wxa

A défaut d'avoir pu utiliser le logiciel que vous m'aviez conseiller j'ai donc télécharger a-squared anti-malware celui ci c'est bien installer.j'ai donc pu réaliser un balayage de tous mon pc il a bien trouver les virus en question mais par contre impossible de les supprimer ni de les mettre en quarantaine j'ai un rapport de l'analyse que j'ai effectuer le voilà: Version - a-squared Anti-Malware 4.5 Dernière mise à jour : 03/01/2010 19:23:40 Paramètres des balayages : Type de balayage : N/A Objets : Mémoire, Traces, Cookies, C:\ Balayage dans les archives : Marche Analyse heuristique : Arrêt Balayage dans les ADS : Marche Début du balayage : 03/01/2010 19:23:57 \\?\globalroot\systemroot\system32\H8SRTvxppxpujym.dll Objets détectés : Virus.Packed.Win32.Tdss!IK C:\PROGRA~1\MALWAR~1\mdext.dll Objets détectés : Packed.Win32.Tdss!IK [1628] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\settdebugx.exe Objets détectés : Virus.Packed.Win32.Tdss!IK [2528] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wscsvc32.exe Objets détectés : Virus.Packed.Win32.Tdss!IK \\?\globalroot\systemroot\system32\H8SRTdqlmsyayup.dll Objets détectés : Virus.Packed.Win32.Tdss!IK c:\program files\malware defense\ Objets détectés : Trace.Directory.MalwareDefense!A2 c:\program files\malware defense\mdext.dll Objets détectés : Trace.File.MalwareDefense!A2 c:\program files\malware defense\uninstall.exe Objets détectés : Trace.File.MalwareDefense!A2 Value: HKEY_USERS\S-1-5-21-448539723-308236825-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order Objets détectés : Trace.Registry.Emule 5.0!A2 Key: HKEY_LOCAL_MACHINE\software\AntiMalware Objets détectés : Trace.Registry.AntiMalware!A2 Key: HKEY_LOCAL_MACHINE\software\Malware Defense Objets détectés : Trace.Registry.MalwareDefense!A2 Value: HKEY_USERS\S-1-5-21-448539723-308236825-839522115-500\software\Microsoft\Windows\CurrentVersion\Run --> Malware Defense Objets détectés : Trace.Registry.MalwareDefense!A2 c:\windows\hh.ico Objets détectés : Trace.File.Xtractor Plus 3.6!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@247realmedia[2].txt Objets détectés : Trace.TrackingCookie.247realmedia!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[1].txt Objets détectés : Trace.TrackingCookie.adtech!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@adviva[2].txt Objets détectés : Trace.TrackingCookie.adviva!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bizrate[2].txt Objets détectés : Trace.TrackingCookie.bizrate!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[1].txt Objets détectés : Trace.TrackingCookie.bluestreak!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[1].txt Objets détectés : Trace.TrackingCookie.bs.serving-sys!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@burstnet[1].txt Objets détectés : Trace.TrackingCookie.burstnet!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@com[1].txt Objets détectés : Trace.TrackingCookie.com!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[2].txt Objets détectés : Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@fl01.ct2.comclick[2].txt Objets détectés : Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@realmedia[1].txt Objets détectés : Trace.TrackingCookie.realmedia!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@smartadserver[2].txt Objets détectés : Trace.TrackingCookie.smartadserver!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@specificclick[2].txt Objets détectés : Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[1].txt Objets détectés : Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@trafficmp[1].txt Objets détectés : Trace.TrackingCookie.trafficmp!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt Objets détectés : Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt Objets détectés : Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@windowsmedia[1].txt Objets détectés : Trace.TrackingCookie.windowsmedia!A2 C:\Documents and Settings\Administrateur\Local Settings\Temp\settdebugx.exe Objets détectés : Virus.Packed.Win32.Tdss!IK C:\Documents and Settings\Administrateur\Local Settings\Temp\wscsvc32.exe Objets détectés : Virus.Packed.Win32.Tdss!IK C:\Program Files\Malware Defense\mdext.dll Objets détectés : Packed.Win32.Tdss!IK C:\Program Files\Malware Defense\uninstall.exe Objets détectés : Packed.Win32.Tdss!IK C:\System Volume Information\_restore{4996EE3E-6B8B-4A89-BEF5-746B3CE0DF6A}\RP439\A0048276.exe Objets détectés : Trojan.Win32.C4DLMedia!IK Analysé Fichiers : 137244 Traces : 614377 Cookies : 693 Processus : 55 Objets trouvés Fichiers : 17 Traces : 8 Cookies : 18 Processus : 2 Clés de Registre : 0 Fin du balayage : 03/01/2010 19:58:48 Temps du balayage : 0:34:51 C:\System Volume Information\_restore{4996EE3E-6B8B-4A89-BEF5-746B3CE0DF6A}\RP439\A0048276.exe Objets Supprimés Trojan.Win32.C4DLMedia!IK C:\Documents and Settings\Administrateur\Cookies\administrateur@windowsmedia[1].txt Objets Supprimés Trace.TrackingCookie.windowsmedia!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[1].txt Objets Supprimés Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@weborama[2].txt Objets Supprimés Trace.TrackingCookie.weborama!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@trafficmp[1].txt Objets Supprimés Trace.TrackingCookie.trafficmp!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@tradedoubler[1].txt Objets Supprimés Trace.TrackingCookie.tradedoubler!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@specificclick[2].txt Objets Supprimés Trace.TrackingCookie.specificclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@smartadserver[2].txt Objets Supprimés Trace.TrackingCookie.smartadserver!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@realmedia[1].txt Objets Supprimés Trace.TrackingCookie.realmedia!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@fl01.ct2.comclick[2].txt Objets Supprimés Trace.TrackingCookie.fl01.ct2.comclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@doubleclick[2].txt Objets Supprimés Trace.TrackingCookie.doubleclick!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@com[1].txt Objets Supprimés Trace.TrackingCookie.com!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@burstnet[1].txt Objets Supprimés Trace.TrackingCookie.burstnet!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bs.serving-sys[1].txt Objets Supprimés Trace.TrackingCookie.bs.serving-sys!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bluestreak[1].txt Objets Supprimés Trace.TrackingCookie.bluestreak!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@bizrate[2].txt Objets Supprimés Trace.TrackingCookie.bizrate!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@adviva[2].txt Objets Supprimés Trace.TrackingCookie.adviva!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@adtech[1].txt Objets Supprimés Trace.TrackingCookie.adtech!A2 C:\Documents and Settings\Administrateur\Cookies\administrateur@247realmedia[2].txt Objets Supprimés Trace.TrackingCookie.247realmedia!A2 c:\windows\hh.ico Objets Supprimés Trace.File.Xtractor Plus 3.6!A2 Key: HKEY_LOCAL_MACHINE\software\Malware Defense Objets Supprimés Trace.Registry.MalwareDefense!A2 Value: HKEY_USERS\S-1-5-21-448539723-308236825-839522115-500\software\Microsoft\Windows\CurrentVersion\Run --> Malware Defense Objets Supprimés Trace.Registry.MalwareDefense!A2 Key: HKEY_LOCAL_MACHINE\software\AntiMalware Objets Supprimés Trace.Registry.AntiMalware!A2 Value: HKEY_USERS\S-1-5-21-448539723-308236825-839522115-500\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Emule --> Order Objets Supprimés Trace.Registry.Emule 5.0!A2 c:\program files\malware defense\mdext.dll Objets Supprimés Trace.File.MalwareDefense!A2 c:\program files\malware defense\uninstall.exe Objets Supprimés Trace.File.MalwareDefense!A2 C:\PROGRA~1\MALWAR~1\mdext.dll Objets Supprimés Packed.Win32.Tdss!IK C:\Program Files\Malware Defense\mdext.dll Objets Supprimés Packed.Win32.Tdss!IK \\?\globalroot\systemroot\system32\H8SRTvxppxpujym.dll Objets Supprimés Virus.Packed.Win32.Tdss!IK \\?\globalroot\systemroot\system32\H8SRTdqlmsyayup.dll Objets Supprimés Virus.Packed.Win32.Tdss!IK C:\Documents and Settings\Administrateur\Local Settings\Temp\settdebugx.exe Objets Supprimés Virus.Packed.Win32.Tdss!IK C:\Documents and Settings\Administrateur\Local Settings\Temp\wscsvc32.exe Objets Supprimés Virus.Packed.Win32.Tdss!IK Objets Supprimés Fichiers : 8 Traces : 8 Cookies : 18 C:\PROGRA~1\MALWAR~1\mdext.dll En Quarantaine Packed.Win32.Tdss!IK C:\Program Files\Malware Defense\mdext.dll En Quarantaine Packed.Win32.Tdss!IK \\?\globalroot\systemroot\system32\H8SRTvxppxpujym.dll En Quarantaine Virus.Packed.Win32.Tdss!IK \\?\globalroot\systemroot\system32\H8SRTdqlmsyayup.dll En Quarantaine Virus.Packed.Win32.Tdss!IK En Quarantaine Fichiers : 7 Traces : 1 Cookies : 0

Gros souci l'instalation de Malwarebytes' Anti-Malware (MBAM) se passe bien par contre une fois l'instalation terminée impossible d'ouvrir le logiciel je double clic sur l'îcone Malwarebytes' Anti-Malware (MBAM) mais rien ne se passe à mon grand regret!! il se produit la même chose avec mon antivirus Mcafee qui est pourtant bien à jour!!!

Tout d'abord merci de votre aide!!! Voilà le rapport obtenu avec hijackthis Logfile of Trend Micro HijackThis v2.0.3 (BETA) Scan saved at 17:42:12, on 03/01/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\ASUS\AI Direct Link\AsShare.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\settdebugx.exe C:\PROGRA~1\Wanadoo\TaskBarIcon.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\wscsvc32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Windows Live\Toolbar\wltuser.exe C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe C:\Program Files\Internet Explorer\Iexplore.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Launch Direct Link] "C:\Program Files\ASUS\AI Direct Link\AsShare.exe" O4 - HKLM\..\Run: [Launch As Cmd Runner] "C:\Program Files\ASUS\AI Direct Link\AsCmd.exe" -reg O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe" O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe" O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [settdebugx.exe] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\settdebugx.exe O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1223067732531 O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\McProxy\McProxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Viewpoint Manager Service - Unknown owner - C:\Program Files\Viewpoint\Common\ViewpointService.exe (file missing) O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe -- End of file - 12903 bytes

Salut à tous je suis également une victime de Malware défence j'ai pas mal de souci pour démarrer mon pc qui se traduise quand il arrive à se lancer par des écrans figés qui m'oblige à le relancer manuellement plusieurs fois d'affiler jusqu'à son bon fonctionnement!!! En outre j'ai l'icône dans ma barre des tâche sans cesse (petit rond rouge avec une croix blanche ainsi que l'icône windows security alerts!!!) j'ai fait un scan avec tdskiller en voici le résultat: 14:29:54:609 0256 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 14:29:54:609 0256 ================================================================================ 14:29:54:609 0256 SystemInfo: 14:29:54:609 0256 OS Version: 5.1.2600 ServicePack: 3.0 14:29:54:609 0256 Product type: Workstation 14:29:54:609 0256 ComputerName: SYLVESTE-B1C792 14:29:54:609 0256 UserName: Administrateur 14:29:54:609 0256 Windows directory: C:\WINDOWS 14:29:54:609 0256 Processor architecture: Intel x86 14:29:54:609 0256 Number of processors: 4 14:29:54:609 0256 Page size: 0x1000 14:29:54:609 0256 Boot type: Normal boot 14:29:54:609 0256 ================================================================================ 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:640 0256 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0 14:29:54:640 0256 main: Driver KLMD successfully dropped 14:29:54:640 0256 main: Driver KLMD successfully loaded 14:29:54:640 0256 Scanning Registry ... 14:29:54:640 0256 ScanServices: Searching service UACd.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service TDSSserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service gaopdxserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service gxvxcserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service MSIVXserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 UnhookRegistry: Kernel module file name: C:\windows\system32\ntkrnlpa.exe, base addr: 804D7000 14:29:54:640 0256 UnhookRegistry: Kernel local addr: A40000 14:29:54:640 0256 UnhookRegistry: KeServiceDescriptorTable addr: AC5700 14:29:54:640 0256 UnhookRegistry: KiServiceTable addr: A6D460 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey service number (local): 47 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey local addr: B8CFF2 14:29:54:640 0256 KLMD_OpenDevice: Trying to open KLMD device 14:29:54:640 0256 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 14:29:54:640 0256 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x805002C9[0x4] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey service number (kernel): 47 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x8050457C[0x4] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey real addr: 80623FF2 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey calc addr: 80623FF2 14:29:54:640 0256 UnhookRegistry: No SDT hooks found on NtEnumerateKey 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x80623FF2[0xA] 14:29:54:640 0256 UnhookRegistry: Splicing found on NtEnumerateKey 14:29:54:640 0256 KLMD_WriteMem: Trying to WriteMemory 0x80623FF2[0xA] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey (Splicing) unhooked successfully 14:29:54:640 0256 Hidden service detected: H8SRTd.sys Type "delete" (without quotes) to delete it: 14:30:08:000 0256 14:30:08:000 0256 Scanning Kernel memory ... 14:30:08:000 0256 KLMD_OpenDevice: Trying to open KLMD device 14:30:08:000 0256 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 14:30:08:000 0256 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 14:30:08:000 0256 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 8A3D5890 14:30:08:000 0256 DetectCureTDL3: KLMD_GetDeviceObjectList returned 4 DevObjects 14:30:08:000 0256 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 8A2B3448 14:30:08:000 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A2B3448 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A2B3448[0x38] 14:30:08:000 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A3D5890 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D5890[0xA8] 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0xE14FF6A8[0x208] 14:30:08:000 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 14:30:08:000 0256 DetectCureTDL3: IrpHandler (0) addr: BA91EBB0 14:30:08:000 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (2) addr: BA91EBB0 14:30:08:000 0256 DetectCureTDL3: IrpHandler (3) addr: BA918D1F 14:30:08:000 0256 DetectCureTDL3: IrpHandler (4) addr: BA918D1F 14:30:08:000 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (icon_cool.gif addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (9) addr: BA9192E2 14:30:08:000 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (14) addr: BA9193BB 14:30:08:000 0256 DetectCureTDL3: IrpHandler (15) addr: BA91CF28 14:30:08:000 0256 DetectCureTDL3: IrpHandler (16) addr: BA9192E2 14:30:08:000 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (22) addr: BA91AC82 14:30:08:000 0256 DetectCureTDL3: IrpHandler (23) addr: BA91F99E 14:30:08:000 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 14:30:08:000 0256 KLMD_ReadMem: DeviceIoControl error 1 14:30:08:000 0256 TDL3_StartIoHookDetect: Unable to get StartIo handler code 14:30:08:000 0256 TDL3_FileDetect: Processing driver: Disk 14:30:08:000 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 14:30:08:000 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 14:30:08:000 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 14:30:08:046 0256 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 89D5BAB8 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 89D5BAB8 14:30:08:046 0256 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 89ED9C10 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 89ED9C10 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x89ED9C10[0x38] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT addr: 89E2BA20 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x89E2BA20[0xA8] 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xE1521428[0x208] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 14:30:08:046 0256 DetectCureTDL3: IrpHandler (0) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (2) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (3) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (4) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (icon_cool.gif addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (9) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (14) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (15) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (16) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (22) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (23) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xB5F1CF26[0x400] 14:30:08:046 0256 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 0, 0 14:30:08:046 0256 TDL3_FileDetect: Processing driver: USBSTOR 14:30:08:046 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\usbstor.sys, C:\WINDOWS\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk 14:30:08:046 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\usbstor.sys 14:30:08:046 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\usbstor.sys 14:30:08:046 0256 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 8A3D8738 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3D8738 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D8738[0x38] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A3D5890 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D5890[0xA8] 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xE14FF6A8[0x208] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 14:30:08:046 0256 DetectCureTDL3: IrpHandler (0) addr: BA91EBB0 14:30:08:046 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (2) addr: BA91EBB0 14:30:08:046 0256 DetectCureTDL3: IrpHandler (3) addr: BA918D1F 14:30:08:046 0256 DetectCureTDL3: IrpHandler (4) addr: BA918D1F 14:30:08:046 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (icon_cool.gif addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (9) addr: BA9192E2 14:30:08:046 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (14) addr: BA9193BB 14:30:08:046 0256 DetectCureTDL3: IrpHandler (15) addr: BA91CF28 14:30:08:046 0256 DetectCureTDL3: IrpHandler (16) addr: BA9192E2 14:30:08:046 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (22) addr: BA91AC82 14:30:08:046 0256 DetectCureTDL3: IrpHandler (23) addr: BA91F99E 14:30:08:046 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 14:30:08:046 0256 KLMD_ReadMem: DeviceIoControl error 1 14:30:08:046 0256 TDL3_StartIoHookDetect: Unable to get StartIo handler code 14:30:08:046 0256 TDL3_FileDetect: Processing driver: Disk 14:30:08:046 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 14:30:08:046 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 14:30:08:046 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A55B8E8 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A55B8E8 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A4A0BF8 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A4A0BF8 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A48DD98 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A48DD98 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A48DD98[0x38] 14:30:08:062 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A49A968 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A49A968[0xA8] 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0xE1017A50[0x208] 14:30:08:062 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 14:30:08:062 0256 DetectCureTDL3: IrpHandler (0) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (2) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (3) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (4) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (icon_cool.gif addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (9) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (14) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (15) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (16) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (22) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (23) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0xBA5F9864[0x400] 14:30:08:062 0256 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 316, 0 14:30:08:062 0256 TDL3_FileDetect: Processing driver: atapi 14:30:08:062 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\atapi.sys, C:\WINDOWS\system32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk 14:30:08:062 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\atapi.sys 14:30:08:062 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\atapi.sys 14:30:08:062 0256 Completed Results: 14:30:08:062 0256 Infected objects in memory: 0 14:30:08:062 0256 Cured objects in memory: 0 14:30:08:062 0256 Infected objects on disk: 0 14:30:08:062 0256 Objects on disk cured on reboot: 0 14:30:08:062 0256 Objects on disk deleted on reboot: 0 14:30:08:062 0256 Registry nodes deleted on reboot: 0 14:30:08:062 0256

Salut à tous je suis également une victime de Malware défence j'ai pas mal de souci pour démarrer mon pc qui se traduise quand il arrive à se lancer par des écrans figés qui m'oblige à le relancer manuellement plusieurs fois d'affiler jusqu'à son bon fonctionnement!!! En outre j'ai l'icône dans ma barre des tâche sans cesse (petit rond rouge avec une croix blanche ainsi que l'icône windows security alerts!!!) j'ai fait un scan avec tdskiller en voici le résultat: 14:29:54:609 0256 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 14:29:54:609 0256 ================================================================================ 14:29:54:609 0256 SystemInfo: 14:29:54:609 0256 OS Version: 5.1.2600 ServicePack: 3.0 14:29:54:609 0256 Product type: Workstation 14:29:54:609 0256 ComputerName: SYLVESTE-B1C792 14:29:54:609 0256 UserName: Administrateur 14:29:54:609 0256 Windows directory: C:\WINDOWS 14:29:54:609 0256 Processor architecture: Intel x86 14:29:54:609 0256 Number of processors: 4 14:29:54:609 0256 Page size: 0x1000 14:29:54:609 0256 Boot type: Normal boot 14:29:54:609 0256 ================================================================================ 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:609 0256 ForceUnloadDriver: NtUnloadDriver error 2 14:29:54:640 0256 MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\Drivers\KLMD.sys) returned status 0 14:29:54:640 0256 main: Driver KLMD successfully dropped 14:29:54:640 0256 main: Driver KLMD successfully loaded 14:29:54:640 0256 Scanning Registry ... 14:29:54:640 0256 ScanServices: Searching service UACd.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service TDSSserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service gaopdxserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service gxvxcserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 ScanServices: Searching service MSIVXserv.sys 14:29:54:640 0256 ScanServices: Open/Create key error 2 14:29:54:640 0256 UnhookRegistry: Kernel module file name: C:\windows\system32\ntkrnlpa.exe, base addr: 804D7000 14:29:54:640 0256 UnhookRegistry: Kernel local addr: A40000 14:29:54:640 0256 UnhookRegistry: KeServiceDescriptorTable addr: AC5700 14:29:54:640 0256 UnhookRegistry: KiServiceTable addr: A6D460 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey service number (local): 47 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey local addr: B8CFF2 14:29:54:640 0256 KLMD_OpenDevice: Trying to open KLMD device 14:29:54:640 0256 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 14:29:54:640 0256 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x805002C9[0x4] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey service number (kernel): 47 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x8050457C[0x4] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey real addr: 80623FF2 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey calc addr: 80623FF2 14:29:54:640 0256 UnhookRegistry: No SDT hooks found on NtEnumerateKey 14:29:54:640 0256 KLMD_ReadMem: Trying to ReadMemory 0x80623FF2[0xA] 14:29:54:640 0256 UnhookRegistry: Splicing found on NtEnumerateKey 14:29:54:640 0256 KLMD_WriteMem: Trying to WriteMemory 0x80623FF2[0xA] 14:29:54:640 0256 UnhookRegistry: NtEnumerateKey (Splicing) unhooked successfully 14:29:54:640 0256 Hidden service detected: H8SRTd.sys Type "delete" (without quotes) to delete it: 14:30:08:000 0256 14:30:08:000 0256 Scanning Kernel memory ... 14:30:08:000 0256 KLMD_OpenDevice: Trying to open KLMD device 14:30:08:000 0256 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 14:30:08:000 0256 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 14:30:08:000 0256 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 8A3D5890 14:30:08:000 0256 DetectCureTDL3: KLMD_GetDeviceObjectList returned 4 DevObjects 14:30:08:000 0256 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 8A2B3448 14:30:08:000 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A2B3448 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A2B3448[0x38] 14:30:08:000 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A3D5890 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D5890[0xA8] 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0xE14FF6A8[0x208] 14:30:08:000 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 14:30:08:000 0256 DetectCureTDL3: IrpHandler (0) addr: BA91EBB0 14:30:08:000 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (2) addr: BA91EBB0 14:30:08:000 0256 DetectCureTDL3: IrpHandler (3) addr: BA918D1F 14:30:08:000 0256 DetectCureTDL3: IrpHandler (4) addr: BA918D1F 14:30:08:000 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler ( addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (9) addr: BA9192E2 14:30:08:000 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (14) addr: BA9193BB 14:30:08:000 0256 DetectCureTDL3: IrpHandler (15) addr: BA91CF28 14:30:08:000 0256 DetectCureTDL3: IrpHandler (16) addr: BA9192E2 14:30:08:000 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (22) addr: BA91AC82 14:30:08:000 0256 DetectCureTDL3: IrpHandler (23) addr: BA91F99E 14:30:08:000 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:000 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:000 0256 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 14:30:08:000 0256 KLMD_ReadMem: DeviceIoControl error 1 14:30:08:000 0256 TDL3_StartIoHookDetect: Unable to get StartIo handler code 14:30:08:000 0256 TDL3_FileDetect: Processing driver: Disk 14:30:08:000 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 14:30:08:000 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 14:30:08:000 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 14:30:08:046 0256 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 89D5BAB8 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 89D5BAB8 14:30:08:046 0256 DetectCureTDL3: 1 Curr stack PDEVICE_OBJECT: 89ED9C10 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 89ED9C10 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x89ED9C10[0x38] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT addr: 89E2BA20 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x89E2BA20[0xA8] 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xE1521428[0x208] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR 14:30:08:046 0256 DetectCureTDL3: IrpHandler (0) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (2) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (3) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (4) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler ( addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (9) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (14) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (15) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (16) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (22) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (23) addr: 89B021F8 14:30:08:046 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xB5F1CF26[0x400] 14:30:08:046 0256 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 0, 0 14:30:08:046 0256 TDL3_FileDetect: Processing driver: USBSTOR 14:30:08:046 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\usbstor.sys, C:\WINDOWS\system32\Drivers\usbstor.tsk, SYSTEM\CurrentControlSet\Services\USBSTOR, system32\Drivers\usbstor.tsk 14:30:08:046 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\usbstor.sys 14:30:08:046 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\usbstor.sys 14:30:08:046 0256 DetectCureTDL3: 2 Curr stack PDEVICE_OBJECT: 8A3D8738 14:30:08:046 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A3D8738 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D8738[0x38] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A3D5890 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A3D5890[0xA8] 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0xE14FF6A8[0x208] 14:30:08:046 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk 14:30:08:046 0256 DetectCureTDL3: IrpHandler (0) addr: BA91EBB0 14:30:08:046 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (2) addr: BA91EBB0 14:30:08:046 0256 DetectCureTDL3: IrpHandler (3) addr: BA918D1F 14:30:08:046 0256 DetectCureTDL3: IrpHandler (4) addr: BA918D1F 14:30:08:046 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler ( addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (9) addr: BA9192E2 14:30:08:046 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (14) addr: BA9193BB 14:30:08:046 0256 DetectCureTDL3: IrpHandler (15) addr: BA91CF28 14:30:08:046 0256 DetectCureTDL3: IrpHandler (16) addr: BA9192E2 14:30:08:046 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (22) addr: BA91AC82 14:30:08:046 0256 DetectCureTDL3: IrpHandler (23) addr: BA91F99E 14:30:08:046 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:046 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:046 0256 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 14:30:08:046 0256 KLMD_ReadMem: DeviceIoControl error 1 14:30:08:046 0256 TDL3_StartIoHookDetect: Unable to get StartIo handler code 14:30:08:046 0256 TDL3_FileDetect: Processing driver: Disk 14:30:08:046 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\disk.sys, C:\WINDOWS\system32\Drivers\disk.tsk, SYSTEM\CurrentControlSet\Services\Disk, system32\Drivers\disk.tsk 14:30:08:046 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\disk.sys 14:30:08:046 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\disk.sys 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A55B8E8 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A55B8E8 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A4A0BF8 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A4A0BF8 14:30:08:062 0256 DetectCureTDL3: 3 Curr stack PDEVICE_OBJECT: 8A48DD98 14:30:08:062 0256 KLMD_GetLowerDeviceObject: Trying to get lower device object for 8A48DD98 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A48DD98[0x38] 14:30:08:062 0256 DetectCureTDL3: DRIVER_OBJECT addr: 8A49A968 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0x8A49A968[0xA8] 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0xE1017A50[0x208] 14:30:08:062 0256 DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi 14:30:08:062 0256 DetectCureTDL3: IrpHandler (0) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (1) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (2) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (3) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (4) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (5) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (6) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (7) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler ( addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (9) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (10) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (11) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (12) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (13) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (14) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (15) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (16) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (17) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (18) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (19) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (20) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (21) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (22) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (23) addr: BA5FBB40 14:30:08:062 0256 DetectCureTDL3: IrpHandler (24) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (25) addr: 804F4562 14:30:08:062 0256 DetectCureTDL3: IrpHandler (26) addr: 804F4562 14:30:08:062 0256 KLMD_ReadMem: Trying to ReadMemory 0xBA5F9864[0x400] 14:30:08:062 0256 TDL3_StartIoHookDetect: CheckParameters: 0, 0, 316, 0 14:30:08:062 0256 TDL3_FileDetect: Processing driver: atapi 14:30:08:062 0256 TDL3_FileDetect: Parameters: C:\WINDOWS\system32\drivers\atapi.sys, C:\WINDOWS\system32\Drivers\atapi.tsk, SYSTEM\CurrentControlSet\Services\atapi, system32\Drivers\atapi.tsk 14:30:08:062 0256 TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\drivers\atapi.sys 14:30:08:062 0256 KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\drivers\atapi.sys 14:30:08:062 0256 Completed Results: 14:30:08:062 0256 Infected objects in memory: 0 14:30:08:062 0256 Cured objects in memory: 0 14:30:08:062 0256 Infected objects on disk: 0 14:30:08:062 0256 Objects on disk cured on reboot: 0 14:30:08:062 0256 Objects on disk deleted on reboot: 0 14:30:08:062 0256 Registry nodes deleted on reboot: 0 14:30:08:062 0256