.0 2007.12.19 -
    Symantec 10 2007.12.19 -
    TheHacker 6.2.9.164 2007.12.18 -
    VBA32 3.12.2.5 2007.12.18 -
    VirusBuster 4.3.26:9 2007.12.18 -
    Webwasher-Gateway 6.6.2 2007.12.19 -
    Information additionnelle
    File size: 109344 bytes
    MD5: 995d0b52870c7a5caf3ea165fd674a35
    SHA1: 1d5bf661291f8c534d3c6e36ec9de65d01d2efbf
    PEiD: -

    ATTENTION: VirusTotal iest un service gratuit offert par Hispasec Sistemas. Il n'y a aucune garantie quant à la disponibilité et la continuité de ce service. Bien que le taux de détection permis par l'utilisation de multiples moteurs antivirus soit bien supérieur à celui offert par seulement un produit, ces résultats NE garantissent PAS qu'un fichier est sans danger. Il n'y a actuellement aucune solution qui offre un taux d'efficacité de 100% pour la détection des virus et malwares.
    0
  10. jipi
     
    je ne voispas le dernier message No 10 ,,,il arrete a 9 , mon dernier message
    0
  11. Utilisateur anonyme
     
    Ok,
    jipi peux tu faire le poste 8 puis suivre les instructions de philae....
    0
  12. jipi
     
    je l ai deja envoyer en numero 9. vous ne l avez pas
    0
  13. Utilisateur anonyme
     
    Ce n'est pas le même poste en 8 (l'autre était en 5) : le revoilà :
    > Rends toi ensuite sur ce site virustotal et fais analyser le fichier :
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    Pour trouver l'emplacement tape LManager.exe dans rechercher (démarrer => rechercher => tous les fichiers ou dossiers)
    et poste moi le resultat par copier/coller stp.

    Et ensuite suis les conseils de Philae,

    Bon courage

    A+
    --
    0
  14. jipi
     
    Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE

    <gras>Résultat: 0/32 (0%)
    en train de charger les informations du serveur...
    Votre fichier est dans la file d'attente, en position: 4.
    L'heure estimée de démarrage est entre 47 et 68 secondes.
    Ne fermez pas la fenêtre avant la fin de l'analyse.
    L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
    Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
    Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
    les résultats seront affichés au fur et à mesure de leur génération.
    Formaté Impression des résultats
    Votre fichier a expiré ou n'existe pas.
    Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

    Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
    Email:

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2007.12.19.10 2007.12.18 -
    AntiVir 7.6.0.45 2007.12.18 -
    Authentium 4.93.8 2007.12.19 -
    Avast 4.7.1098.0 2007.12.18 -
    AVG 7.5.0.503 2007.12.19 -
    BitDefender 7.2 2007.12.18 -
    CAT-QuickHeal 9.00 2007.12.18 -
    ClamAV 0.91.2 2007.12.19 -
    DrWeb 4.44.0.09170 2007.12.18 -
    eSafe 7.0.15.0 2007.12.18 -
    eTrust-Vet 31.3.5386 2007.12.18 -
    Ewido 4.0 2007.12.18 -
    FileAdvisor 1 2007.12.19 -
    Fortinet 3.14.0.0 2007.12.18 -
    F-Prot 4.4.2.54 2007.12.18 -
    F-Secure 6.70.13030.0 2007.12.18 -
    Ikarus T3.1.1.15 2007.12.19 -
    Kaspersky 7.0.0.125 2007.12.19 -
    McAfee 5188 2007.12.18 -
    Microsoft 1.3109 2007.12.18 -
    NOD32v2 2732 2007.12.19 -
    Norman 5.80.02 2007.12.18 -
    Panda 9.0.0.4 2007.12.18 -
    Prevx1 V2 2007.12.19 -
    Rising 20.23.12.00 2007.12.18 -
    Sophos 4.24.0 2007.12.18 -
    Sunbelt 2.2.907.0 2007.12.19 -
    Symantec 10 2007.12.19 -
    TheHacker 6.2.9.164 2007.12.18 -
    VBA32 3.12.2.5 2007.12.18 -
    VirusBuster 4.3.26:9 2007.12.18 -
    Webwasher-Gateway 6.6.2 2007.12.19 -
    Information additionnelle
    File size: 634880 bytes
    MD5: dfae0d430c5d2458340f67fd2841f3e7
    SHA1: f2313e6618ce0257cda6bd93435e6eecfd370739
    PEiD: -
    0
  15. piloterepdom Messages postés 136 Statut Membre
     
    bonjour
    voila le dernier rapport cette nuit ..
    0
  16. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Salut

    Pour INFO

    Philaé te demandait

    bonsoir
    tu as déjà fait du ménage avec smitfraud, SDFix et OTMoveIT
    supprime tout ça, et refait un scan, on y verra déjà plus clair


    TU supprimes smitfraud, SDFix, et OMoviet
    Et tu refais un scan Kaspersky


    A+++
    0