Virus msn

Résolu
kombat43 Messages postés 19 Statut Membre -  
jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour, tout le monde jaurais besoin d'aide avec mon msn pcq que jai stupidement ouvert un fichier que mon friend ma "envoyer" qui disait en anglais voici une photo de moi et toi jvoulais savoir si jpouvais la mettre et apres sa bin la a chaque que quelquun se connecte quand jsuis connecter bin sa lui envoye un message et un dossier

svp jai besoin daide merci davance

tk peace

ps: désoler si jlai po mit dans la bonne section

33 réponses

  • 1
  • 2
  1. tanger212 Messages postés 205 Statut Membre 22
     
    salut ton message n'est pas claire
    0
  2. titicecile
     
    salut

    http://www.webaide.net/Suppression-du-virus-MSN-Backdoor-Win32-IRCBot-aaq-aide-161.html

    va faire un tour si c'est la solution tant mieux sinon explque mieux ton probleme
    0
  3. kombat43 Messages postés 19 Statut Membre
     
    bin jvien de lai essayer pi yon rien trouver mais cest koi ke tu voudrait de plus comme information
    0
  4. jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
     
    --

    S"V"P. ((Veuillez lire attentivement les recommandations.))
    ((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)
    Salut !
    Fais ceci Puis redémarres : http://sosvirus.changelog.fr/MSNFix.zip
    Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
    http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
    Doubles cliques sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarres ton ordinateur en mode sans échec .
    Puis passes SDfix.
    Et postes les rapports ici stp.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. tanger212 Messages postés 205 Statut Membre 22
     
    slut essaye d'utiliser avast c'est un antivirus il est gratuit
    -1
  7. Utilisateur anonyme
     
    Rebonsoir kombat43, on va suivre la discussion ici (par la suite évite les doublons : tu as poster à deux endroits différents....Il y en a d'autres ?)
    http://www.commentcamarche.net/forum/affich 4655747 svp besoin d aide ac messenger

    Salut jalob. et les autres,

    tanger212 => slut essaye d'utiliser avast c'est un antivirus il est gratuit => Qui te dis qu'il ne l'a pas ?

    Kombat, suis les infos de jalob. (peut-être faire un HiJack avant le SDfix...?)

    A+
    0
  8. kombat43 Messages postés 19 Statut Membre
     
    sry pour le doublons cest pcqe lautre jlai po plasser dans bonne catégorie et jai eu peur quont me répondre po
    0
  9. kombat43 Messages postés 19 Statut Membre
     
    sry pour le doublons cest pcqe lautre jlai po plasser dans bonne catégorie et jai eu peur quont me répondre po

    tk vla kesse ke ta demander jespere que cest sa

    SDFix: Version 1.126

    Run by ric on 2008-01-14 at 20:53

    Microsoft Windows XP [version 5.1.2600]

    Running From: C:\Documents and Settings\ric\Mes documents\Nouveau dossier\SDFix

    Safe Mode:
    Checking Services:

    Name:
    uyggryna

    Path:
    C:\WINDOWS\system32\kcesvsn.exe /service

    uyggryna - Deleted

    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting...

    Normal Mode:
    Checking Files:

    Trojan Files Found:

    C:\WINDOWS\SYSTEM32\KCESVSN.EXE - Deleted
    C:\WINDOWS\SYSTEM32\WLCFNJ.EXE - Deleted
    C:\WINDOWS\SYSTEM32\J.EXE - Deleted
    C:\WINDOWS\SYSTEM32\EXNEJLK.EXE - Deleted
    C:\Documents and Settings\ric\Favoris\Error Cleaner.url - Deleted
    C:\Documents and Settings\ric\Favoris\Privacy Protector.url - Deleted
    C:\Documents and Settings\ric\Favoris\Spyware&Malware Protection.url - Deleted
    C:\WINDOWS\rs.txt - Deleted
    C:\WINDOWS\search_res.txt - Deleted

    Removing Temp Files...

    ADS Check:

    C:\WINDOWS
    No streams found.

    C:\WINDOWS\system32
    No streams found.

    C:\WINDOWS\system32\svchost.exe
    No streams found.

    C:\WINDOWS\system32\ntoskrnl.exe
    No streams found.

    Final Check:

    catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-14 21:00:06
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    Remaining Services:
    ------------------

    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli cy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
    "C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE"="C:\\Program Files\\Internet Explorer\\IEXPLORE.EXE:*:Enabled:Internet Explorer"
    "C:\\WINDOWS\\System32\\LEXPPS.EXE"="C:\\WINDOWS\\System32\\LEXPPS.EXE:*:En abled:LEXPPS.EXE"
    "C:\\Program Files\\Maestro Connector\\maestro_connector.exe"="C:\\Program Files\\Maestro Connector\\maestro_connector.exe:*:Enabled:Maestro Connector"
    "C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
    "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\\Program Files\\Messenger\\MSMSGS.EXE"="C:\\Program Files\\Messenger\\MSMSGS.EXE:*:Enabled:Windows Messenger"
    "C:\\Program Files\\Ares\\Ares.exe"="C:\\Program Files\\Ares\\Ares.exe:*:Disabled:Ares p2p for windows"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpoli cy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enable d:@xpsp2res.dll,-22019"
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    Remaining Files:
    ---------------

    File Backups: - C:\DOCUME~1\ric\MESDOC~1\NOUVEA~1\SDFix\backups\backups.zip

    Files with Hidden Attributes:

    Mon 29 Oct 2007 59,392 ..SHR --- "C:\WINDOWS\system32\runsvc.exe"
    Mon 23 Apr 2007 3,358,720 A..H. --- "C:\My Games\Puzzle Detective\PuzzleDetective.exe"
    Wed 19 Dec 2007 3,100,672 A..H. --- "C:\My Games\Zodiac Tower\Zodiac Tower.exe"
    Sun 3 Jun 2007 1,425,408 A..H. --- "C:\My Games\Bistro Stars\BistroStars.exe"
    Sun 3 Jun 2007 14,865,839 ...H. --- "C:\My Games\Mahjong Century\MahJongCentury.exe"
    Sun 3 Jun 2007 610,304 A..H. --- "C:\My Games\The Da Vinci Code\TheDaVinciCode.exe"
    Mon 4 Jun 2007 856,064 A..H. --- "C:\My Games\Mah Jong Medley\exe.exe"
    Sun 10 Jun 2007 2,416,640 ...H. --- "C:\My Games\Da Vinci's Secret\da_vinci.exe"
    Thu 18 Oct 2007 278,528 A..H. --- "C:\My Games\Bricks of Egypt\Bricks of Egypt.exe"
    Fri 16 Nov 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 14 Nov 2007 6,219,320 A..H. --- "C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0041487.exe"
    Mon 7 May 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
    Fri 23 Nov 2007 315,787 A..H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Local Settings\Temp\BIT14.tmp"
    Sat 13 Oct 2007 339,187 A..H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Local Settings\Temp\BIT12.tmp"
    Sat 13 Oct 2007 336,252 A..H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Local Settings\Temp\BIT13.tmp"
    Sat 13 Oct 2007 336,252 A..H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Local Settings\Temp\BIT11.tmp"
    Sat 13 Oct 2007 292,539 A..H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Local Settings\Temp\BIT15.tmp"
    Mon 27 Aug 2007 278,528 A.SH. --- "C:\Documents and Settings\ric\Local Settings\Temp\~rnsetu0\pncrt.dll"
    Sun 13 Jan 2008 35,328 ...H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Application Data\Microsoft\Word\~WRL0005.tmp"
    Sun 13 Jan 2008 35,840 ...H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Application Data\Microsoft\Word\~WRL0432.tmp"
    Sun 13 Jan 2008 37,888 ...H. --- "C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Application Data\Microsoft\Word\~WRL3326.tmp"

    Finished!7 message(s) posté(s) depuis le mardi 15 janvier 2008
    0
  10. Utilisateur anonyme
     
    ARffff, on est pas du bon coté (pas sécurité...)
    Je ne sais pas si les modos transfereront le topic ou s'il faut mieux aller là-bas...

    A+
    0
  11. kombat43 Messages postés 19 Statut Membre
     
    okkk tu vien de me perdre lol

    tk kin vla mon hi jack sa pourait peut etre taider

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:07:52, on 2008-01-14
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\UPHClean\uphclean.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\runsvc.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Windows Live Toolbar\msn_sl.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://outlook.live.com/owa/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.ca/0SEFRCA/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Windows Running Service] runsvc.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.acer.com/worldwide/selection.html
    O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
    O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
    O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) - http://bmm.imgag.com/imgag/cp/install/crusher-caf.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    0
  12. jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
     
    --

    S"V"P. ((Veuillez lire attentivement les recommandations.))
    ((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)

    Ouais !!!
    Fichiers avec des attributs cachés ouais !
    Jeux ,Crack,P2P belle sauce aux problèmes en effet !
    SDfix a bien travaillé .
    Non DllD continues mon ami ,j'ai eu ma journée bien remplie avec 7 assistances MSN.
    Je ne voulais que limiter les dégats et les demandes pour MSN ,tu connais l'effet boule de neige ;-)
    Bonne nuit
    Jal
    0
  13. Utilisateur anonyme
     
    C'est sympa, jalob. mais je comptais partir au lit...il fait sommeil...OuuuahhHHH¨¨°°°...

    Bon alors on reprend demain...

    Bonne nuit à tous...

    A+
    0
  14. kombat43 Messages postés 19 Statut Membre
     
    okk bin bonne nuit man
    0
  15. jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
     
    --

    S"V"P. ((Veuillez lire attentivement les recommandations.))
    ((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)

    KOMBAT, 1 min je te donnes des devoirs !
    0
  16. jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
     
    --

    S"V"P. ((Veuillez lire attentivement les recommandations.))
    ((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)

    Ok un petit coup KoMBAT 43.

    Tu as aucun antivirus !
    Tu as aucun pare-feu !
    Tu as des infections !

    1: Installes ceci sur le bureau et fermes tous les programmes Y compris ce fichue IE

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    et poste le rapport.

    2: Installes Antivir : http://www.commentcamarche.net/telecharger/telechargement 55 antivir

    tutoriel : https://www.astucesinternet.com/modules/news/article.php?storyid=253

    3: Installes un pare-feu : https://forums.cnetfrance.fr Lien et tuto.

    4: Scan complet avec Antivir
    Mets les resultâts de scans ici
    Bon travail A+ Jal
    0
  17. kombat43 Messages postés 19 Statut Membre
     
    ComboFix 08-01-15.3 - Éric 2008-01-14 21:52:25.1 - [color=red][b]FAT32[/b][/color]x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.282 [GMT -5:00]
    Running from: C:\Documents and Settings\Éric\Local Settings\Temporary Internet Files\Content.IE5\TSKPX1K2\ComboFix[1].exe
    * Created a new restore point

    [color=red][b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b][/color]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Éric\Application Data\ShoppingReport
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\Config.xml
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\db\Aliases.dbs
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\db\Sites.dbs
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\report\aggr_storage.xml
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\report\send_storage.xml
    C:\Documents and Settings\Éric\Application Data\ShoppingReport\cs\res1\WhiteList.dbs

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-12-15 to 2008-01-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-01-14 21:51 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2008-01-14 20:52 . 2008-01-14 20:52 <REP> d-------- C:\WINDOWS\ERUNT
    2008-01-14 20:32 . 2008-01-14 20:32 <REP> d-------- C:\Program Files\Trend Micro
    2008-01-14 20:00 . 2008-01-14 20:00 <REP> d-------- C:\VundoFix Backups
    2008-01-13 21:37 . 2008-01-13 21:37 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-01-13 19:59 . 2008-01-13 19:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-01-13 14:55 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
    2008-01-10 18:59 . 2008-01-10 18:59 <REP> d-------- C:\Program Files\uTorrent
    2008-01-10 18:59 . 2008-01-10 18:59 <REP> d-------- C:\Documents and Settings\Éric\Application Data\uTorrent
    2008-01-05 18:29 . 2008-01-05 18:29 <REP> d-------- C:\Program Files\Windows Live Favorites
    2007-12-31 14:28 . 2001-08-23 17:47 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
    2007-12-27 22:35 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
    2007-12-27 22:35 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
    2007-12-27 22:35 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
    2007-12-27 22:35 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
    2007-12-27 22:34 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
    2007-12-27 22:34 . 2007-05-16 16:45 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
    2007-12-27 22:34 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
    2007-12-27 22:34 . 2007-05-16 16:45 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
    2007-12-27 22:34 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
    2007-12-27 22:34 . 2007-05-16 16:45 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
    2007-12-27 22:34 . 2007-07-20 00:57 267,112 --a------ C:\WINDOWS\system32\xactengine2_9.dll
    2007-12-27 22:34 . 2007-06-20 20:46 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
    2007-12-27 22:34 . 2007-10-22 03:37 17,928 --a------ C:\WINDOWS\system32\X3DAudio1_2.dll
    2007-12-17 17:39 . 2008-01-14 21:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2007-12-17 17:39 . 2007-12-17 17:39 1,409 --a------ C:\WINDOWS\QTFont.for
    2007-12-17 17:38 . 2007-12-17 17:38 <REP> d-------- C:\Program Files\iPod
    2007-12-17 09:02 . 2007-12-17 09:02 <REP> d--hs---- C:\FOUND.014

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-04 00:13 --------- d-----w C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Application Data\Zylom
    2007-12-04 00:11 --------- d-----w C:\Program Files\Zylom Games
    2007-11-28 02:42 --------- d-----w C:\Program Files\Picasa2
    2007-11-28 02:37 --------- d-----w C:\Program Files\Winamp
    2007-11-28 02:37 --------- d-----w C:\Program Files\Microsoft Baseline Security Analyzer 2
    2007-11-23 06:14 --------- d-----w C:\Program Files\SPYWAREfighter
    2007-11-23 05:54 --------- d-----w C:\Program Files\AntiSpywareShield(2)
    2007-11-22 23:25 --------- d-----w C:\Program Files\a-squared Free
    2007-11-22 23:18 --------- d-----w C:\Program Files\AntiSpyGolden 5.1
    2007-11-22 05:39 --------- d-----w C:\Program Files\VirusProtect 3.8
    2007-11-21 21:16 --------- d-----w C:\Program Files\iPod(4)
    2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
    2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
    2007-10-30 23:23 3,590,656 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-10-30 16:53 360,832 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
    2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
    2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
    2007-10-29 06:00 59,392 --sh--r C:\WINDOWS\system32\runsvc.exe
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\shell32(2)(2).dll
    2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-25 15:01 2,109,440 ------w C:\WINDOWS\system32\dllcache\wmvcore.dll
    2007-10-25 15:00 230,912 ----a-w C:\WINDOWS\system32\wmasf.dll
    2007-10-25 15:00 230,912 ------w C:\WINDOWS\system32\dllcache\wmasf.dll
    2007-10-17 15:40 1,941,504 ----a-w C:\WINDOWS\system32\Tropix.scr
    2007-04-18 11:50 774,144 ----a-w C:\Program Files\RngInterstitial.dll
    2007-01-24 20:21 77,160 ----a-w C:\Documents and Settings\Diane\DSETUP.dll
    2007-01-24 20:21 503,144 ----a-w C:\Documents and Settings\Diane\DXSETUP.exe
    2007-01-24 20:21 1,673,576 ----a-w C:\Documents and Settings\Diane\dsetup32.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 19:09 15360]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [ ]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
    "Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-09 11:09 63712]
    "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-10-13 17:58 1838592]
    "Windows Running Service"="runsvc.exe" [2007-10-29 01:00 59392 C:\WINDOWS\system32\runsvc.exe]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 19:09 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 04:15:54]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

    *Newly Created Service* - PROCEXP90
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-14 22:11:32 C:\WINDOWS\Tasks\User_Feed_Synchronization-{90350B76-994C-431B-9424-8763C10F9EF5}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    "2008-01-15 02:09:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
    - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-01-14 21:53:47
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-01-14 21:54:13
    ComboFix-quarantined-files.txt 2008-01-15 02:54:12
    .
    2008-01-11 01:39:19 --- E O F ---
    0
  18. jalobservateur Messages postés 7372 Date d'inscription   Statut Contributeur sécurité Dernière intervention   930
     
    --

    S"V"P. ((Veuillez lire attentivement les recommandations.))
    ((Cela évite de répéter)). (Firefox) = ((Navigations + Sécuritaires!!!)) (GMT-5h: Québec, CA)

    Salut!
    Je t'indique un lien afin que le jour ou ((( ta machine sera propre et fonctionnelle))) ,tu devras installer la ''Console de récupération'',
    qui est absente sur ta machine.

    Il est entendu que tu dois le faire mais 'seulement quand moi ou un autre helper te donnera le feu vert'!
    Lien: http://support.microsoft.com/kb/307654/fr
    -------------------------------------------------------------------------------------------------------------------------------------------------------------

    j'attends le reste de tes résultâts. ^-)
    0
  19. kombat43
     
    bin jvien darriver pi la jsuis en train de faire le scan ac lanti virus pi des que cest fini jtenvoye le rapport

    tk peace
    0
  20. kombat43 Messages postés 19 Statut Membre
     
    voici le rapport de lanti virus

    AntiVir PersonalEdition Classic
    Report file date: 15 janvier 2008 16:21

    Scanning for 1041443 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Éric
    Computer name: OEM-QHYHA2XN5XP

    Version information:
    BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 19:16:30
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 18:23:52
    LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 21:32:48
    LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 18:35:22
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 20:27:16
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 20:59:14
    ANTIVIR2.VDF : 7.0.2.0 948736 Bytes 2008-01-15 20:59:14
    ANTIVIR3.VDF : 7.0.2.1 2048 Bytes 2008-01-15 20:59:14
    AVEWIN32.DLL : 7.6.0.48 3080704 Bytes 2008-01-15 20:59:16
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 16:36:28
    AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 13:39:18
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 19:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-01-15 20:59:16
    AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 13:17:08
    AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 18:26:34
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 13:10:20
    NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 17:09:44
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 18:38:14
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 18:50:38
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 15:37:22

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: C:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 15 janvier 2008 16:21

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'iTunes.exe' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'iPodService.exe' - '1' Module(s) have been scanned
    Scan process 'ALG.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'RUNSVC.EXE' - '1' Module(s) have been scanned
    Module is infected -> 'C:\WINDOWS\system32\runsvc.exe'
    Scan process 'MSMSGS.EXE' - '1' Module(s) have been scanned
    Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
    Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
    Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
    Scan process 'GoogleDesktop.exe' - '1' Module(s) have been scanned
    Scan process 'APDPROXY.EXE' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
    Scan process 'UPHCLEAN.EXE' - '1' Module(s) have been scanned
    Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
    Scan process 'LEXPPS.EXE' - '1' Module(s) have been scanned
    Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
    Scan process 'LEXBCES.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
    Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
    Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
    Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
    Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
    Process 'RUNSVC.EXE' has been terminated
    C:\WINDOWS\system32\runsvc.exe
    [DETECTION] Is the Trojan horse TR/Delf.akj.2
    [INFO] The file was deleted!

    35 processes with 34 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!

    Starting to scan the registry.

    The registry was scanned ( '23' files ).

    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Éric\Mes documents\Nouveau dossier\SDFix\backups\backups.zip
    [0] Archive type: ZIP
    --> backups/kcesvsn.exe
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    --> backups/wlcfnj.exe
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    --> backups/j.exe
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    --> backups/exnejlk.exe
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    [INFO] The file was moved to '47f04ca6.qua'!
    C:\Documents and Settings\Diane.OEM-QHYHA2XN5XP.000\Mes documents\Ma musique\downloads\001AB92F\Protected_11_16_2007_12_17_45.asf
    [DETECTION] Is the Trojan horse TR/Wimad.A.Gen
    [INFO] The file was moved to '47fc4cff.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0041460.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd50dc.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0041464.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd50ea.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0041512.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd530f.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0041523.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5315.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0042527.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was deleted!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0042541.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] A backup was created as '47bd5321.qua' ( QUARANTINE )
    [INFO] The file was deleted!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP234\A0042552.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5326.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0045613.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd5328.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046117.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5337.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046118.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '46230448.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046119.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5338.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046120.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '46230449.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046121.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5339.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP235\A0046122.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '4623044a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP240\A0047702.exe
    [DETECTION] Contains detection pattern of the dropper DR/180Solutions.BJ.9
    [INFO] The file was moved to '47bd5350.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0047735.dll
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.319488
    [INFO] The file was moved to '47bd5352.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0047738.exe
    [DETECTION] Contains detection pattern of the dropper DR/Dldr.Zlob.AAGR
    [INFO] The file was moved to '46230423.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048041.exe
    [DETECTION] Contains detection pattern of the dropper DR/MartShop.2
    [INFO] The file was moved to '47bd535a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048250.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd535c.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048251.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '4623042d.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048252.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd535e.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048253.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd535d.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048254.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '4623042e.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048343.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd535f.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP241\A0048393.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd5360.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049381.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '47bd5376.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049382.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '46230407.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049383.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd5378.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049392.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '47bd5377.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049393.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '46230408.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0049394.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd5379.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050393.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '46230409.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050394.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd537a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050395.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '4623040a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050413.exe
    [DETECTION] Contains detection pattern of the dropper DR/180Solutions.BJ.9
    [INFO] The file was moved to '47bd537b.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050427.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd537c.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050428.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '4623040d.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050429.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd537d.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0050438.exe
    [DETECTION] Is the Trojan horse TR/Virtl.1091
    [INFO] The file was moved to '4623040e.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051459.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '47bd537f.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051460.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '462304f0.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051461.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd5380.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051470.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '462304f1.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051471.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd5382.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051472.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd5381.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051498.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '462304f3.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051499.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd5384.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP242\A0051500.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '462304f5.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051520.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '47bd5383.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051521.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd5386.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051522.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '462304f7.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051530.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '47bd5388.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051531.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '47bd5385.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP243\A0051532.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '462304f6.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051538.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.ABHB
    [INFO] The file was moved to '462304f9.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051539.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Zlob.eoz.3
    [INFO] The file was moved to '47bd538a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051540.dll
    [DETECTION] Is the Trojan horse TR/Zlob.14336.3
    [INFO] The file was moved to '462304fb.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051616.exe
    [DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.Malwarewipe.Q.5
    [INFO] The file was moved to '47bd538c.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051638.DLL
    [DETECTION] Is the Trojan horse TR/Dldr.FakeAlert.E
    [INFO] The file was moved to '47bd5389.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051642.dll
    [DETECTION] Is the Trojan horse TR/Drop.Zlob.aab.2
    [INFO] The file was moved to '462304fd.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051644.EXE
    [DETECTION] Is the Trojan horse TR/Zlob.8704.1
    [INFO] The file was moved to '47bd538e.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0051646.EXE
    [DETECTION] Is the Trojan horse TR/Zlob.34304.C
    [INFO] The file was moved to '462304ff.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052616.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd5398.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052666.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '462304e9.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052692.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd5399.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052693.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304ea.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052694.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd539b.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0052695.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd539a.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0056029.exe
    [DETECTION] Contains detection pattern of the dropper DR/180Solutions.BJ.9
    [INFO] The file was moved to '47bd539f.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP244\A0056035.exe
    [DETECTION] Contains detection pattern of the dropper DR/MartShop.2
    [INFO] The file was moved to '462304d0.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058056.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53b3.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058057.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304c4.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058058.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53b5.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058059.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304c6.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058060.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53b4.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058142.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd53b6.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0058192.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd53b7.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059294.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '47bd53c6.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059339.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '462304b7.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059346.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53c7.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059347.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304b8.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059348.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53c9.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059349.SYS
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53c8.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059403.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304ba.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059404.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53cb.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059405.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '462304bc.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059406.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53cd.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059407.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '47bd53ca.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059416.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '462304bb.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP248\A0059461.sys
    [DETECTION] Contains detection pattern of the worm WORM/Ntech.AD.2
    [INFO] The file was moved to '462304be.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP297\A0066281.EXE
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    [INFO] The file was moved to '47bd542e.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP297\A0066282.EXE
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    [INFO] The file was moved to '4623035f.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP297\A0066283.EXE
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    [INFO] The file was moved to '47bd5410.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP297\A0066284.EXE
    [DETECTION] Is the Trojan horse TR/Agent.dnb
    [INFO] The file was moved to '46230361.qua'!
    C:\System Volume Information\_restore{CEB618B1-55E7-4C73-A5BA-BAC6C3D1D585}\RP299\A0066418.EXE
    [DETECTION] Is the Trojan horse TR/Delf.akj.2
    [INFO] The file was moved to '47bd5432.qua'!

    End of the scan: 15 janvier 2008 19:52
    Used time: 3:30:39 min

    The scan has been done completely.

    9993 Scanning directories
    274677 Files were scanned
    102 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    3 files were deleted
    0 files were repaired
    96 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    274575 Files not concerned
    6847 Archives were scanned
    1 Warnings
    0 Notes
    0
  • 1
  • 2