Win32:Beagle-AAW [Trj] et idem mais en rootkit Voilà les nom des coupables.
A chaque démarrage de l'ordi ils se remetttent et sont detectés par avast ?? c'est lourd avast n'arrete pas de s'allumer!!
Voilà mon rapport Hi jack
Logfile of HijackThis v1.99.1
Scan saved at 18:03:28, on 19/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
E:\divers logiciels\hijackthis\test.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [drvsyskit] C:\WINDOWS\system32\drivers\hldrrr.exe
O4 - HKCU\..\Run: [mule_st_key] C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0060641078
O17 - HKLM\System\CCS\Services\Tcpip\..\{2557AA90-3FEF-4D1D-8478-9BB1AA3E1A81}: NameServer = 212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Merci de m'expliquer la marche à suivre svp, je suppose des manip en mode ss echec...??
Je reviens ds 1h a peu pres...Merci bcp!
svp, je ne sais pas quoi faire
Un bonjour ?
Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !
- Télécharge ComboFix (sUBs) sur ton Bureau.
- Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
- Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
Répondre à Angeldark
Voilà le rapport :
ComboFix 08-05-15.3 - Administrateur 2008-05-19 21:58:23.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.323 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrateur\Application Data\m
C:\Documents and Settings\Administrateur\Application Data\m\data.oct
C:\Documents and Settings\Administrateur\Application Data\m\flec006.exe
C:\Documents and Settings\Administrateur\Application Data\m\list.oct
C:\Documents and Settings\Administrateur\Application Data\m\shared
C:\Documents and Settings\Administrateur\Application Data\m\shared\[ITA].-.NOD32.W98&WNT.-.2.51.26.+.FIX.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\000-639_-_Rational_Unified_Process_Practice_Exam_Questions_1.0_Patch.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\3D_Hand_Clock_4.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Advanced Password Generator 3.09.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Advent_RSS_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Allok_Video_to_MP4_Converter_4.2.0709.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\AnyBook_Professional_IV_-_Publishers_Business_Kit_10.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Batch Replacer for MS PowerPoint 2.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Bid-n-Invoice_Landlord_2.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\BigSpeed Voice Chat SDK 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\BloodPressMgr 2.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Bluefire 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CAD Image 6.1.0.54.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Chat_Kitty_Screensaver_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Cisco_642-511_Exam_Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CLogFile 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\COMET Font 1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Convert 1.0.0.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Cool_Find_1.16.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CRM-Express Standard 3.20 [KeyGen].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\CTBar_2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Dewqs'_Junk_Mail_Spittoon_2.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Digital Image Tool 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Digital_Diary_3.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\DNA Counter 1.0.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy Website Blocker 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Easy_POS_5.28.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\eDrum_MIDI_Mapper_1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Elephant Backup 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Email_Extractor_1.0_Key.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Excel_Compare_2.0.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Excellence_AVI_MPEG_WAV_WMA_To_Mp3_Converter_1.0_Serial.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Extension renamer 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\EZ_IE_Backup_Pro_4.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\File_Wipe_2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FireLite_Virus_Scanner_2.7.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FlippingBook SWF Object 1.8.8.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\FolderTrek 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Football ScoreBook 2.1h.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\g3BlindTimer_2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Generic spreadsheet Charts 1.0.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\GOGO Picture Viewer ActiveX Control 4.27.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Grid Imp 2.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\HTMLSpy 1.04.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\HyperLabel_1.0.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\IMAGE2PDF 1.1.1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\iNetBau_PlotManager_5.0.9_[Key].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Internet Password Pro 1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\IP_SpaceMon 3.5.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\iPod Download 2.5.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\JpegStripper_1.3.1.13.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Kaspersky.Security.for.PDA.v5.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Leithauser Research EBook Reader - Jokes For All Occassions 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Russian 4.0.22.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Lock My PC 4.6.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\LyricFX_-_Find_Song_Lyrics_2.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Macromedia_Fireworks_8.0.0.777_Cracked.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\MAPILab_Share_n_Sync_1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Math Kards 1.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\McAfee.Active.VirusScan.SMB.Edition.[shareprovider.com].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Metadata Analyzer 2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mirador_Instant_Messenger_4.0.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Misfit Model 3D 1.3.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Mojopac_1.0.2.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Movavi Zune Video Converter 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\NCTAudioStudio_ActiveX_DLL.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Network Information Requester 1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Network_Monitor_Widget_1.3.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Nod32.Antivirus.2.51.8.Xp.Winserver2003.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Onlineeye_Pro_2.0_Beta_1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\OTTER_1.3.26.129.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pamela_for_Skype_-_Basic_Version_1.38a.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PC_Shower_2007_1.0_(Key).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PhotoAcute_Studio_2.51.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PhotoPlayer_6.07_Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Poison_Screensaver_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pol-IP 1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pop Magic 1.0.0.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\popStumbler_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PopUpCop 2.5.0.65.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Power_Equipment_1.03.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Private Notetaker 2.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Pro Tools M-Powered 7.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Protaxis_Planet_of_Domains_1.01.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\PSP_Shuffle_1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\QtiPlot_0.9_RC2_[Key].zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\QuoteDownload_1.1.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\RegCompact_Pro_0.1.8_Serial.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Robohordes_demo.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Ruler Opera Widget 0.2.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SearchIt_in_Google_1.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Secret_Of_The_Seven_Scrolls_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Secure Notes Organizer 3.0.11.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\ServiceMY 1.142.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Shooting_Star_2.5.11_Crack.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\ShootIt 3.5.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Shop-Script_PRO_2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Shorty_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Sketcher 2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SLGallery 1.2.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SMART_School_Conduct_1.1.4_(Key+Serial).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SpectraScope_2.86_(Key+Serial).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\SpyAOL_9.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Stop The Popup 4.1.0.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Symantec.AntiVirus.for.VISTA.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Tables Transformer for Excel 1.1.4.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Thanksgiving Icons 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\The Black Knight 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\The Elder Scrolls III Morrowind - Sheikizza's Daedric Armor mod.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\THnotes_1.3.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Time_Organizer_1.0_(Crack).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\TProgressDrum_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\TweakMP 6.0.2600.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Unclaimed_Money_4.4.304_(KeyGen).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\UnPowerIt_Now_1.06.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\URL_Keeper_1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Vegas Vault 1.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\VeroCAD 3.42.268.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Visual Requirements 1.4.8 (Key).zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Web2Pic_Pro_1.2.8.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Workspace Translator 1.0.2.0.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\World of Warcraft Alliance Tossing movie.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Yahoo!_Go_for_TV_0.2.55_Beta.zip
C:\Documents and Settings\Administrateur\Application Data\m\shared\Zero-X_Seamless_Looper_1.51.zip
C:\Documents and Settings\Administrateur\Application Data\m\srvlist.oct
C:\Documents and Settings\Administrateur\new.txt
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\drivers\downld\108859.exe
C:\WINDOWS\system32\drivers\downld\111125.exe
C:\WINDOWS\system32\drivers\downld\116984.exe
C:\WINDOWS\system32\drivers\downld\124843.exe
C:\WINDOWS\system32\drivers\downld\126500.exe
C:\WINDOWS\system32\drivers\downld\139671.exe
C:\WINDOWS\system32\drivers\downld\162406.exe
C:\WINDOWS\system32\drivers\downld\177843.exe
C:\WINDOWS\system32\drivers\downld\187500.exe
C:\WINDOWS\system32\drivers\downld\188265.exe
C:\WINDOWS\system32\drivers\downld\199218.exe
C:\WINDOWS\system32\drivers\downld\212171.exe
C:\WINDOWS\system32\drivers\downld\214109.exe
C:\WINDOWS\system32\drivers\downld\215937.exe
C:\WINDOWS\system32\drivers\downld\226453.exe
C:\WINDOWS\system32\drivers\downld\237484.exe
C:\WINDOWS\system32\drivers\downld\24003812.exe
C:\WINDOWS\system32\drivers\downld\297718.exe
C:\WINDOWS\system32\drivers\downld\313375.exe
C:\WINDOWS\system32\drivers\downld\334671.exe
C:\WINDOWS\system32\drivers\downld\412953.exe
C:\WINDOWS\system32\drivers\downld\432671.exe
C:\WINDOWS\system32\drivers\downld\444968.exe
C:\WINDOWS\system32\drivers\downld\57593.exe
C:\WINDOWS\system32\drivers\downld\60109.exe
C:\WINDOWS\system32\drivers\downld\71625.exe
C:\WINDOWS\system32\drivers\downld\76671.exe
C:\WINDOWS\system32\drivers\downld\78421.exe
C:\WINDOWS\system32\drivers\downld\88484.exe
C:\WINDOWS\system32\drivers\downld\95812.exe
C:\WINDOWS\system32\drivers\downld\96500.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\mdelk.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))
.
2008-05-05 23:26 . 2008-05-16 12:34 38 --a------ C:\WINDOWS\avisplitter.INI
2008-04-24 10:27 . 2008-04-24 10:27 <REP> d-------- C:\Program Files\K-Lite Codec Pack
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-19 14:21 --------- d-----w C:\Program Files\eMule
2008-05-09 10:42 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-24 08:22 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-24 08:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-09 15:07 --------- d-----w C:\Program Files\ultra pinball
2008-04-09 13:22 --------- d-----w C:\Program Files\Panasonic
2008-03-31 21:25 682,496 ----a-w C:\WINDOWS\system32\divx.dll
2008-03-28 17:41 7,680 ----a-w C:\WINDOWS\system32\ff_vfw.dll
2008-03-21 20:30 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:28 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2008-03-18 15:17 18,448 ----a-w C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
.
------- Sigcheck -------
2005-09-18 12:52 359936 dbc20c4332fe84b826530c49ae09721e C:\WINDOWS\system32\drivers\tcpip.sys
2005-09-17 15:37 2120704 685a3d6f43e5047f733b7150a78d0eae C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29 165784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-05-16 01:19 79224]
"DXDllRegExe"="dxdllreg.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nlsf"="cmd.exe" [2004-08-04 06:54 400896 C:\WINDOWS\system32\cmd.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-04 06:37 44544]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"= 0 (0x0)
"NoFind"= 0 (0x0)
"NoRun"= 0 (0x0)
"NoDesktop"= 0 (0x0)
"NoClose"= 0 (0x0)
"StartMenuLogOff"= 0 (0x0)
"HideClock"= 0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 0 (0x0)
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"ForceClassicControlPanel"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\policies\microsoft\windows\windowsupdate\au]
"NoAutoUpdate"= 1 (0x1)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"=hex(2):6c,6f,67,6f,6e,75,69,32,2e,65,78,65,00
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.SP53"= SP5X_32.DLL
"VIDC.SP54"= SP5X_32.DLL
"VIDC.SP55"= SP5X_32.DLL
"VIDC.SP56"= SP5X_32.DLL
"VIDC.SP57"= SP5X_32.DLL
"VIDC.SP58"= SP5X_32.DLL
"VIDC.SP59"= SP5X_32.DLL
"VIDC.YV12"= yv12vfw.dll
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Acrobat Speed Launcher.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Acrobat Speed Launcher.lnk
backup=C:\WINDOWS\pss\Adobe Acrobat Speed Launcher.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LUMIX Simple Viewer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LUMIX Simple Viewer.lnk
backup=C:\WINDOWS\pss\LUMIX Simple Viewer.lnkCommon Startup
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXDllRegExe]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2003-06-25 12:24 49152 C:\Program Files\HP\HP Software Update\HPWuSchd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPpromo psc 1300 series]
--a------ 2003-10-09 12:17 126976 C:\Program Files\HP\Digital Imaging\Promotions\HPpromo.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechGalleryRepair]
--a------ 2002-12-10 19:32 155648 C:\Program Files\Logitech\ImageStudio\ISStart.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechImageStudioTray]
--a------ 2002-12-10 19:31 61440 C:\Program Files\Logitech\ImageStudio\LogiTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
--a------ 2002-12-10 18:54 127022 C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 13:55 5674352 C:\Program Files\MSN Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 12:50 155648 C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2005-06-03 04:52 36975 C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2002-06-10 15:21]
R3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2002-06-10 15:24]
S3 VNic;ULan Network Driver Module;C:\WINDOWS\system32\DRIVERS\VNic.sys [2003-08-20 12:09]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6182cb32-41c7-11dc-97b3-00a1b008a11e}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(0)\command - Recycled\ctfmon.exe
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-19 22:01:12
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-05-19 22:05:34
ComboFix-quarantined-files.txt 2008-05-19 20:05:30
Pre-Run: 3,258,171,392 octets libres
Post-Run: 3,540,750,336 octets libres
305
Merci de me dire ce qu'il faut faire, je reste connecté
Re- bonjour,
Ce matin mon ordi me mettait une fenetre, "protection de fichiers windows" me disant qu'il faut que je mette mon CD windows service pack 2 car des fichiers DLL doivent etre copiés.......Je pense que ça sent mauvais non ?
Apparement le fait de m'etre servis de cumbofix a du m'enlever les cheveaux de troie car avast ne les detectent plus...
Que dois faire maintenant svp ? Mettre mon cd d'installation de wind ? ( que je n'ai plus d'ailleurs!)
Merci d'avance
Reposte un rapport Hijackthis, on va s'en charger 
Répondre à Angeldark
Hop, re bonjour, voilà le rapport hi-jack:
Logfile of HijackThis v1.99.1
Scan saved at 15:20:46, on 20/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\divers logiciels\hijackthis\test.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0060641078
O17 - HKLM\System\CCS\Services\Tcpip\..\{2557AA90-3FEF-4D1D-8478-9BB1AA3E1A81}: NameServer = 212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Merci d'avance
Re,
Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir
Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic
Répondre à Angeldark
Re,
Alors ce fut long......mais voilà le rapport après le scan
Avira AntiVir Personal
Report file date: mardi 20 mai 2008 21:51
Scanning for 1281002 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: WINXTREME
Version information:
BUILD.DAT : 8.1.00.296 16479 Bytes 29/04/2008 10:47:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 20/05/2008 19:50:39
AVSCAN.DLL : 8.1.1.0 53505 Bytes 20/05/2008 19:50:39
LUKE.DLL : 8.1.2.9 151809 Bytes 20/05/2008 19:50:39
LUKERES.DLL : 8.1.2.1 12033 Bytes 20/05/2008 19:50:39
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:50:40
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 19:50:40
ANTIVIR3.VDF : 7.0.4.69 76288 Bytes 20/05/2008 19:50:40
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 20/05/2008 19:50:40
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 20/05/2008 19:50:40
AESCN.DLL : 8.1.0.18 119156 Bytes 20/05/2008 19:50:40
AERDL.DLL : 8.1.0.20 418165 Bytes 20/05/2008 19:50:40
AEPACK.DLL : 8.1.1.5 364918 Bytes 20/05/2008 19:50:40
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 20/05/2008 19:50:40
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 20/05/2008 19:50:40
AEHELP.DLL : 8.1.0.14 115063 Bytes 20/05/2008 19:50:40
AEGEN.DLL : 8.1.0.21 303477 Bytes 20/05/2008 19:50:40
AEEMU.DLL : 8.1.0.6 430451 Bytes 20/05/2008 19:50:40
AECORE.DLL : 8.1.0.29 168311 Bytes 20/05/2008 19:50:40
AVWINLL.DLL : 1.0.0.7 14593 Bytes 20/05/2008 19:50:39
AVPREF.DLL : 8.0.0.1 25857 Bytes 20/05/2008 19:50:39
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVREG.DLL : 8.0.0.0 30977 Bytes 20/05/2008 19:50:39
AVARKT.DLL : 1.0.0.23 307457 Bytes 20/05/2008 19:50:38
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 20/05/2008 19:50:38
SQLITE3.DLL : 3.3.17.1 339968 Bytes 20/05/2008 19:50:39
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 20/05/2008 19:50:39
NETNT.DLL : 8.0.0.1 7937 Bytes 20/05/2008 19:50:39
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 20/05/2008 19:50:36
RCTEXT.DLL : 8.0.32.0 86273 Bytes 20/05/2008 19:50:36
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mardi 20 mai 2008 21:51
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
23 processes with 23 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '25' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\data.oct.vir
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737aa.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\flec006.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '489837b9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\000-639_-_Rational_Unified_Process_Practice_Exam_Questions_1.0_Patch.zip.vir
[0] Archive type: ZIP
--> 000-639_-_Rational_Unified_Process_Practice_Exam_Questions_1.0_Patch.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48633780.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\3D_Hand_Clock_4.0.zip.vir
[0] Archive type: ZIP
--> 3D_Hand_Clock_4.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48923796.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Advanced Password Generator 3.09.zip.vir
[0] Archive type: ZIP
--> Advanced Password Generator 3.09.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a937b8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Advent_RSS_1.0.zip.vir
[0] Archive type: ZIP
--> Advent_RSS_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a937ba.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Allok_Video_to_MP4_Converter_4.2.0709.zip.vir
[0] Archive type: ZIP
--> Allok_Video_to_MP4_Converter_4.2.0709.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37c4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\AnyBook_Professional_IV_-_Publishers_Business_Kit_10.zip.vir
[0] Archive type: ZIP
--> AnyBook_Professional_IV_-_Publishers_Business_Kit_10.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48ac37c7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Batch Replacer for MS PowerPoint 2.4.zip.vir
[0] Archive type: ZIP
--> Batch Replacer for MS PowerPoint 2.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737bc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Bid-n-Invoice_Landlord_2.2.zip.vir
[0] Archive type: ZIP
--> Bid-n-Invoice_Landlord_2.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489737c8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\BigSpeed Voice Chat SDK 1.0.zip.vir
[0] Archive type: ZIP
--> BigSpeed Voice Chat SDK 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489a37c8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\BloodPressMgr 2.7.zip.vir
[0] Archive type: ZIP
--> BloodPressMgr 2.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237cc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Bluefire 1.0.zip.vir
[0] Archive type: ZIP
--> Bluefire 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a837cc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CAD Image 6.1.0.54.zip.vir
[0] Archive type: ZIP
--> CAD Image 6.1.0.54.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487737a2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Chat_Kitty_Screensaver_1.0.zip.vir
[0] Archive type: ZIP
--> Chat_Kitty_Screensaver_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489437c9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Cisco_642-511_Exam_Crack.zip.vir
[0] Archive type: ZIP
--> Cisco_642-511_Exam_Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a637cb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CLogFile 1.0.zip.vir
[0] Archive type: ZIP
--> CLogFile 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237ae.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\COMET Font 1.2.zip.vir
[0] Archive type: ZIP
--> COMET Font 1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488037b2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Convert 1.0.0.1.zip.vir
[0] Archive type: ZIP
--> Convert 1.0.0.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a137d2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Cool_Find_1.16.zip.vir
[0] Archive type: ZIP
--> Cool_Find_1.16.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237d3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CRM-Express Standard 3.20 [KeyGen].zip.vir
[0] Archive type: ZIP
--> CRM-Express Standard 3.20 [KeyGen].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488037b6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\CTBar_2.0.zip.vir
[0] Archive type: ZIP
--> CTBar_2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487537b9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Dewqs'_Junk_Mail_Spittoon_2.7.zip.vir
[0] Archive type: ZIP
--> Dewqs'_Junk_Mail_Spittoon_2.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48aa37ca.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Digital Image Tool 1.0.zip.vir
[0] Archive type: ZIP
--> Digital Image Tool 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489a37cf.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Digital_Diary_3.5.zip.vir
[0] Archive type: ZIP
--> Digital_Diary_3.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '493a8270.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\DNA Counter 1.0.3.zip.vir
[0] Archive type: ZIP
--> DNA Counter 1.0.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487437b5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Easy Website Blocker 1.0.zip.vir
[0] Archive type: ZIP
--> Easy Website Blocker 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a637c8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Easy_POS_5.28.zip.vir
[0] Archive type: ZIP
--> Easy_POS_5.28.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a637c9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\eDrum_MIDI_Mapper_1.1.zip.vir
[0] Archive type: ZIP
--> eDrum_MIDI_Mapper_1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537ac.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Elephant Backup 1.0.zip.vir
[0] Archive type: ZIP
--> Elephant Backup 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837d5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Email_Extractor_1.0_Key.zip.vir
[0] Archive type: ZIP
--> Email_Extractor_1.0_Key.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489437d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Excellence_AVI_MPEG_WAV_WMA_To_Mp3_Converter_1.0_Serial.zip.vir
[0] Archive type: ZIP
--> Excellence_AVI_MPEG_WAV_WMA_To_Mp3_Converter_1.0_Serial.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489637e2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Excel_Compare_2.0.3.zip.vir
[0] Archive type: ZIP
--> Excel_Compare_2.0.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49368243.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Extension renamer 1.0.zip.vir
[0] Archive type: ZIP
--> Extension renamer 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737e3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\EZ_IE_Backup_Pro_4.0.zip.vir
[0] Archive type: ZIP
--> EZ_IE_Backup_Pro_4.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489237c6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\File_Wipe_2.zip.vir
[0] Archive type: ZIP
--> File_Wipe_2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37d5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FireLite_Virus_Scanner_2.7.zip.vir
[0] Archive type: ZIP
--> FireLite_Virus_Scanner_2.7.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FlippingBook SWF Object 1.8.8.zip.vir
[0] Archive type: ZIP
--> FlippingBook SWF Object 1.8.8.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37d9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\FolderTrek 1.0.zip.vir
[0] Archive type: ZIP
--> FolderTrek 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37dd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Football ScoreBook 2.1h.zip.vir
[0] Archive type: ZIP
--> Football ScoreBook 2.1h.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237dd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\g3BlindTimer_2.zip.vir
[0] Archive type: ZIP
--> g3BlindTimer_2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487537a1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Generic spreadsheet Charts 1.0.1.zip.vir
[0] Archive type: ZIP
--> Generic spreadsheet Charts 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a137d4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\GOGO Picture Viewer ActiveX Control 4.27.zip.vir
[0] Archive type: ZIP
--> GOGO Picture Viewer ActiveX Control 4.27.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487a37be.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Grid Imp 2.2.zip.vir
[0] Archive type: ZIP
--> Grid Imp 2.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37e2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\HTMLSpy 1.04.zip.vir
[0] Archive type: ZIP
--> HTMLSpy 1.04.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488037c4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\HyperLabel_1.0.1.zip.vir
[0] Archive type: ZIP
--> HyperLabel_1.0.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a337ea.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\IMAGE2PDF 1.1.1.0.zip.vir
[0] Archive type: ZIP
--> IMAGE2PDF 1.1.1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487437be.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\iNetBau_PlotManager_5.0.9_[Key].zip.vir
[0] Archive type: ZIP
--> iNetBau_PlotManager_5.0.9_[Key].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837c0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Internet Password Pro 1.zip.vir
[0] Archive type: ZIP
--> Internet Password Pro 1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737e0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\iPod Download 2.5.0.zip.vir
[0] Archive type: ZIP
--> iPod Download 2.5.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237c3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\IP_SpaceMon 3.5.5.zip.vir
[0] Archive type: ZIP
--> IP_SpaceMon 3.5.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489237c3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\JpegStripper_1.3.1.13.zip.vir
[0] Archive type: ZIP
--> JpegStripper_1.3.1.13.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837e4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Kaspersky.Security.for.PDA.v5.0.zip.vir
[0] Archive type: ZIP
--> Kaspersky.Security.for.PDA.v5.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a637d5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Leithauser Research EBook Reader - Jokes For All Occassions 1.0.zip.vir
[0] Archive type: ZIP
--> Leithauser Research EBook Reader - Jokes For All Occassions 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LingvoSoft Dictionary 2007 English - Russian 4.0.22.zip.vir
[0] Archive type: ZIP
--> LingvoSoft Dictionary 2007 English - Russian 4.0.22.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a137de.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Lock My PC 4.6.zip.vir
[0] Archive type: ZIP
--> Lock My PC 4.6.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489637e4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\LyricFX_-_Find_Song_Lyrics_2.5.zip.vir
[0] Archive type: ZIP
--> LyricFX_-_Find_Song_Lyrics_2.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537ef.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Macromedia_Fireworks_8.0.0.777_Cracked.zip.vir
[0] Archive type: ZIP
--> Macromedia_Fireworks_8.0.0.777_Cracked.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489637d7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\MAPILab_Share_n_Sync_1.2.zip.vir
[0] Archive type: ZIP
--> MAPILab_Share_n_Sync_1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488337b8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Math Kards 1.4.zip.vir
[0] Archive type: ZIP
--> Math Kards 1.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737d8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\McAfee.Active.VirusScan.SMB.Edition.[shareprovider.com].zip.vir
[0] Archive type: ZIP
--> McAfee.Active.VirusScan.SMB.Edition.[shareprovider.com].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487437db.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Metadata Analyzer 2.zip.vir
[0] Archive type: ZIP
--> Metadata Analyzer 2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737dd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mirador_Instant_Messenger_4.0.2.zip.vir
[0] Archive type: ZIP
--> Mirador_Instant_Messenger_4.0.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537e3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Misfit Model 3D 1.3.4.zip.vir
[0] Archive type: ZIP
--> Misfit Model 3D 1.3.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a637e3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Mojopac_1.0.2.5.zip.vir
[0] Archive type: ZIP
--> Mojopac_1.0.2.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489d37e9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Movavi Zune Video Converter 1.0.zip.vir
[0] Archive type: ZIP
--> Movavi Zune Video Converter 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a937ea.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\NCTAudioStudio_ActiveX_DLL.zip.vir
[0] Archive type: ZIP
--> NCTAudioStudio_ActiveX_DLL.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488737be.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Network Information Requester 1.1.zip.vir
[0] Archive type: ZIP
--> Network Information Requester 1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a737e1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Network_Monitor_Widget_1.3.1.zip.vir
[0] Archive type: ZIP
--> Network_Monitor_Widget_1.3.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49257452.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Nod32.Antivirus.2.51.8.Xp.Winserver2003.zip.vir
[0] Archive type: ZIP
--> Nod32.Antivirus.2.51.8.Xp.Winserver2003.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489737ed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Onlineeye_Pro_2.0_Beta_1.zip.vir
[0] Archive type: ZIP
--> Onlineeye_Pro_2.0_Beta_1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37ec.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\OTTER_1.3.26.129.zip.vir
[0] Archive type: ZIP
--> OTTER_1.3.26.129.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488737d3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Pamela_for_Skype_-_Basic_Version_1.38a.zip.vir
[0] Archive type: ZIP
--> Pamela_for_Skype_-_Basic_Version_1.38a.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a037e0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PC_Shower_2007_1.0_(Key).zip.vir
[0] Archive type: ZIP
--> PC_Shower_2007_1.0_(Key).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489237c2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PhotoAcute_Studio_2.51.zip.vir
[0] Archive type: ZIP
--> PhotoAcute_Studio_2.51.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237e8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PhotoPlayer_6.07_Crack.zip.vir
[0] Archive type: ZIP
--> PhotoPlayer_6.07_Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49028249.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Poison_Screensaver_1.0.zip.vir
[0] Archive type: ZIP
--> Poison_Screensaver_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37f0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Pol-IP 1.1.zip.vir
[0] Archive type: ZIP
--> Pol-IP 1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37f0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Pop Magic 1.0.0.4.zip.vir
[0] Archive type: ZIP
--> Pop Magic 1.0.0.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a337f1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\popStumbler_1.0.zip.vir
[0] Archive type: ZIP
--> popStumbler_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49038252.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PopUpCop 2.5.0.65.zip.vir
[0] Archive type: ZIP
--> PopUpCop 2.5.0.65.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a337f2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Power_Equipment_1.03.zip.vir
[0] Archive type: ZIP
--> Power_Equipment_1.03.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48aa37f2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Private Notetaker 2.1.zip.vir
[0] Archive type: ZIP
--> Private Notetaker 2.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37f6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Pro Tools M-Powered 7.4.zip.vir
[0] Archive type: ZIP
--> Pro Tools M-Powered 7.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237f6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Protaxis_Planet_of_Domains_1.01.zip.vir
[0] Archive type: ZIP
--> Protaxis_Planet_of_Domains_1.01.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237f7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\PSP_Shuffle_1.1.zip.vir
[0] Archive type: ZIP
--> PSP_Shuffle_1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488337d8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\QtiPlot_0.9_RC2_[Key].zip.vir
[0] Archive type: ZIP
--> QtiPlot_0.9_RC2_[Key].exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489c37fb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\QuoteDownload_1.1.zip.vir
[0] Archive type: ZIP
--> QuoteDownload_1.1.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237fc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\RegCompact_Pro_0.1.8_Serial.zip.vir
[0] Archive type: ZIP
--> RegCompact_Pro_0.1.8_Serial.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489a37ed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Robohordes_demo.zip.vir
[0] Archive type: ZIP
--> Robohordes_demo.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489537f7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Ruler Opera Widget 0.2.4.zip.vir
[0] Archive type: ZIP
--> Ruler Opera Widget 0.2.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489f37fd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SearchIt_in_Google_1.5.zip.vir
[0] Archive type: ZIP
--> SearchIt_in_Google_1.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489437ee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Secret_Of_The_Seven_Scrolls_1.0.zip.vir
[0] Archive type: ZIP
--> Secret_Of_The_Seven_Scrolls_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489637ee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Secure Notes Organizer 3.0.11.zip.vir
[0] Archive type: ZIP
--> Secure Notes Organizer 3.0.11.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489637ef.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\ServiceMY 1.142.zip.vir
[0] Archive type: ZIP
--> ServiceMY 1.142.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49058250.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Shooting_Star_2.5.11_Crack.zip.vir
[0] Archive type: ZIP
--> Shooting_Star_2.5.11_Crack.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237f2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\ShootIt 3.5.zip.vir
[0] Archive type: ZIP
--> ShootIt 3.5.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237f3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Shop-Script_PRO_2.0.zip.vir
[0] Archive type: ZIP
--> Shop-Script_PRO_2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49028254.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Shorty_1.0.zip.vir
[0] Archive type: ZIP
--> Shorty_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a237f4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Sketcher 2.0.zip.vir
[0] Archive type: ZIP
--> Sketcher 2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837f7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SLGallery 1.2.zip.vir
[0] Archive type: ZIP
--> SLGallery 1.2.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487a37d9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SMART_School_Conduct_1.1.4_(Key+Serial).zip.vir
[0] Archive type: ZIP
--> SMART_School_Conduct_1.1.4_(Key+Serial).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487437da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SpectraScope_2.86_(Key+Serial).zip.vir
[0] Archive type: ZIP
--> SpectraScope_2.86_(Key+Serial).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837fe.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\SpyAOL_9.zip.vir
[0] Archive type: ZIP
--> SpyAOL_9.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48ac37fe.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Stop The Popup 4.1.0.0.zip.vir
[0] Archive type: ZIP
--> Stop The Popup 4.1.0.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a23803.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Symantec.AntiVirus.for.VISTA.zip.vir
[0] Archive type: ZIP
--> Symantec.AntiVirus.for.VISTA.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a03808.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Tables Transformer for Excel 1.1.4.zip.vir
[0] Archive type: ZIP
--> Tables Transformer for Excel 1.1.4.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489537f1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Thanksgiving Icons 1.0.zip.vir
[0] Archive type: ZIP
--> Thanksgiving Icons 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489437f8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\The Black Knight 1.0.zip.vir
[0] Archive type: ZIP
--> The Black Knight 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837f9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\The Elder Scrolls III Morrowind - Sheikizza's Daedric Armor mod.zip.vir
[0] Archive type: ZIP
--> The Elder Scrolls III Morrowind - Sheikizza's Daedric Armor mod.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837fa.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\THnotes_1.3.zip.vir
[0] Archive type: ZIP
--> THnotes_1.3.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a137da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Time_Organizer_1.0_(Crack).zip.vir
[0] Archive type: ZIP
--> Time_Organizer_1.0_(Crack).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a037fc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\TProgressDrum_1.0.zip.vir
[0] Archive type: ZIP
--> TProgressDrum_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49058244.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\TweakMP 6.0.2600.zip.vir
[0] Archive type: ZIP
--> TweakMP 6.0.2600.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '4898380b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Unclaimed_Money_4.4.304_(KeyGen).zip.vir
[0] Archive type: ZIP
--> Unclaimed_Money_4.4.304_(KeyGen).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48963802.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\UnPowerIt_Now_1.06.zip.vir
[0] Archive type: ZIP
--> UnPowerIt_Now_1.06.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48833803.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\URL_Keeper_1.0.zip.vir
[0] Archive type: ZIP
--> URL_Keeper_1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '487f37e8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Vegas Vault 1.0.zip.vir
[0] Archive type: ZIP
--> Vegas Vault 1.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489a37fb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\VeroCAD 3.42.268.zip.vir
[0] Archive type: ZIP
--> VeroCAD 3.42.268.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537fb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Visual Requirements 1.4.8 (Key).zip.vir
[0] Archive type: ZIP
--> Visual Requirements 1.4.8 (Key).exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a63800.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Web2Pic_Pro_1.2.8.zip.vir
[0] Archive type: ZIP
--> Web2Pic_Pro_1.2.8.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489537fc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Workspace Translator 1.0.2.0.zip.vir
[0] Archive type: ZIP
--> Workspace Translator 1.0.2.0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a53807.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\World of Warcraft Alliance Tossing movie.zip.vir
[0] Archive type: ZIP
--> World of Warcraft Alliance Tossing movie.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49058da8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Yahoo!_Go_for_TV_0.2.55_Beta.zip.vir
[0] Archive type: ZIP
--> Yahoo!_Go_for_TV_0.2.55_Beta.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489b37fa.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\Zero-X_Seamless_Looper_1.51.zip.vir
[0] Archive type: ZIP
--> Zero-X_Seamless_Looper_1.51.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48a537fe.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Administrateur\Application Data\m\shared\[ITA].-.NOD32.W98&WNT.-.2.51.26.+.FIX.zip.vir
[0] Archive type: ZIP
--> [ITA].-.NOD32.W98&WNT.-.2.51.26.+.FIX.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '488737e3.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48973806.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '489837ff.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\313375.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486637ce.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\88484.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '486737d6.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP415\A0243842.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '4865381e.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP415\A0244810.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '4865381f.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP415\A0244835.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '48653820.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP416\A0246886.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '48653824.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP416\A0246895.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '48653825.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP416\A0246897.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '49feb7a6.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP416\A0246898.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.PV
[NOTE] The file was moved to '48653826.qua'!
C:\System Volume Information\_restore{9224F317-05AE-4134-B985-7C8BD6A40C98}\RP416\A0246899.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '49feb7a7.qua'!
C:\WINDOWS\system32\drivers\atapi.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\' <D -Bureautique Perso>
Begin scan in 'E:\' <E- Divers>
E:\System Volume Information\_restore{69A03050-91F7-47FB-B0CD-28042FA37955}\RP95\A0063726.EXE
[0] Archive type: ZIP SFX (self extracting)
--> AutoPlay/Docs/DVD.exe
[1] Archive type: RAR SFX (self extracting)
--> XtremeDVD.exe
[2] Archive type: ZIP SFX (self extracting)
--> AutoPlay/Docs/DvdReMake Pro.exe
[DETECTION] Is the Trojan horse TR/Agent.453632.A
[NOTE] The file was moved to '48633ccb.qua'!
End of the scan: mardi 20 mai 2008 23:03
Used time: 1:11:38 min
The scan has been done completely.
4367 Scanning directories
146875 Files were scanned
139 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
139 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
146736 Files not concerned
1058 Archives were scanned
3 Warnings
139 Notes
Re,
Je dois faire quoi angel dark stp ?
Il faut savoir qu'à chaque démarrage l'ordi me demande d'inserer windows wp , service pack 2, pour vérifier certains fichiers etc....
Merci d'avance
Reposte un rapport Hijackthis.
Tu vas faire la MaJ vers le SP3 qui devrait corriger tes derniers problèmes.
Répondre à Angeldark
Re,
Voilà le rapport hi-jack....je comprends pas trop comment vous arrivez à voir ce qui va de ce qui ne va pas sur l'ordi....c'est fabuleux! Pourtant je m'y connais un "tout ptit peu" mais les rapports hi-jack j'ai jamais compris!
Enfin voilà le mien:
Logfile of HijackThis v1.99.1
Scan saved at 15:22:27, on 21/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\divers logiciels\hijackthis\test.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wi [...] 0060641078
O17 - HKLM\System\CCS\Services\Tcpip\..\{2557AA90-3FEF-4D1D-8478-9BB1AA3E1A81}: NameServer = 212.27.54.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
C'est ok pour moi.
Répondre à Angeldark
re,
Tu m'as dis de faire "Tu vas faire la MaJ vers le SP3 qui devrait corriger tes derniers problèmes"...
Je fais comment pour ça ? Faut avoir automatiquement la bonne version d'xp etc...?
Merci déjà pour les virus
Suffit de te rendre sur le site Windows Update.
Répondre à Angeldark
En fait impossible de faire la mise à jour sans clé...Il y aurait pas une autre manip à faire svp ?
Tu n'as pas une vraie version de Windows ?
Répondre à Angeldark
Et non, pas sur cet ordinateur là...Et je lis sur telecharger.com des commentaires sur le SP2 qui me font douter de son efficacité si je dois le mettre à jour . Suis-je condamner à formater pour ne plus avoir ce message ?
Euh je parle du SP3, tu as déjà le SP2...
De toutes les façons, si tu as une version crakée, tu ne peux pas mettre le SP3.
Message édité par Angeldark le 22-05-2008 à 15:46:40
Répondre à Angeldark
Oui c'est bien celà.
Je suis alors condmané à voir ce message à chaque démarrage de l'ordi c'est bien celà ..?
Si c'est le cas je formatterais dans l'été quand j'aurais un peu plus le temps....
Je te remercie pr les virus!
++
Tu as suivis la démarche indiquée par ton pc ?
Répondre à Angeldark
Ben la démarche de mon PC serait de mettre mon cd SP2 pr mettre à jour les fichiers DLL mais je n'ai pas de cd !!! J'ai essayer de telecharger le SP2 sur telecharger.com et les avis des utilisateurs disent qu'avec cette mise à jour leur ordi est devenu bien plus lent...Donc je ne sais que faire.? Je mettrais bien un cd d'XP pr voir ce qu'il se passe, mais la version installé sur l'ordi et le cd que j'ai d'xp n'est pas la meme!!...
Verdict doc ?
Tu as du mal à comprendre ? Tu as déjà le SP2 d'installé sur ton pc !
Il faut un cd donc, télécharger le SP2 ne changera rien.
Répondre à Angeldark
Si j'ai bien compris que j'avais le SP2 sur mon ordi ! Seulement le mess d'erreur me le redemande. Il me faut donc un cd d'installation d'xp c'est ça?? je ne comprends plus...désolé......
Bah si tu n'as pas le cd, on ne peut pas faire grand chose.
Répondre à Angeldark
Il y a 1937 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
