Probleme virus

Bonjour,

Fais un clic droit sur ComboFix (de sUBs) et choisis Enregistrer la cible (du lien) sous.

Choisis le Bureau, insère un trait d'union entre Combo et Fix de telle manière à obtenir Combo-Fix.exe, puis choisis Enregistrer.

Désactive temporairement toute protection résidente ! (Antivirus, antispywares..)

Double clique sur ComboFix.exe.

Accepte la licence en cliquant sur Oui.

Lorsque l'opération sera terminée, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Le rapport se trouve ici : %systemdrive%\ComboFix.txt (%systemdrive% étant la partition où est installée Windows; C:\ en général)

Aide : Comment utiliser ComboFix.

 

Bonjour,

Télécharge Elibagla au bas de cette page.
Il est préférable pour certains antivirus de les désactiver avant d’entâmer cette procédure !

Clique sur le Descargar Elibagla afin de télécharger le fichier, enregistre-le sur ton Bureau.

Lance le en double cliquant dessus.

Vérifie que dans le menu déroulant Unidad, il y ait bien la racine de la racine de la partition où est installé Windows, généralement -> C:\

L'option Eliminar Ficheros Automaticamente doit également être cochée.

Clique sur Explorar pour lancer l'analyse.

Poste le rapport généré en fin fin d'analyse.

Note : Le rapport se trouve ici : C:\infosat.txt

Grilled  

Deja je ne peux pas lancer Combofix,parce que ça me dit application win32 n'est pas valide et l'autre logiciel,il se ferme avant d'avoir fini le scan...

Le scan ne s'est pas fait entierement mais je poste le raport quand meme


Thu Jul 31 15:04:27 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:03 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:07 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Thu Jul 31 15:05:30 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:33 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Thu Jul 31 15:07:42 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:07:52 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

 

Tu l'as bien renommé ? IL me semblait que Combofix avait été mis à jour.

Bon je laisse Michou alors puis que tu as fait sa manip'  

Oui je l'ai renommé,Qu'est ce que je peux faire????

Tu peux continuer si tu veux hein  

Non non vas-y, je te laisse ce sujet, no souci.  

ok ba si personne ne veut...chépa ce que je vais faire

Personne n'a d'idées?

Mais si  

Télécharge et exécute ça et poste-moi le rapport.

http://download.bleepingcomputer.com/sUBs/Beagled.exe

 

Je l'ai lancé ça me dit please wait,puis après ça à redémarrer mon pc,puis rien...mais j'ai l'impression que elibagla marche.

Enfin,j'ai le rapport


Thu Jul 31 15:04:27 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:03 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:07 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Thu Jul 31 15:05:30 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:05:33 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Thu Jul 31 15:07:42 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.65
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
Restaurada Clave: "SafeBoot\Minimal y Network"
Reinicie para Completar la Limpieza.

Thu Jul 31 15:07:52 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Thu Jul 31 15:39:24 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\DOCUMENTS AND SETTINGS\KOSMOS\APPLICATION DATA\M\FLEC006.EXE --> Eliminado Bagle

Thu Jul 31 15:41:34 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Eliminada Carpeta "%AppData%\M"

Thu Jul 31 15:41:36 2008
EliBagle v11.65 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Qoobox\Quarantine\C\WINDOWS\system32\MDELK.EXE.VIR --> Eliminado Bagle
C:\Qoobox\Quarantine\C\WINDOWS\system32\WINTEMS.EXE.VIR --> Eliminado Bagle
C:\Qoobox\Quarantine\C\WINDOWS\system32\drivers\SROSA.SYS.VIR --> Eliminado Bagle (rootkit)
C:\WINDOWS\system32\drivers\downld\100906.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1031375.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\107187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\111812.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\112890.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1567734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1570421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\160234.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1687265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1959390.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\200343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2027500.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2036750.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2038046.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2088718.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\211468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2120843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2243281.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2395875.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\241906.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\243187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2433609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2481468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2483531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2537609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2540000.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2999843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3079609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3081078.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3167343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3218078.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3299765.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3303031.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3304328.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3328968.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3344265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3373750.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3374906.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3380734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3382421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3430265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3431515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3468984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3500734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3514656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3546750.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3601000.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3671953.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3812203.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3815187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3878765.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3894828.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3896515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4027390.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4028328.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4103953.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4130812.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4145937.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4174531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4266109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4269296.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4312906.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4315000.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4440125.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4548625.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4550593.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4635718.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4637734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4681734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4683281.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4725656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4821578.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4854515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4910437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4982781.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5078468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5153453.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5154984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5196156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5197984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\519984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5299828.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5503515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5505515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5546078.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5547093.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5674218.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5732406.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5769343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5771531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5858359.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5859843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5950578.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6039265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\624421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\627953.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6341953.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6418531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6420437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6489421.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\6598562.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6620109.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\6653515.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6656796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6707156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6748234.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\6778796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6797578.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\6830375.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6887140.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\6922171.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7033937.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7080156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7146609.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\7179468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7230375.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\7319781.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\7354484.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7421312.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\75843.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\7749859.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\78421.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\7850562.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\8001890.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\8171890.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\8264656.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\83046.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\88296.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\88468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\887500.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\89531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\89828.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\932656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\934031.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\93968.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\94890.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\95125.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\96062.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\98437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\998171.EXE --> Eliminado Bagle

Nº Total de Directorios: 5406
Nº Total de Ficheros: 108788
Nº de Ficheros Analizados: 7498
Nº de Ficheros Infectados: 143
Nº de Ficheros Limpiados: 143

Y'a plus personnne  

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

 

J'ai fais un scan rapide,parce que ça scanner toutes mes musiques et vu que j'en est des milliers...et quand plus ça mais longtemps rien que pour une musique...J'ai supprimer 427 infections.Voici le rapport:

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1012
Windows 5.1.2600 Service Pack 2

16:47:23 31/07/2008
mbam-log-7-31-2008 (16-47-23).txt

Type de recherche: Examen rapide
Eléments examinés: 37222
Temps écoulé: 6 minute(s), 30 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 443

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Downloader) -> Data: c:\windows\config\csrss.exe -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\qoMcbccY.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqNGvwv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ssqQheFy.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\100609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1016390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1022421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\102562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\103125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\103171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1037031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1037312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1039250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1045031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1047640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\105109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1053359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\106484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\106546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\110265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1107625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1124015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\112734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\113312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\113625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\114750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\115875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\115968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\118406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\120046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\123093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\125687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\126750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\130406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1342671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1370500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\138812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1429609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1453984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1481843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1499703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\150718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\151218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1517609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\153453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1545093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\154578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1558625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1585390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1608156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\161687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\165546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1671109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\167234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1677406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1695140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1697765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1712640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\172484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\177500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1816093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1886718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1902703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\191484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1934000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\194234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1945187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\195765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1977546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1979734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1985250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1990984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1992703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1996109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\201312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2021750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2024250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\202750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2032562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2034218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2038968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2044593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2048687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2057031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\206531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2073031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\207359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2078015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\208156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\209078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2099656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2100781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2105296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2110500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2118125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2127734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2129609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2134296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2136671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2140781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\214109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2143578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\215468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2160078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\216343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2192546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\223140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2234312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\223781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2251921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2254921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\225546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2267000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2270046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\229828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2331265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2342265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\236265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\236765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2382359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\238687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2410062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2419062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2460765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2470640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2471250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\249171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\250859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2513421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2590265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2596640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\260984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2611296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2614218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\263234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2632609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2665796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2723656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2739203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2814984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2829843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2908390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2980437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2990187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3045296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3072734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3088000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3090093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3099156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3118187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3153000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3160156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\316687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\317406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3178906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3181109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3203296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3281468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\328359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3288921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3289656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3308031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3324156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3324656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\332796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3330046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3352250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3362421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3364156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3367718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3371687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3391625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3394687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3405796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3412843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3417125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3425375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3427421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3433031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3435765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3448359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3449062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3450468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3453046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3456437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3471265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3494078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3499859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3507234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3509406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3520750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3522875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3527718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3529796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3532156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3537859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3554765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3557078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3582109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3584046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3596468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3656125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3661953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3680171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3683000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3697265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3700500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3739890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3775406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\379281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3799703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3828937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3880203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3887125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3905593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3922375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3936515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4013062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4022640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4031562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4034906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4036687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4042000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4044359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4049453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4055015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4059171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4069875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4071484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4076218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4078281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4099312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4109250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4111859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4115234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4116890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4119000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4122921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4137406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4138718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4140890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4141343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4147031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4153765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4156562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4159515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4166718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4169078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4183750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4187781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4194968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4213234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4239421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4247453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4251484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4277484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4285750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4302468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4362828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4369718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4388562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4410062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4423812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4451640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4478781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4493406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4498875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4512687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4514734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4521406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4541593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4559937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4621109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4627421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4648078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4664671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4672906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4694093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4710718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4717687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4793796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4806250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4841187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4847515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4865359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4868171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4894906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4968968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4974953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4993781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4995921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5058625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5061281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5068703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5090937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\509218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5142515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5147609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5162406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5167671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5183406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5189125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5206968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5210281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5268515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5284953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\528500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5363812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\542390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5440921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5453750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5487578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5496500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5512812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5516015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5530531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5539015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5554421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5556656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5584781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5660906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5667375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5702328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5715453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\573546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5749984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5758937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5783265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5786484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5840750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5846765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5882796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\588515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5889515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5907250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5909906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5924328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5937046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5953906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6021765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6098953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6108109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\611359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6128656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6146703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6170609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6232265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6245437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6280484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6288890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6309781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6323531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6332250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\634750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6352843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\637296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6405593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6411390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6428640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6431984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\645890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\648531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6491765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6506281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6580515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6582046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6589953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6607187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6621734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6637703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6708171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6716750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6734062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6749593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6761890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6798671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6814578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6888875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6901656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6984734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7006187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7025171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7042234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7044625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7063937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7072406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7087906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7090640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\714421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7162406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7232296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7246718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\726031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7321453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7336687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7414234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7422500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7444453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\75203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7530968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7615640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\76734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\76812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7756265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7854390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\78812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\80234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\81234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\81484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8177281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\81875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8201921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\82109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\82531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8273390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\84203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\86875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\87125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\875671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\880562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\89515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\897281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\899062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\904125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\906218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\926812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\93843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\942390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\944796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\94671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\95171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\963968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\96484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\971250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\97578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\978281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\979968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\984734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\985312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\986765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\BM43f17620.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM43f17620.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\Config\csrss.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Re,

Réessaye la manip' avec combofix renommé avant le téléchargement.

 

Combofix a marché voici le rapport :

ComboFix 08-07-30.02 - Kosmos 2008-07-31 17:41:24.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1994 [GMT 2:00]
Endroit: C:\Documents and Settings\Kosmos\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\drivers\downld
C:\WINDOWS\system32\hcqqjlio.ini
C:\WINDOWS\system32\TwHNoUvw.ini
C:\WINDOWS\system32\TwHNoUvw.ini2

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-28 to 2008-07-31 ))))))))))))))))))))))))))))))))))))
.

2008-07-31 17:44 . 2008-07-31 17:44 <REP> d-------- C:\WINDOWS\system32\drivers\downld
2008-07-31 16:27 . 2008-07-31 16:27 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-31 16:27 . 2008-07-31 16:27 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\Malwarebytes
2008-07-31 16:27 . 2008-07-31 16:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-31 16:27 . 2008-07-30 20:15 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-31 16:27 . 2008-07-30 20:15 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-31 14:51 . 2008-07-31 14:51 <REP> d-------- C:\Bases
2008-07-31 03:34 . 2008-07-31 03:36 <REP> d-------- C:\Documents and Settings\Kosmos\.housecall6.6
2008-07-31 03:18 . 2008-06-10 21:22 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-07-31 03:18 . 2008-06-02 15:19 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-07-31 03:18 . 2008-06-02 15:19 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-07-31 03:18 . 2008-06-02 15:19 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-07-31 03:03 . 2008-07-31 03:03 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\Uniblue
2008-07-31 02:47 . 2008-07-31 16:12 <REP> d-------- C:\Program Files\Spyware Doctor
2008-07-31 02:47 . 2008-07-31 02:47 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\PC Tools
2008-07-26 00:14 . 2008-07-26 00:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-07-25 23:54 . 2008-07-25 23:54 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-07-25 23:46 . 2008-07-25 23:46 124,688 --a------ C:\WINDOWS\system32\MSWINSCK.OCX
2008-07-16 22:31 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-07-16 21:07 . 2008-07-16 21:07 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\Command & Conquer 3 Tiberium Wars
2008-07-16 20:23 . 2008-07-17 14:40 <REP> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-07-16 20:21 . 2008-07-16 20:23 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-07-16 18:05 . 2008-07-16 18:05 <REP> d-------- C:\Program Files\Gpotato.eu
2008-07-16 13:53 . 2008-07-16 13:53 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\Command & Conquer 3 Kane's Wrath
2008-07-16 13:51 . 2007-10-12 15:14 3,734,536 --a------ C:\WINDOWS\system32\d3dx9_36.dll
2008-07-16 13:51 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-07-16 13:51 . 2007-10-12 15:14 1,374,232 --a------ C:\WINDOWS\system32\D3DCompiler_36.dll
2008-07-16 13:51 . 2007-10-02 09:56 444,776 --a------ C:\WINDOWS\system32\d3dx10_36.dll
2008-07-16 13:51 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-07-16 13:51 . 2007-10-22 03:37 17,928 --a------ C:\WINDOWS\system32\X3DAudio1_2.dll
2008-07-15 00:01 . 2008-07-16 20:52 <REP> d-------- C:\Program Files\Electronic Arts
2008-07-14 22:59 . 2008-07-31 16:53 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-07-14 22:42 . 2008-07-14 22:48 <REP> d--h----- C:\Documents and Settings\All Users\Application Data\~0
2008-07-14 22:36 . 2008-07-14 22:39 <REP> d-------- C:\Program Files\Unlocker
2008-07-14 21:44 . 2008-07-14 21:44 <REP> d-------- C:\Program Files\Avira
2008-07-14 21:44 . 2008-07-14 21:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-07-14 14:38 . 2008-07-14 14:38 <REP> dr-h----- C:\Documents and Settings\Kosmos\Application Data\SecuROM
2008-07-14 14:37 . 2008-07-14 14:37 1,178 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2008-07-14 03:26 . 2008-07-31 16:00 <REP> d-------- C:\Downloads
2008-07-14 03:26 . 2008-07-14 03:26 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-07-14 03:25 . 2008-07-25 22:20 <REP> d-------- C:\Program Files\BitComet
2008-07-04 23:16 . 2008-07-20 13:56 <REP> d-------- C:\Documents and Settings\Kosmos\Application Data\SPORE Creature Creator
2008-07-04 20:31 . 2008-07-04 20:31 <REP> d-------- C:\Program Files\D-Link
2008-07-02 22:21 . 2008-07-31 17:44 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-07-02 22:21 . 2008-07-02 22:21 1,409 --a------ C:\WINDOWS\QTFont.for
2008-07-02 21:58 . 2008-07-02 21:58 <REP> d-------- C:\Program Files\inKline Global
2008-07-02 21:49 . 2008-07-02 21:49 <REP> d-------- C:\WINDOWS\OPTIONS
2008-07-02 21:20 . 2004-08-03 22:31 20,992 --a------ C:\WINDOWS\system32\drivers\RTL8139.sys
2008-07-02 21:20 . 2004-08-03 22:31 20,992 --a--c--- C:\WINDOWS\system32\dllcache\rtl8139.sys
2008-07-02 21:11 . 2008-07-02 21:13 <REP> d-------- C:\Program Files\ma-config.com
2008-07-02 21:11 . 2008-07-02 21:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-06-02 20:57 . 2008-06-02 20:57 <REP> d-------- C:\Program Files\Free Audio Pack
2008-06-01 17:10 . 2008-06-01 17:10 <REP> d-------- C:\Program Files\Valve
2008-06-01 15:58 . 2008-06-01 15:58 0 --a------ C:\WINDOWS\WB.ini
2008-06-01 15:56 . 2008-06-01 15:56 <REP> d-------- C:\Program Files\Stardock
2008-06-01 15:56 . 2007-05-26 12:34 42,672 --a------ C:\WINDOWS\system32\wbsys.dll
2008-06-01 13:23 . 2008-06-01 13:23 <REP> d-------- C:\WINDOWS\system32\LogFiles

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-31 14:13 --------- d-----w C:\Program Files\eMule
2008-07-31 14:03 --------- d-----w C:\Program Files\Java
2008-07-31 13:53 --------- d-----w C:\Program Files\Bonjour
2008-07-30 22:38 --------- d-----w C:\Program Files\Acoustica Shared Effects
2008-07-25 22:07 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-07-16 18:19 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-07-14 22:01 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-14 19:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-14 19:38 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-07-14 19:33 --------- d-----w C:\Program Files\Symantec
2008-07-05 09:14 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-07-04 18:30 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-07-02 20:21 --------- d-----w C:\Program Files\Realtek
2008-06-01 12:09 --------- d-----w C:\Program Files\Acoustica Mixcraft 3
2008-05-31 16:50 --------- d-----w C:\Program Files\Common Files
2008-04-15 22:46 315,392 ----a-w C:\WINDOWS\HideWin.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2005-10-03 06:03 720904]
"SuperCopier2.exe"="C:\Program Files\SuperCopier2\SuperCopier2.exe" [2006-07-07 18:45 1052672]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 02:07 1667584]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 17:38 583048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 04:27 144784]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-07 07:51 81920]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-07 07:51 8523776]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59 77824]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57 188416]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"H2O"="C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe" [2005-05-11 02:46 200069]
"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-16 11:35 626176]
"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 10:32 880640]
"BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 18:16 376912]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" [2008-07-31 14:59 266497]
"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 11:19 1426432]
"RTHDCPL"="RTHDCPL.EXE" [2007-10-25 05:57 16855552 C:\WINDOWS\RTHDCPL.exe]
"nwiz"="nwiz.exe" [2007-12-07 07:51 1626112 C:\WINDOWS\system32\nwiz.exe]
"C-Media Mixer"="Mixer.exe" [2001-11-15 21:08 1216512 C:\WINDOWS\mixer.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytoosl"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
2007-03-05 17:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.enc"= ITIG726.acm

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^LE COMPAGNON CLUB.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\LE COMPAGNON CLUB.lnk
backup=C:\WINDOWS\pss\LE COMPAGNON CLUB.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"12813:TCP"= 12813:TCP:BitComet 12813 TCP
"12813:UDP"= 12813:UDP:BitComet 12813 UDP

R0 nvgts;nvgts;C:\WINDOWS\system32\DRIVERS\nvgts.sys [2007-08-09 05:11]
R3 CLEDX;Team H2O CLEDX service;C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 20:08]
S2 antivirwebservice;Avira AntiVir Premium WebGuard;C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE [2008-07-17 21:46]
S3 PciCon;PciCon;E:\PciCon.sys []
S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys [2004-08-05 14:00]
S4 AVEService;Avira AntiVir Premium MailGuard helper service;C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe [2008-07-17 21:46]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eff6d6ed-c43f-11dc-bb0d-806d6172696f}]
\Shell\AutoRun\command - E:\.\Bin\ASSETUP.exe
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-Uniblue RegistryBooster 2 - C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
HKLM-Run-StandardInstall - (no file)
HKLM-Run-CmPCIaudio - cmicnfg3.cpl
Notify-efcYSijJ - efcYSijJ.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.google.fr/


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-31 17:44:23
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\mchInjDrv]
"ImagePath"="\??\C:\DOCUME~1\Kosmos\LOCALS~1\Temp\mc22.tmp"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-31 17:49:35 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-31 15:49:20

Pre-Run: 44,541,571,072 octets libres
Post-Run: 44,491,145,216 octets libres

216

 

Désactive toute protection résidente ( antivirus…) ! <------- Pense-y !

Copie le texte se situant dans le cadre ci-dessous : ( Ctrl + C )



=> Ouvre le Bloc Notes : Démarrer > Tous les programmes > Accessoires > Bloc notes

- Colles y le texte (CTRL + V)
- Enregistre ce fichier dans : Bureau
- Nom du fichier : CFScript
- Type du fichier : tous les fichiers !!
- Clique sur Enregistrer
- Quitte le Bloc Notes

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



* Cela va relancer Combofix : au message qui apparaît ( Type 1 to continue, or 2 to abort), tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal !
* Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Copie/Colle son contenue sur le forum.
Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt
* Poste un nouveau rapport hijackthis.

 

Je vais fair un rapport avec hijackthis parce que le compte rendu de combo fix est très très long et la je crois qu'il bug

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:19, on 2008-07-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Kosmos\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O23 - Service: Avira AntiVir Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: Avira AntiVir Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: Avira AntiVir Premium WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 10475 bytes

Alors?qu'est ce que tant dis ?

Qu'elle Antivirus utilise tu?

J'utilisais bitdefender maios il marchait plus alors j'ai installer kaspersky

ok bon choix ^^

sinon il vient plus m'aider Merillym??

il doit être absent... patience  

Il est bénévole, et il a une vie, comme toi...j'espère

Re,

Fais un scan en ligne Kaspersky avec Internet Explorer :

Clique sur

Clique maintenant sur J'accepte.

Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.

Patiente pendant l'installation des Mises à jour.

Choisis par la suite l'analyse du Poste de travail

Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

 

Voila le rapport de Kaspersky :

-------------------------------------------------------------------------------
KASPERSKY ON-LINE SCANNER REPORT
Saturday, August 02, 2008 4:17:05 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 2/08/2008
Enregistrements dans la base antivirus Kaspersky : 928036
-------------------------------------------------------------------------------

Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai

Cible de l'analyse - Poste de travail:
A:\
C:\
D:\
E:\
F:\

Statistiques de l'analyse:
Total d'objets analysés: 66973
Nombre de virus trouvés: 1
Nombre d'objets infectés: 3 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 01:15:55

Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Data\av4.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\00\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\00\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\00\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\00\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\00\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000002_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000002_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000002_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\00000002_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\01\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000002_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000002_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000002_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\00000002_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\02\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000002_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000002_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000002_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\00000002_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\03\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000002_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000002_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000002_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\00000002_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\04\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\05\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\05\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\05\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\05\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\05\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\06\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\06\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\06\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\06\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\06\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\07\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\07\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\07\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\07\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\07\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\08\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\08\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\08\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\08\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\08\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000001_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000001_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000001_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000001_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000002_events.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000002_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000002_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\00000002_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\09\segments.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\detected.idx L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\detected.rpt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\g_objbt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\g_objdt.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\g_objid.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\AVP8\Report\report.rpt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Nero\Nero8\Nero BackItUp\Cache\NeroBackItUpScheduler3.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-08-02_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Ahead\Nero Home\bl.db L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Ahead\Nero Home\is2.db L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Application Data\Mozilla\Firefox\Profiles\juh7xrc6.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Kosmos\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Gpotato.eu\Flyff\GameGuard\npgl.erl L'objet est verrouillé ignoré
C:\Program Files\Gpotato.eu\Flyff\GameGuard\npgm.erl L'objet est verrouillé ignoré
C:\Program Files\Gpotato.eu\Flyff\GameGuard\npsc.erl L'objet est verrouillé ignoré
C:\Program Files\Nero\Nero8\Nero BackItUp\BIU2.txt L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{78EB2CC5-80AA-4BEB-ABD1-DAB97339F77E}\RP11\A0008953.exe/data0000.cab/Setup.exe Infecté : Backdoor.Win32.Poison.ect ignoré
C:\System Volume Information\_restore{78EB2CC5-80AA-4BEB-ABD1-DAB97339F77E}\RP11\A0008953.exe/data0000.cab Infecté : Backdoor.Win32.Poison.ect ignoré
C:\System Volume Information\_restore{78EB2CC5-80AA-4BEB-ABD1-DAB97339F77E}\RP11\A0008953.exe Rsrc-Package: infecté - 2 ignoré
C:\System Volume Information\_restore{78EB2CC5-80AA-4BEB-ABD1-DAB97339F77E}\RP12\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox.idx L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox2.dat L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\fidbox2.idx L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{78EB2CC5-80AA-4BEB-ABD1-DAB97339F77E}\RP12\change.log L'objet est verrouillé ignoré

Analyse terminée.

Re,

Comment va le PC ? Toujours des problèmes ?

 

Non,pas de probleme le pc marche bien

Re,

Prévention :

- Nettoyage des fichiers temporaires :

Télécharge Ccleaner sur ton Bureau.

Clique sur "download the latest version"

Installe-le en laissant seulement les options suivantes cochées :
- Ajouter un raccourci sur le Bureau
- Contrôler automatiquement les mises à jour de CCleaner

Lance le Nettoyage

Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

Aide : Comment utiliser CCleaner.


Telecharge ATFcleaner sur ton Bureau.

Double-clique sur l'exécutable téléchargé.

Dans l'onglet Main, coche simplement la case Select All (toutes les cases vont se cocher) puis sur le bouton Empty Selected.

Si tu possèdes Firefox ou Opera comme navigateur, pense à choisir ton navigateur en haut a gauche avant de sélectionner Select All puis Empty Selected.

Puis réponds Non au message qui s'affiche, si tu ne souhaites pas perdre tes mots de passe.

Aide : Comment utiliser AFTCleaner.

-- Restauration Système :

Désactive-Réactive la restauration système.

Méthode XP :
Clique sur Démarrer, fais un clique droit sur le Poste de travail puis clique sur Propiétés. Sélectionne l'onglet Restauration du Système.
Dans cet onglet, coche la case Désactiver la Restauration du système sur tous les lecteurs.
Un message de confirmation va apparaître. Clique sur Oui, puis OK. Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

Méthode Vista :
Clique sur Démarrer, fais un clique droit sur Ordinateur, puis clique sur Propriétés. Clique à gauche sur Paramètres système avancés. Sélectionne l'onglet Protection du Système.
Dans cet onglet, décoche (une par une) tes partitions, un message de confirmation va apparaître, clique sur Désactiver la protection du système, Clique sur Appliquer, puis OK.
Fais redémarrer ton ordinateur pour que les changements soient bien pris en compte.
Pour réactiver la restauration système, il suffit de décocher cette même case et de faire redémarrer ton ordinateur (en ayant suivi les mêmes étapes).

Aide : Comment Désactiver-Réactiver la Restauration Système.

--- Affichage normal des fichiers :

Clique sur le menu Demarrer /Panneau de configuration/Options des dossiers/ puis dans l'onglet Affichage
- Décoche Afficher les fichiers et dossiers cachés
- Coche Masquer les fichiers protégés du système d'exploitation (recommandé)
clique sur Appliquer, puis OK.

---- Suppression des outils installés :

Télécharge ToolsCleaner2 (de A.Rothstein)

Installe le sur ton Bureau.

Clique sur Recherche pour lancer le scan.

Clique sur Supprimer pour nettoyer les outils utilisés.

Clique sur Quitter.

Supprime maintenant ToolsCleaner.

----- Remise en place des protections, protection du système avec les Mises à Jour ! :

Je t'invite maintenant à (ré)activer toutes tes protections résidentes (Antivirus, Antispyware, Firewall..).
Tu dois avoir accès à tes protections dans la zone systray à côté de la barre des tâches. Si tu as des difficultés, n'hésite pas à me questionner !
Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !
Mets tes Softwares correctement à jour (Java, Adobe, Flash ..) grâce à Sotware Inspector (chez Secunia)

Un petit mot à propos de Java :

Une fois la nouvelle version téléchargée, installe-la et fais redémarrer ton ordinateur.
Hélas, les anciennes version de Java (qui contiennent des failles, donc dangereuses !) sont toujours présentes !
C'est donc très important que tu désinstalles les anciennes versions de Java.

Va dans Démarrer, Panneau de Configuration, Ajout/Suppression de Programmes

Déinstalles toutes les versions de Java exceptée la plus récente.

Aide : Comment utiliser Secunia Software Inspector.

------ Ton infection, tu la dénonces ? :

Tu n'es pas obligé mais ce serait bien que tu rapportes ton infection sur Malware Complaints

Ton(tes) infection(s) : Bagle.

Si tu ne la trouves pas dans la liste, poste dans Autres infections.

Aide : Comment dénoncer mon infection sur Malware Complaints.

Je t'invite maintenant à regarder ces dossiers très instructifs en terme de prévention !

- Sécurité/Prévention
- Conséquences de la multi-protection
- Toolbars : Inutilité et ralentissements

Bonne journée/soirée  

(Merci à XmichouX pour ce message de fin de désinfection)