sifffer6

bonjour à tous j'ai un énorme problème qui commence à me peser, depuis aujourd'hui, je n'arrive plus du tout à me connecter à internet avec mon modem, je m'explique j'ai un ordi fixe branché avec un rj45 à un modem router de marque linksys modèle wag354g et là sans raison apparente impossible de recevoir internet ni avec firefox, ni avec ie, j'ai essayer de brancher le portable aussi avec le rj45 pensant que la carte réseau de mon fixe faisait des siennes et rien non plus! le seul truc qui fonctionne c'est la connexion wifi avec mon portable! help please! est-ce mon modem qui est mort? merci de vos réponses.

bonjour j'ai essayer mais rien n'y fait il doit y avoir un .dll qui est manquant ou déféct.... il me semble que les MàJ se font qand même et firefox fonctionne, donc je vais laisser comme ça pour le moment jusqu'à ce que je trouve une soluce plus tard....

hello j'ai essayer mais rien non plus il me met une message : erreur dans IEsetup.dll entrée manquante : IEAccessSysINst, mais maintenant que mon petit cerveau est en train de chauffer pour trouver une solution, je me rappel que quand j'ai eu un prob la dernière fois et qu'on m'avait aidé à désinfecter, une personne m'a écrit en me disant qu'il est plus sûr e ne pas utiliser IE et firefox en mode admin, et depuis là je suis allé chercher une soluce sur le net pour savoir comment faire à la suite de quoi j'ai trouvé qqch et il fallait installer 2 fichiers pour arranger ce prob dans la base de registre et il me semble bien que c'est depuis là que tout à commencer....

hello alors j'ai pu installer IE7 mais même chose qu'avant il ne fonctionne pas du tout....

rebonjour alors j'ai déjà utiliser la fonction sfc scannow mais apparament tout est bon et pour la réparation de windows je l'ai déjà tentée (avant que je sois infécté) pour essayer de réparer IE6 mais ça n'a rien changer..., j'ai fait une recherche de IE6 il me le trouve dans le disque C: et dans le disque E:, dans le disque E il y a deux dossier le premier (4c886bfb98304a646bddb1da61) avec un dossier update inaccessible et le second (bc71d17e02954ca3a323d9b68b) avec divers fichier .dll et autres et un dossier update je pense que ceci à lien avec ce qui m'arrive....

hello alors essayer pas pu, je m'explique je viens d'exécuter la manoeuvre que tu m'as dit mais ça marche pas, il me met une fenêtre avec marquer dedant : windows ne trouve pas 'C.\program files\internet explorer\iexplore.exe' vérifier que vous avez entré le nom correctement et essayer à nouveau. Pour rechercher un fichier.... quelqu'un aurait-il une idée? merci a+

bonjour je vais faire le nécessaire pour me débarrasser de tout ce petit monde...et voilà pour les deux rapport : -->- Recherche: C:\Combofix: trouvé ! C:\Qoobox: trouvé ! C:\Documents and Settings\Laure et Steve\Bureau\ComboFix.exe: trouvé ! C:\Documents and Settings\Laure et Steve\Recent\HijackThis.lnk: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Laure et Steve\Bureau\ComboFix.exe: supprimé ! C:\Documents and Settings\Laure et Steve\Recent\HijackThis.lnk: supprimé ! C:\Combofix: supprimé ! C:\Qoobox: supprimé ! et pour hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:38:42, on 16.08.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\ad aware 2008\prog\aawservice.exe C:\WINDOWS\Explorer.EXE D:\java\bin\jusched.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE D:\mind manager 7 pro\MMReminderService.exe D:\Itunes\iTunesHelper.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe D:\firefox 3.0\prog\firefox.exe C:\Program Files\Canon\CanoScan Toolbox Ver4.5\CSTBox.exe D:\hijackthis\Laure et Steve.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\snagit\SnagItBHO.dll O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - D:\mind manager 7 pro\Mm7InternetExplorer.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\java\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\snagit\SnagItIEAddin.dll O4 - HKLM\..\Run: [pccguide.exe] "D:\trend micro ver.14\pccguide.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\java\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MMReminderService] D:\mind manager 7 pro\MMReminderService.exe O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [pdfSaver3] "D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: LaunchU3.exe.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\java\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\java\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Envoyer à Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - D:\mind manager 7 pro\Mm7InternetExplorer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\antidote rx7\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\antidote rx7\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\antidote rx7\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1214161304953 O17 - HKLM\System\CCS\Services\Tcpip\..\{660C3A53-0541-4744-90B6-9A0626FF3D4B}: NameServer = 195.186.4.108,195.186.1.108 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\ad aware 2008\prog\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - D:\nero 7.5.1\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - D:\TRENDM~1.14\PcCtlCom.exe -- End of file - 7710 bytes j'ai désinstaller IE7, il m'a remis IE6, mais maintenant quand je clic sur l'incône d'internet explorer il me crée un raccourci sur le bureau et je ne peux pas accéder à internet, alors je suis en train de vérifier tout les fichiers système de win avec le vérificateur de win xp et on verra, sinon où pourrais-je m'adresser pour de l'aide au cas oû ?

bonsoir voici le résultat du scan. Avira AntiVir Personal Report file date: vendredi, 15. août 2008 16:46 Scanning for 1556257 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Boot mode: Save mode Username: Laure et Steve Computer name: LAUREETSTEVE Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 14:40:20 ANTIVIR2.VDF : 7.0.6.10 2587136 Bytes 14/08/2008 14:40:26 ANTIVIR3.VDF : 7.0.6.23 74240 Bytes 15/08/2008 14:40:27 Engineversion : 8.1.1.19 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.63 311673 Bytes 15/08/2008 14:40:34 AESCN.DLL : 8.1.0.23 119156 Bytes 15/08/2008 14:40:33 AERDL.DLL : 8.1.0.20 418165 Bytes 15/08/2008 14:40:33 AEPACK.DLL : 8.1.2.1 364917 Bytes 15/08/2008 14:40:32 AEOFFICE.DLL : 8.1.0.21 192891 Bytes 15/08/2008 14:40:32 AEHEUR.DLL : 8.1.0.47 1368437 Bytes 15/08/2008 14:40:31 AEHELP.DLL : 8.1.0.15 115063 Bytes 15/08/2008 14:40:30 AEGEN.DLL : 8.1.0.35 315764 Bytes 15/08/2008 14:40:29 AEEMU.DLL : 8.1.0.7 430452 Bytes 15/08/2008 14:40:29 AECORE.DLL : 8.1.1.8 172406 Bytes 15/08/2008 14:40:28 AEBB.DLL : 8.1.0.1 53617 Bytes 15/08/2008 14:40:28 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50 AVREP.DLL : 8.0.0.2 98344 Bytes 15/08/2008 14:40:27 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: repair Secondary action.................: delete Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, F:, I:, O:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: vendredi, 15. août 2008 16:46 Starting search for hidden objects. The driver could not be initialized. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'aawservice.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 12 processes with 12 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! Master boot sector HD2 [iNFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Boot sector 'E:\' [iNFO] No virus was found! Boot sector 'F:\' [iNFO] No virus was found! Boot sector 'I:\' [iNFO] No virus was found! Boot sector 'O:\' [iNFO] No virus was found! Starting to scan the registry. The registry was scanned ( '35' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 [DETECTION] Is the Trojan horse TR/Dldr.Bagle.XK [NOTE] A backup was created as '48e998bb.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\data.oct.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199ae4.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\flec006.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '490a9af0.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Calc Join (Merge, Combine) Multiple Sheets & Files Into One Software 7.0.zip.vir [0] Archive type: ZIP --> OpenOffice Calc Join (Merge, Combine) Multiple Sheets & Files Into One Software 7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9af5.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Calc Password Recovery 1.0.4.zip.vir [0] Archive type: ZIP --> OpenOffice Calc Password Recovery 1.0.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9af6.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Draw Password Recovery 1.0.3.zip.vir [0] Archive type: ZIP --> OpenOffice Draw Password Recovery 1.0.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c777.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice IFilter 1.4.zip.vir [0] Archive type: ZIP --> OpenOffice IFilter 1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9af7.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Password Recovery 1.0.3.zip.vir [0] Archive type: ZIP --> OpenOffice Password Recovery 1.0.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9af8.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Extract Email Addresses From Documents Software 7.0.zip.vir [0] Archive type: ZIP --> OpenOffice Writer Extract Email Addresses From Documents Software 7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9af9.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Find and Replace In Multiple Documents Software 7.0.zip.vir [0] Archive type: ZIP --> OpenOffice Writer Find and Replace In Multiple Documents Software 7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9afa.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Import Multiple Word Documents Software 7.0.zip.vir [0] Archive type: ZIP --> OpenOffice Writer Import Multiple Word Documents Software 7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9afb.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice.org for Linux.zip.vir [0] Archive type: ZIP --> OpenOffice.org for Linux.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9afc.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPandora 0.6.zip.vir [0] Archive type: ZIP --> OpenPandora 0.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c77d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPhotoPod 0.0.1.zip.vir [0] Archive type: ZIP --> OpenPhotoPod 0.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9afd.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\openPim 1.2 beta.zip.vir [0] Archive type: ZIP --> openPim 1.2 beta.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9afe.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPlsInWM 1.0.2.zip.vir [0] Archive type: ZIP --> OpenPlsInWM 1.0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9aff.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenProj 1.0.zip.vir [0] Archive type: ZIP --> OpenProj 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b01.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenRemind 1.0.7 Build 1.zip.vir [0] Archive type: ZIP --> OpenRemind 1.0.7 Build 1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c682.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenRun 1.0.zip.vir [0] Archive type: ZIP --> OpenRun 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b02.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opens and Save Files Utility 1.0.zip.vir [0] Archive type: ZIP --> Opens and Save Files Utility 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b03.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSearchFox 0.1.5.zip.vir [0] Archive type: ZIP --> OpenSearchFox 0.1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b04.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSebJ 0.41.zip.vir [0] Archive type: ZIP --> OpenSebJ 0.41.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b05.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSezMe 1.3.4.zip.vir [0] Archive type: ZIP --> OpenSezMe 1.3.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b06.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opensisma 1.3 Build 80208.4.zip.vir [0] Archive type: ZIP --> Opensisma 1.3 Build 80208.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c687.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSSL 0.9.8g.zip.vir [0] Archive type: ZIP --> OpenSSL 0.9.8g.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b07.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenStego 0.3.1.zip.vir [0] Archive type: ZIP --> OpenStego 0.3.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b09.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\opensubtitles.org search 0.2.zip.vir [0] Archive type: ZIP --> opensubtitles.org search 0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b0a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenTalk 3.14.zip.vir [0] Archive type: ZIP --> OpenTalk 3.14.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c68b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenURL Referrer 2.3.7.zip.vir [0] Archive type: ZIP --> OpenURL Referrer 2.3.7.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b0b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenVIP 1.1.1.zip.vir [0] Archive type: ZIP --> OpenVIP 1.1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b0c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenVPN GUI 1.0.3.zip.vir [0] Archive type: ZIP --> OpenVPN GUI 1.0.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b0e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave Location Studio SDK 2.1.zip.vir [0] Archive type: ZIP --> Openwave Location Studio SDK 2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b0f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave MMS SDK 3.0.zip.vir [0] Archive type: ZIP --> Openwave MMS SDK 3.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b10.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave WAP Push Library 1.0.zip.vir [0] Archive type: ZIP --> Openwave WAP Push Library 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c691.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenWire 2.6.1.zip.vir [0] Archive type: ZIP --> OpenWire 2.6.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b11.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenWithView 1.01.zip.vir [0] Archive type: ZIP --> OpenWithView 1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b12.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Openworld FlashPresenter 2.0.9.97.zip.vir [0] Archive type: ZIP --> Openworld FlashPresenter 2.0.9.97.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b14.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX ASP Edition for MSSQL, Sybase, Oracle, MySQL 2.0.zip.vir [0] Archive type: ZIP --> OpenX ASP Edition for MSSQL, Sybase, Oracle, MySQL 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b15.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for MS SQL Server 2.0.2.zip.vir [0] Archive type: ZIP --> OpenX for MS SQL Server 2.0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b16.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for MySQL 2.0.zip.vir [0] Archive type: ZIP --> OpenX for MySQL 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b17.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for Oracle 7i, 8i 2.0.zip.vir [0] Archive type: ZIP --> OpenX for Oracle 7i, 8i 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b19.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenXML Writer 1.2.zip.vir [0] Archive type: ZIP --> OpenXML Writer 1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c69a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPENXTRA Console 1.0.zip.vir [0] Archive type: ZIP --> OPENXTRA Console 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48ea9afa.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenzUp 1.0.zip.vir [0] Archive type: ZIP --> OpenzUp 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b1c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera ASA Office Analog Clocks 1.1.zip.vir [0] Archive type: ZIP --> Opera ASA Office Analog Clocks 1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b1d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera BackupX 0.4.zip.vir [0] Archive type: ZIP --> Opera BackupX 0.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c69e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Bible 1.0.zip.vir [0] Archive type: ZIP --> Opera Bible 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b1e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Christmas Widget! 0.6.zip.vir [0] Archive type: ZIP --> Opera Christmas Widget! 0.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b1f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Clock 1.3.zip.vir [0] Archive type: ZIP --> Opera Clock 1.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b20.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera for Linux 7.21.zip.vir [0] Archive type: ZIP --> Opera for Linux 7.21.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b21.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera for Windows with Java 7.54u2.zip.vir [0] Archive type: ZIP --> Opera for Windows with Java 7.54u2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b22.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Forum Search 1.1.zip.vir [0] Archive type: ZIP --> Opera Forum Search 1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b23.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Launcher 2.0.zip.vir [0] Archive type: ZIP --> Opera Launcher 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b24.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Password Recovery 3.4.0.zip.vir [0] Archive type: ZIP --> Opera Password Recovery 3.4.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b25.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Password Recovery Master 1.0.0.4.zip.vir [0] Archive type: ZIP --> Opera Password Recovery Master 1.0.0.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b26.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Snow 0.2.zip.vir [0] Archive type: ZIP --> Opera Snow 0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c6a7.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Update Checker 1.0.zip.vir [0] Archive type: ZIP --> Opera Update Checker 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b28.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Uptime 1.0.zip.vir [0] Archive type: ZIP --> Opera Uptime 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b29.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Web Applications Blog 1.zip.vir [0] Archive type: ZIP --> Opera Web Applications Blog 1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b2a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Widget Maker 1.0.zip.vir [0] Archive type: ZIP --> Opera Widget Maker 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b2b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera's DC++ (oDC) 5.31.zip.vir [0] Archive type: ZIP --> Opera's DC++ (oDC) 5.31.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b2c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera's Ruler 1.0.zip.vir [0] Archive type: ZIP --> Opera's Ruler 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b2e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera.fm .9.zip.vir [0] Archive type: ZIP --> Opera.fm .9.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b2f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera@USB 9.27 Build 8841.zip.vir [0] Archive type: ZIP --> Opera@USB 9.27 Build 8841.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b31.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaAdFilter 1.01.zip.vir [0] Archive type: ZIP --> OperaAdFilter 1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c6b2.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Operating System Gadget 1.0.0.0.zip.vir [0] Archive type: ZIP --> Operating System Gadget 1.0.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b32.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Operator 0.8.zip.vir [0] Archive type: ZIP --> Operator 0.8.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b33.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaTor 2.6b.zip.vir [0] Archive type: ZIP --> OperaTor 2.6b.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490a9b34.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaView 0.6.zip.vir [0] Archive type: ZIP --> OperaView 0.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '4888c6b5.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Ophcrack 2.4.1.zip.vir [0] Archive type: ZIP --> Ophcrack 2.4.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490d9b36.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPI Swapper for InDesign CS2 6.1r10.zip.vir [0] Archive type: ZIP --> OPI Swapper for InDesign CS2 6.1r10.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48ee9b17.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPI Swapper for QuarkXPress 6.x 6.0r8.zip.vir [0] Archive type: ZIP --> OPI Swapper for QuarkXPress 6.x 6.0r8.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48ee9b18.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\opImage 1.0.zip.vir [0] Archive type: ZIP --> opImage 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48ee9b39.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opinio 6.0.zip.vir [0] Archive type: ZIP --> Opinio 6.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '490e9b3a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Library for .NET 2.0.zip.vir [0] Archive type: ZIP --> OPML Library for .NET 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48f29b1b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Reader 0.2.1.zip.vir [0] Archive type: ZIP --> OPML Reader 0.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48f29b1c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Support 1.4.zip.vir [0] Archive type: ZIP --> OPML Support 1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '48f29b1d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opt-In List Extractor 1.0b.zip.vir [0] Archive type: ZIP --> Opt-In List Extractor 1.0b.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b3e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Opt-In List Manager 1.0.15.zip.vir [0] Archive type: ZIP --> Opt-In List Manager 1.0.15.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b40.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptContact 1.0.4.zip.vir [0] Archive type: ZIP --> OptContact 1.0.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6c1.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptDrvr - Options Calculator 10.1.zip.vir [0] Archive type: ZIP --> OptDrvr - Options Calculator 10.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b41.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optenet PC Web Filter 9.4.1.zip.vir [0] Archive type: ZIP --> Optenet PC Web Filter 9.4.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b42.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optical Illusion Of The Day 4.1.zip.vir [0] Archive type: ZIP --> Optical Illusion Of The Day 4.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b43.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optical Info 1.02.zip.vir [0] Archive type: ZIP --> Optical Info 1.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b44.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OpticamFX 1.2.zip.vir [0] Archive type: ZIP --> OpticamFX 1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b46.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optician Information Management 1.3.zip.vir [0] Archive type: ZIP --> Optician Information Management 1.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6c7.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\optiDesigner 1.0.zip.vir [0] Archive type: ZIP --> optiDesigner 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b47.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optidraft 2.03.zip.vir [0] Archive type: ZIP --> Optidraft 2.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b48.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\optiGA 2.01.zip.vir [0] Archive type: ZIP --> optiGA 2.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b49.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optilink 3.0.24.zip.vir [0] Archive type: ZIP --> Optilink 3.0.24.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b4a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optima Metrics Group 1.0.zip.vir [0] Archive type: ZIP --> Optima Metrics Group 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b4b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimAccess Dial 3.0.1.zip.vir [0] Archive type: ZIP --> OptimAccess Dial 3.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6cc.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Archive 1.1 build 138.zip.vir [0] Archive type: ZIP --> Optimal Archive 1.1 build 138.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b4c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Data Analyses 2.0.zip.vir [0] Archive type: ZIP --> Optimal Data Analyses 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b4d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Desktop - Professional Edition 5.0 r220.zip.vir [0] Archive type: ZIP --> Optimal Desktop - Professional Edition 5.0 r220.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b4f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Desktop Standard 5.0 r222.zip.vir [0] Archive type: ZIP --> Optimal Desktop Standard 5.0 r222.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b50.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal File Combination Calculator 0.1.zip.vir [0] Archive type: ZIP --> Optimal File Combination Calculator 0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b51.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal HTML v1.2.zip.vir [0] Archive type: ZIP --> Optimal HTML v1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b52.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Mandelbrot 3.0.zip.vir [0] Archive type: ZIP --> Optimal Mandelbrot 3.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b53.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Password Generator 2.1.zip.vir [0] Archive type: ZIP --> Optimal Password Generator 2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6d4.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Pilot 1.00.zip.vir [0] Archive type: ZIP --> Optimal Pilot 1.00.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b55.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Shopping List Maker 1.9.zip.vir [0] Archive type: ZIP --> Optimal Shopping List Maker 1.9.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6d6.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Trader 2.4.0.zip.vir [0] Archive type: ZIP --> Optimal Trader 2.4.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b57.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Weight 1.0.zip.vir [0] Archive type: ZIP --> Optimal Weight 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b58.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimaze! 1.0.zip.vir [0] Archive type: ZIP --> Optimaze! 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b59.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimFROG 4.600ex.zip.vir [0] Archive type: ZIP --> OptimFROG 4.600ex.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b5a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimik 2.36c.zip.vir [0] Archive type: ZIP --> Optimik 2.36c.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b5b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimism 1.2.6.zip.vir [0] Archive type: ZIP --> Optimism 1.2.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b5c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimization Algorithm Toolkit - OAT 1.3.zip.vir [0] Archive type: ZIP --> Optimization Algorithm Toolkit - OAT 1.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b5d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimize Computer 1.4.zip.vir [0] Archive type: ZIP --> Optimize Computer 1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b5f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimize GUITIDY 1.05.zip.vir [0] Archive type: ZIP --> Optimize GUITIDY 1.05.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6e0.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimizeBatch 1.0.0.zip.vir [0] Archive type: ZIP --> OptimizeBatch 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b61.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimizer Rx 1.01.zip.vir [0] Archive type: ZIP --> Optimizer Rx 1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b62.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimizer XP 3.5 XG.zip.vir [0] Archive type: ZIP --> Optimizer XP 3.5 XG.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6e3.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for FAT Formatted 1.0.0.zip.vir [0] Archive type: ZIP --> Optimum Data Recovery for FAT Formatted 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b63.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for FAT Undelete 1.0.0.zip.vir [0] Archive type: ZIP --> Optimum Data Recovery for FAT Undelete 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b65.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for NTFS Formatted 1.0.0.zip.vir [0] Archive type: ZIP --> Optimum Data Recovery for NTFS Formatted 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b66.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for NTFS Undelete 1.0.0.zip.vir [0] Archive type: ZIP --> Optimum Data Recovery for NTFS Undelete 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b67.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimumcut-1D 1.20.zip.vir [0] Archive type: ZIP --> Optimumcut-1D 1.20.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b68.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimumJPEG 1.1.0.3.zip.vir [0] Archive type: ZIP --> OptimumJPEG 1.1.0.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b6a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\OptiNet 1.2 Build #1.zip.vir [0] Archive type: ZIP --> OptiNet 1.2 Build #1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6eb.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Optinlistexploder 2.0.zip.vir [0] Archive type: ZIP --> Optinlistexploder 2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b6c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Calculator 1.42.zip.vir [0] Archive type: ZIP --> Option Calculator 1.42.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '489bc6ed.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Position Calculator 1.0.zip.vir [0] Archive type: ZIP --> Option Position Calculator 1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b6e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Pricing Calculator 1.0.0.zip.vir [0] Archive type: ZIP --> Option Pricing Calculator 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b6f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Profit Calculator 1.0.0.zip.vir [0] Archive type: ZIP --> Option Profit Calculator 1.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.YB [NOTE] A backup was created as '49199b70.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '490a9b65.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '49139b6b.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.XK [NOTE] A backup was created as '49099b6e.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.XK [NOTE] A backup was created as '490a9b67.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\srosa.sys.vir [DETECTION] Is the Trojan horse TR/Rootkit.Gen [NOTE] A backup was created as '49149b75.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\104218.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d99b34.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\106062.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48db9b34.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\107609.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48dc9b35.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\1923921.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d79b41.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\2005593.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d59b39.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\2017406.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d69b39.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\2019250.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '4957ceda.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\2150437.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48da9b3c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\2170281.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48dc9b3c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\30331796.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d89b3c.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\30339828.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '4959cedd.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\3698500.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48de9b43.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\4182531.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48dd9b3f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\4193656.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48de9b3f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\42375.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d89b42.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\43078.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d59b44.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\43578.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48da9b44.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\44125.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d69b45.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\44750.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48dc9b47.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\44875.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48dd9b47.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\45296.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d79b49.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\504750.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d99b45.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\51156.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d69b46.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\51312.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d89b47.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\52031.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d59b48.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\52343.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d89b49.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\53984.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48de9b4a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\57265.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d79b4f.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\58562.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48da9b50.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\58625.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48db9b51.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\59656.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48db9b52.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\6008406.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48d59b4a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\6025937.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d79b4a.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\6027093.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '4956ceab.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\61218.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d79b4d.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\67812.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48dd9b53.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\68500.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48da9b54.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\77796.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48dc9b54.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\835953.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48da9b51.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\854906.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d99b54.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\89843.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] A backup was created as '48dd9b59.qua' ( QUARANTINE ) [NOTE] The file was deleted! C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\downld\961812.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] A backup was created as '48d69b56.qua' ( QUARANTINE ) [NOTE] The file was deleted! Begin scan in 'D:\' Begin scan in 'E:\' E:\bc71d17e02954ca3a323d9b68b\advpack.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\browseui.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\corpol.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\custsat.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\dxtmsft.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\dxtrans.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\extmgr.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\hmmapi.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\icardie.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ie4uinit.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieakeng.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieaksie.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieakui.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieapfltr.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iedkcs32.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iedw.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieencode.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieframe.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iepeers.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieproxy.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iernonce.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iertutil.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iesetup.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieudinit.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\ieui.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\iexplore.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\imgutil.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\inseng.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\jscript.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\jsproxy.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\licmgr10.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\msfeeds.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\msfeedsbs.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\msfeedssync.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\mshta.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\mshtml.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\mshtmled.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\mshtmler.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\msls31.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\msrating.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\mstime.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\occache.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\pngfilt.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\shdocvw.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\shlwapi.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\spmsg.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\spuninst.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\spupdsvc.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\url.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\urlmon.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\vbscript.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\vgx.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\webcheck.dll [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\winfxdocobj.exe [WARNING] The file could not be opened! E:\bc71d17e02954ca3a323d9b68b\wininet.dll [WARNING] The file could not be opened! Begin scan in 'F:\' Begin scan in 'I:\' <disque dur n°2 > I:\Azureus\fichiers télécharger\EncoreCS3 Activation.rar [0] Archive type: RAR --> MasterCollectionCS3KEYGEN+ACTIVATION.EXE [DETECTION] Is the Trojan horse TR/Agent.55481 [NOTE] A backup was created as '4908aaf5.qua' ( QUARANTINE ) [NOTE] The file was deleted! I:\Azureus(2)\téléchargement\EncoreCS3 Activation.rar [0] Archive type: RAR --> MasterCollectionCS3KEYGEN+ACTIVATION.EXE [DETECTION] Is the Trojan horse TR/Agent.55481 [NOTE] A backup was created as '4908addb.qua' ( QUARANTINE ) [NOTE] The file was deleted! I:\Azureus(2)\téléchargement\Adobe Creative Suite 3 Master Collection\Keygen\Adobe Creative Suite 3 Master Collection GoLive 9.exe [DETECTION] Is the Trojan horse TR/Packed.7703 [NOTE] A backup was created as '4914b03d.qua' ( QUARANTINE ) [NOTE] The file was deleted! I:\E-mule\0.48A\eMule\Incoming\Adobe Encore Cs3 Keygen.rar [0] Archive type: RAR --> Adobe Encore CS3 Keygen\Encore DVD 2.0 keygen.exe [DETECTION] Is the Trojan horse TR/PSWeric5.AFKE [NOTE] A backup was created as '4914b0f2.qua' ( QUARANTINE ) [NOTE] The file was deleted! I:\nero7.5.0.1\anti-leech\NetPumper\ZM\minime.exe [DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen [NOTE] A backup was created as '4913b33b.qua' ( QUARANTINE ) [NOTE] The file was deleted! Begin scan in 'O:\' <film et photos> End of the scan: vendredi, 15. août 2008 18:53 Used time: 2:07:55 min The scan has been done completely. 11312 Scanning directories 1000211 Files were scanned 178 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 178 files were deleted 0 files were repaired 178 files were moved to quarantine 0 files were renamed 56 Files cannot be scanned 1000033 Files not concerned 6375 Archives were scanned 56 Warnings 178 Notes

bonjours j'aurais une petite question, vous allez me prendre pour un fou, mais bon je me lance avant que j'ai eu ces problèmes avec ce vers bagle j'avais songé à formater, pour différentes cause (iE7 qui ne fonctionne plus) et autres problème assez agassants, j'attendais de désinfecter mon pc pour pouvoir réparer IE7 et nettoyer un peu mon disque c. mais vu l'ampleur du problème et le temps que ça prend je me pose la question.... ma question c'est est-ce que le formatage pourrait éradiquer le vers ou pas? celà m'ennuie de vous faire perdre votre temps pour rien, si le formatage serait une solution! salutations

je vous poste ici le fichier txt de combofix et une fois que j'aurais le logiciel antivir je vous mettrais le rapport... ComboFix 08-08-12.01 - Laure et Steve 2008-08-14 18:03:55.5 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1691 [GMT 2:00] Endroit: C:\Documents and Settings\Laure et Steve\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Laure et Steve\Bureau\CFScript.txt.txt * Création d'un nouveau point de restauration FILE :: C:\BOOT.BKK C:\WINDOWS\NV26802688.TMP K:\nideiect.com M:\nideiect.com . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\BOOT.BKK . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-14 to 2008-08-14 )))))))))))))))))))))))))))))))))))) . 2008-08-14 18:00 . 2008-08-14 18:00 <REP> d-------- C:\Combo-Fix 2008-08-14 12:56 . 2008-08-14 18:00 1,374 --a------ C:\WINDOWS\imsins.BAK 2008-08-12 18:16 . 2008-08-12 18:16 <REP> d-------- C:\Muestras 2008-08-09 13:06 . 2008-08-09 13:06 <REP> d-------- C:\Program Files\iPod 2008-08-09 13:06 . 2008-08-09 13:06 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-04 20:38 . 2008-08-04 20:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Mindjet 2008-08-04 20:38 . 2002-12-28 10:26 20,569 --a------ C:\WINDOWS\system32\pxc25pm.dll 2008-08-04 20:35 . 2008-08-04 20:35 <REP> d-------- C:\WINDOWS\Downloaded Installations 2008-08-04 20:03 . 2008-08-04 20:03 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\QXL Ricardo 2008-08-03 09:55 . 2006-10-05 04:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-08-03 09:55 . 2006-10-05 04:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-08-02 19:57 . 2008-08-02 19:57 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\TeamViewer 2008-08-02 19:56 . 2008-08-02 19:56 <REP> d-------- C:\Documents and Settings\Laure et Steve\temp 2008-08-02 19:53 . 2008-08-02 19:53 <REP> d-------- C:\Program Files\TGTSoft 2008-07-30 15:46 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-07-30 15:46 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-07-29 13:09 . 2003-03-16 00:15 90,112 --a------ C:\WINDOWS\unvise32.exe 2008-07-28 10:52 . 2008-08-03 09:55 <REP> d-------- C:\Program Files\Google 2008-07-25 14:43 . 2008-07-25 14:43 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\CD-LabelPrint 2008-07-24 21:25 . 2008-07-24 21:25 <REP> d-------- C:\WINDOWS\system32\XPSViewer 2008-07-24 21:25 . 2008-07-24 21:25 <REP> d-------- C:\Program Files\Reference Assemblies 2008-07-24 21:25 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2008-07-20 17:43 . 2008-07-20 17:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage 2008-07-20 17:42 . 2008-02-14 22:50 676,224 --a------ C:\WINDOWS\system32\ogacheckcontrol.dll 2008-07-19 21:36 . 2008-07-19 21:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\U3 2008-07-17 18:10 . 2006-12-07 10:45 1,163,264 --a------ C:\WINDOWS\system32\u3dapi10.dll 2008-07-15 19:47 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-07-15 19:47 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-07-15 19:47 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-07-15 19:47 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-07-15 19:47 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-07-15 19:47 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-07-15 19:47 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-07-15 19:47 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-07-15 19:47 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-07-14 23:05 . 2008-07-14 23:05 <REP> d-------- C:\Program Files\MSXML 4.0 2008-07-14 22:03 . 2008-07-14 22:05 <REP> d-------- C:\WINDOWS\NV26802688.TMP 2008-07-14 22:03 . 2007-03-07 08:49 111,171 --a------ C:\WINDOWS\system32\nvapps.nvb 2008-07-14 22:03 . 2005-06-24 17:05 16,958 --a------ C:\WINDOWS\system32\evga.ico 2008-07-14 22:02 . 2008-07-14 22:02 <REP> d-------- C:\WINDOWS\system32\EVGA 2008-07-14 22:01 . 2007-03-07 02:49 225,280 -ra------ C:\WINDOWS\system32\nvrszhc.dll 2008-07-14 22:01 . 2007-03-07 02:49 167,936 -ra------ C:\WINDOWS\system32\nvwrszht.dll 2008-07-14 22:01 . 2007-03-07 02:49 163,840 -ra------ C:\WINDOWS\system32\nvwrszhc.dll 2008-07-14 22:01 . 2007-03-07 02:49 122,880 -ra------ C:\WINDOWS\system32\nvrszht.dll 2008-07-14 22:01 . 2007-03-07 02:49 111,171 -ra------ C:\WINDOWS\system32\nvapps.xml 2008-07-14 21:59 . 2007-03-07 08:49 6,660,096 --a------ C:\WINDOWS\system32\nvoglnt.dll 2008-07-14 21:59 . 2007-03-07 02:49 335,872 --a------ C:\WINDOWS\system32\nvapi.dll 2008-07-14 21:59 . 2007-03-07 02:49 163,908 --a------ C:\WINDOWS\system32\nvsvc32.exe 2008-07-14 21:52 . 2004-08-19 16:09 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll 2008-07-14 21:52 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe 2008-07-14 21:52 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll 2008-07-14 21:52 . 2001-08-23 17:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll 2008-07-14 21:50 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys 2008-07-14 21:49 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll 2008-07-14 21:48 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys 2008-07-14 21:47 . 2004-08-03 22:41 404,990 --a--c--- C:\WINDOWS\system32\dllcache\slntamr.sys 2008-07-14 21:46 . 2001-08-23 17:46 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll 2008-07-14 21:45 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll 2008-07-14 21:44 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys 2008-07-14 21:43 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys 2008-07-14 21:42 . 2007-02-28 18:02 2,059,648 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-07-14 21:41 . 2004-08-19 16:09 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll 2008-07-14 21:40 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys 2008-07-14 21:39 . 2001-08-23 17:47 372,824 --a--c--- C:\WINDOWS\system32\dllcache\iconf32.dll 2008-07-14 21:38 . 2004-08-03 22:41 1,041,536 --a--c--- C:\WINDOWS\system32\dllcache\hsfdpsp2.sys 2008-07-14 21:37 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll 2008-07-14 21:36 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys 2008-07-14 21:35 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys 2008-07-14 21:34 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys 2008-07-14 21:33 . 2007-02-28 18:02 2,182,400 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-07-14 21:22 . 2008-08-14 15:19 <REP> d-------- C:\WINDOWS\system32\CatRoot2 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-14 10:47 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Canon 2008-08-13 17:49 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Apple Computer 2008-08-11 16:22 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\U3 2008-08-07 16:42 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL 2008-08-07 16:42 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS 2008-07-29 10:44 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-29 10:43 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-07-28 13:18 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\LimeWire 2008-07-20 09:56 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Azureus 2008-07-19 14:06 --------- d-----w C:\Program Files\Bonjour 2008-07-07 16:30 --------- d-----w C:\Program Files\CrossLoop 2008-07-06 17:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith 2008-07-06 17:45 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-05 17:59 --------- d-----w C:\Program Files\Rapidown 2008-07-05 16:57 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-07-02 16:36 --------- d-----w C:\Program Files\QuickTime 2008-07-02 16:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-07-02 16:35 --------- d-----w C:\Program Files\Fichiers communs\Apple 2008-07-02 16:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-06-30 17:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-06-30 17:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared 2008-06-28 12:59 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\ameCache 2008-06-26 18:22 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-06-25 21:32 --------- d-----w C:\Program Files\MSXML 6.0 2008-06-24 16:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-23 20:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software 2008-06-23 18:55 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Druide 2008-06-23 18:26 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2008-06-23 18:24 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Ahead 2008-06-23 16:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-23 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus 2008-06-23 16:14 --------- d-----w C:\Program Files\MSBuild 2008-06-23 16:14 --------- d-----w C:\Program Files\Microsoft Works 2008-06-23 16:12 --------- d-----w C:\Program Files\Microsoft.NET 2008-06-23 16:10 --------- d-----w C:\Program Files\Microsoft Visual Studio 8 2008-06-23 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-06-23 15:56 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-06-22 20:47 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Talkback 2008-06-22 20:30 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Symantec 2008-06-22 19:13 --------- d-----w C:\Program Files\Canon 2008-06-22 19:10 --------- d--h--w C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-06-22 18:47 --------- d-----w C:\Program Files\ASUS 2008-06-22 18:46 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-06-22 18:46 --------- d-----w C:\Program Files\Attansic 2008-06-22 18:40 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-06-22 18:40 --------- d-----w C:\Program Files\Realtek 2008-06-22 18:33 --------- d-----w C:\Program Files\Intel 2008-06-22 18:24 --------- d-----w C:\Program Files\microsoft frontpage 2008-06-22 18:23 --------- d-----w C:\Program Files\Services en ligne 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys . ------- Sigcheck ------- 2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys 2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys 2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys 2007-10-29 14:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys 2008-08-07 18:42 360320 3adce4790f591bf160a94f6f08039577 C:\WINDOWS\system32\dllcache\TCPIP.SYS 2008-08-07 18:42 360320 3adce4790f591bf160a94f6f08039577 C:\WINDOWS\system32\drivers\TCPIP.SYS . ((((((((((((((((((((((((((((( snapshot@2008-08-13_20.28.14.12 ))))))))))))))))))))))))))))))))))))))))) . - 2005-07-26 04:39:57 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll + 2008-07-07 20:31:48 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll - 2007-08-21 06:17:23 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll + 2008-04-11 18:51:06 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll - 2007-10-29 12:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll + 2008-05-01 14:31:48 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll - 2005-06-29 01:49:41 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll + 2008-06-24 16:23:56 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll - 2005-07-26 04:39:57 243,200 ----a-w C:\WINDOWS\system32\es.dll + 2008-07-07 20:31:48 253,952 ----a-w C:\WINDOWS\system32\es.dll - 2007-08-21 06:17:23 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll + 2008-04-11 18:51:06 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll - 2005-06-29 01:49:41 74,240 ----a-w C:\WINDOWS\system32\mscms.dll + 2008-06-24 16:23:56 74,240 ----a-w C:\WINDOWS\system32\mscms.dll - 2007-11-30 12:39:29 18,296 ------w C:\WINDOWS\system32\spmsg.dll + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll - 2008-03-27 09:24:20 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe + 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-10-29 14:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264] "pdfSaver3"="D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe" [2004-09-05 17:20 380928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "pccguide.exe"="D:\trend micro ver.14\pccguide.exe" [2008-08-13 19:03 901185] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "SunJavaUpdateSched"="D:\java\bin\jusched.exe" [2008-03-25 04:28 144784] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-03-07 08:49 8425472] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-03-07 08:49 81920] "AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040] "MMReminderService"="D:\mind manager 7 pro\MMReminderService.exe" [2007-07-24 03:40 37136] "iTunesHelper"="D:\Itunes\iTunesHelper.exe" [2008-07-30 10:47 289064] "RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16:49 16126464 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2007-03-07 02:49 1622016 C:\WINDOWS\system32\nwiz.exe] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe] "Debugger"=StripMyRights.exe /D /L N [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outlook.exe] "Debugger"=StripMyRights.exe /D /L N [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "D:\\Itunes\\iTunes.exe"= R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 16:12] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{119349c4-43ae-11dd-bd36-001e8c087e1a}] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2057081d-541c-11dd-b81e-001e8c087e1a}] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c143bb43-42cb-11dd-af99-001e8c087e1a}] \Shell\AutoRun\command - L:\LaunchU3.exe -a . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' 2008-08-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-14 18:06:42 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\ad aware 2008\prog\aawservice.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\iPod\bin\iPodService.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-14 18:08:29 - machine was rebooted [Laure et Steve] ComboFix-quarantined-files.txt 2008-08-14 16:08:15 ComboFix2.txt 2008-08-14 15:57:19 ComboFix3.txt 2008-08-13 18:29:22 Pre-Run: 15,943,036,928 octets libres Post-Run: 15,929,532,416 octets libres 247 --- E O F --- 2008-08-14 16:00:47 merci d'avance.

je n'est pas réussi à faire fonctionner IE7 (ça sera pour une prochaine fois et j'ai une question je télécharge lequel d'antivir parce-que j'ai vu qu'ils y en avaient plusieurs?

bonjour je suis actuellement au travail et je ne pourrais faire ce que vous m'avez dit que ce soir vers 17h30, mais là n'est pas le véritable problème, j'ai lu dans votre post que je devais faire un scan en ligne avec kaspersky en utilisant internet explorer, le hic c'est que IE7 ne fonctionne plus chez moi, il a arrêter de fonctionner depuis ma dernière grosse désinfection.... j'ai essayer de réparer windows pour le remettre mais rien n'a faire!! alors si vous avez une autre solution ou un moyen pour faire fonctionner IE7 je suis preneur.... et merci de votre aide. a+

merci beaucoup pour ces infos... alors voilà le rapport de combofix ComboFix 08-08-12.01 - Laure et Steve 2008-08-13 20:26:21.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.1730 [GMT 2:00] * CrÚation d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Laure et Steve\Application Data\m C:\Documents and Settings\Laure et Steve\Application Data\m\data.oct C:\Documents and Settings\Laure et Steve\Application Data\m\flec006.exe C:\Documents and Settings\Laure et Steve\Application Data\m\list.oct C:\Documents and Settings\Laure et Steve\Application Data\m\shared C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Calc Join (Merge, Combine) Multiple Sheets & Files Into One Software 7.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Calc Password Recovery 1.0.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Draw Password Recovery 1.0.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice IFilter 1.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Password Recovery 1.0.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Extract Email Addresses From Documents Software 7.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Find and Replace In Multiple Documents Software 7.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice Writer Import Multiple Word Documents Software 7.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenOffice.org for Linux.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPandora 0.6.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPhotoPod 0.0.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\openPim 1.2 beta.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenPlsInWM 1.0.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenProj 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenRemind 1.0.7 Build 1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenRun 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opens and Save Files Utility 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSearchFox 0.1.5.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSebJ 0.41.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSezMe 1.3.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opensisma 1.3 Build 80208.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenSSL 0.9.8g.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenStego 0.3.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\opensubtitles.org search 0.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenTalk 3.14.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenURL Referrer 2.3.7.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenVIP 1.1.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenVPN GUI 1.0.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave Location Studio SDK 2.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave MMS SDK 3.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Openwave WAP Push Library 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenWire 2.6.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenWithView 1.01.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Openworld FlashPresenter 2.0.9.97.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX ASP Edition for MSSQL, Sybase, Oracle, MySQL 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for MS SQL Server 2.0.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for MySQL 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenX for Oracle 7i, 8i 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenXML Writer 1.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPENXTRA Console 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpenzUp 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera's DC++ (oDC) 5.31.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera's Ruler 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera ASA Office Analog Clocks 1.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera BackupX 0.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Bible 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Christmas Widget! 0.6.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Clock 1.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera for Linux 7.21.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera for Windows with Java 7.54u2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Forum Search 1.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Launcher 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Password Recovery 3.4.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Password Recovery Master 1.0.0.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Snow 0.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Update Checker 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Uptime 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Web Applications Blog 1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera Widget Maker 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera.fm .9.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opera@USB 9.27 Build 8841.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaAdFilter 1.01.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Operating System Gadget 1.0.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Operator 0.8.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaTor 2.6b.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OperaView 0.6.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Ophcrack 2.4.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPI Swapper for InDesign CS2 6.1r10.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPI Swapper for QuarkXPress 6.x 6.0r8.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\opImage 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opinio 6.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Library for .NET 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Reader 0.2.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OPML Support 1.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opt-In List Extractor 1.0b.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Opt-In List Manager 1.0.15.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptContact 1.0.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptDrvr - Options Calculator 10.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optenet PC Web Filter 9.4.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optical Illusion Of The Day 4.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optical Info 1.02.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OpticamFX 1.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optician Information Management 1.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\optiDesigner 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optidraft 2.03.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\optiGA 2.01.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optilink 3.0.24.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optima Metrics Group 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimAccess Dial 3.0.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Archive 1.1 build 138.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Data Analyses 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Desktop - Professional Edition 5.0 r220.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Desktop Standard 5.0 r222.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal File Combination Calculator 0.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal HTML v1.2.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Mandelbrot 3.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Password Generator 2.1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Pilot 1.00.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Shopping List Maker 1.9.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Trader 2.4.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimal Weight 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimaze! 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimFROG 4.600ex.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimik 2.36c.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimism 1.2.6.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimization Algorithm Toolkit - OAT 1.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimize Computer 1.4.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimize GUITIDY 1.05.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimizeBatch 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimizer Rx 1.01.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimizer XP 3.5 XG.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for FAT Formatted 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for FAT Undelete 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for NTFS Formatted 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimum Data Recovery for NTFS Undelete 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optimumcut-1D 1.20.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptimumJPEG 1.1.0.3.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\OptiNet 1.2 Build #1.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Optinlistexploder 2.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Calculator 1.42.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Position Calculator 1.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Pricing Calculator 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\shared\Option Profit Calculator 1.0.0.zip C:\Documents and Settings\Laure et Steve\Application Data\m\srvlist.oct C:\InfoSat.txt C:\WINDOWS\BM233a88a3.txt C:\WINDOWS\system32\ban_list.txt C:\WINDOWS\system32\drivers\downld C:\WINDOWS\system32\drivers\downld\104218.exe C:\WINDOWS\system32\drivers\downld\106062.exe C:\WINDOWS\system32\drivers\downld\107593.exe C:\WINDOWS\system32\drivers\downld\107609.exe C:\WINDOWS\system32\drivers\downld\109281.exe C:\WINDOWS\system32\drivers\downld\110390.exe C:\WINDOWS\system32\drivers\downld\120921.exe C:\WINDOWS\system32\drivers\downld\126562.exe C:\WINDOWS\system32\drivers\downld\128296.exe C:\WINDOWS\system32\drivers\downld\128578.exe C:\WINDOWS\system32\drivers\downld\132734.exe C:\WINDOWS\system32\drivers\downld\132812.exe C:\WINDOWS\system32\drivers\downld\133828.exe C:\WINDOWS\system32\drivers\downld\134046.exe C:\WINDOWS\system32\drivers\downld\137078.exe C:\WINDOWS\system32\drivers\downld\137875.exe C:\WINDOWS\system32\drivers\downld\140375.exe C:\WINDOWS\system32\drivers\downld\140875.exe C:\WINDOWS\system32\drivers\downld\142218.exe C:\WINDOWS\system32\drivers\downld\146718.exe C:\WINDOWS\system32\drivers\downld\147125.exe C:\WINDOWS\system32\drivers\downld\148578.exe C:\WINDOWS\system32\drivers\downld\152062.exe C:\WINDOWS\system32\drivers\downld\155843.exe C:\WINDOWS\system32\drivers\downld\158859.exe C:\WINDOWS\system32\drivers\downld\159531.exe C:\WINDOWS\system32\drivers\downld\160531.exe C:\WINDOWS\system32\drivers\downld\161500.exe C:\WINDOWS\system32\drivers\downld\171390.exe C:\WINDOWS\system32\drivers\downld\172968.exe C:\WINDOWS\system32\drivers\downld\173078.exe C:\WINDOWS\system32\drivers\downld\1917593.exe C:\WINDOWS\system32\drivers\downld\1923921.exe C:\WINDOWS\system32\drivers\downld\1931234.exe C:\WINDOWS\system32\drivers\downld\1956359.exe C:\WINDOWS\system32\drivers\downld\1959468.exe C:\WINDOWS\system32\drivers\downld\2004000.exe C:\WINDOWS\system32\drivers\downld\2005593.exe C:\WINDOWS\system32\drivers\downld\2010078.exe C:\WINDOWS\system32\drivers\downld\2017406.exe C:\WINDOWS\system32\drivers\downld\2019250.exe C:\WINDOWS\system32\drivers\downld\2045203.exe C:\WINDOWS\system32\drivers\downld\205687.exe C:\WINDOWS\system32\drivers\downld\2069796.exe C:\WINDOWS\system32\drivers\downld\2071328.exe C:\WINDOWS\system32\drivers\downld\207640.exe C:\WINDOWS\system32\drivers\downld\2112250.exe C:\WINDOWS\system32\drivers\downld\2119031.exe C:\WINDOWS\system32\drivers\downld\212578.exe C:\WINDOWS\system32\drivers\downld\2150437.exe C:\WINDOWS\system32\drivers\downld\2155734.exe C:\WINDOWS\system32\drivers\downld\2170281.exe C:\WINDOWS\system32\drivers\downld\2174218.exe C:\WINDOWS\system32\drivers\downld\2198625.exe C:\WINDOWS\system32\drivers\downld\2200078.exe C:\WINDOWS\system32\drivers\downld\232656.exe C:\WINDOWS\system32\drivers\downld\234531.exe C:\WINDOWS\system32\drivers\downld\239234.exe C:\WINDOWS\system32\drivers\downld\30331796.exe C:\WINDOWS\system32\drivers\downld\30336500.exe C:\WINDOWS\system32\drivers\downld\30339828.exe C:\WINDOWS\system32\drivers\downld\30346562.exe C:\WINDOWS\system32\drivers\downld\30374140.exe C:\WINDOWS\system32\drivers\downld\30376375.exe C:\WINDOWS\system32\drivers\downld\3693234.exe C:\WINDOWS\system32\drivers\downld\3698500.exe C:\WINDOWS\system32\drivers\downld\3703468.exe C:\WINDOWS\system32\drivers\downld\3728500.exe C:\WINDOWS\system32\drivers\downld\3730234.exe C:\WINDOWS\system32\drivers\downld\3774234.exe C:\WINDOWS\system32\drivers\downld\3782250.exe C:\WINDOWS\system32\drivers\downld\4182531.exe C:\WINDOWS\system32\drivers\downld\4186906.exe C:\WINDOWS\system32\drivers\downld\4193656.exe C:\WINDOWS\system32\drivers\downld\4197656.exe C:\WINDOWS\system32\drivers\downld\4222265.exe C:\WINDOWS\system32\drivers\downld\4230531.exe C:\WINDOWS\system32\drivers\downld\42375.exe C:\WINDOWS\system32\drivers\downld\4272171.exe C:\WINDOWS\system32\drivers\downld\4275906.exe C:\WINDOWS\system32\drivers\downld\43078.exe C:\WINDOWS\system32\drivers\downld\43578.exe C:\WINDOWS\system32\drivers\downld\44125.exe C:\WINDOWS\system32\drivers\downld\44750.exe C:\WINDOWS\system32\drivers\downld\44875.exe C:\WINDOWS\system32\drivers\downld\45296.exe C:\WINDOWS\system32\drivers\downld\46500.exe C:\WINDOWS\system32\drivers\downld\47328.exe C:\WINDOWS\system32\drivers\downld\47421.exe C:\WINDOWS\system32\drivers\downld\49000.exe C:\WINDOWS\system32\drivers\downld\49703.exe C:\WINDOWS\system32\drivers\downld\498234.exe C:\WINDOWS\system32\drivers\downld\504750.exe C:\WINDOWS\system32\drivers\downld\50812.exe C:\WINDOWS\system32\drivers\downld\508750.exe C:\WINDOWS\system32\drivers\downld\51156.exe C:\WINDOWS\system32\drivers\downld\51312.exe C:\WINDOWS\system32\drivers\downld\52031.exe C:\WINDOWS\system32\drivers\downld\52343.exe C:\WINDOWS\system32\drivers\downld\52812.exe C:\WINDOWS\system32\drivers\downld\533453.exe C:\WINDOWS\system32\drivers\downld\535281.exe C:\WINDOWS\system32\drivers\downld\53984.exe C:\WINDOWS\system32\drivers\downld\56718.exe C:\WINDOWS\system32\drivers\downld\56796.exe C:\WINDOWS\system32\drivers\downld\57265.exe C:\WINDOWS\system32\drivers\downld\577171.exe C:\WINDOWS\system32\drivers\downld\57937.exe C:\WINDOWS\system32\drivers\downld\58562.exe C:\WINDOWS\system32\drivers\downld\58625.exe C:\WINDOWS\system32\drivers\downld\587890.exe C:\WINDOWS\system32\drivers\downld\59656.exe C:\WINDOWS\system32\drivers\downld\6008406.exe C:\WINDOWS\system32\drivers\downld\6020421.exe C:\WINDOWS\system32\drivers\downld\6025937.exe C:\WINDOWS\system32\drivers\downld\6027093.exe C:\WINDOWS\system32\drivers\downld\6031765.exe C:\WINDOWS\system32\drivers\downld\6057156.exe C:\WINDOWS\system32\drivers\downld\6059125.exe C:\WINDOWS\system32\drivers\downld\6109046.exe C:\WINDOWS\system32\drivers\downld\6114125.exe C:\WINDOWS\system32\drivers\downld\6119359.exe C:\WINDOWS\system32\drivers\downld\61218.exe C:\WINDOWS\system32\drivers\downld\63906.exe C:\WINDOWS\system32\drivers\downld\64484.exe C:\WINDOWS\system32\drivers\downld\67812.exe C:\WINDOWS\system32\drivers\downld\68500.exe C:\WINDOWS\system32\drivers\downld\69968.exe C:\WINDOWS\system32\drivers\downld\72125.exe C:\WINDOWS\system32\drivers\downld\73906.exe C:\WINDOWS\system32\drivers\downld\73921.exe C:\WINDOWS\system32\drivers\downld\77796.exe C:\WINDOWS\system32\drivers\downld\82328.exe C:\WINDOWS\system32\drivers\downld\82406.exe C:\WINDOWS\system32\drivers\downld\82421.exe C:\WINDOWS\system32\drivers\downld\82765.exe C:\WINDOWS\system32\drivers\downld\835953.exe C:\WINDOWS\system32\drivers\downld\839484.exe C:\WINDOWS\system32\drivers\downld\84015.exe C:\WINDOWS\system32\drivers\downld\84343.exe C:\WINDOWS\system32\drivers\downld\84421.exe C:\WINDOWS\system32\drivers\downld\854906.exe C:\WINDOWS\system32\drivers\downld\860312.exe C:\WINDOWS\system32\drivers\downld\885171.exe C:\WINDOWS\system32\drivers\downld\886921.exe C:\WINDOWS\system32\drivers\downld\88937.exe C:\WINDOWS\system32\drivers\downld\89281.exe C:\WINDOWS\system32\drivers\downld\89843.exe C:\WINDOWS\system32\drivers\downld\90703.exe C:\WINDOWS\system32\drivers\downld\90953.exe C:\WINDOWS\system32\drivers\downld\931109.exe C:\WINDOWS\system32\drivers\downld\933265.exe C:\WINDOWS\system32\drivers\downld\938140.exe C:\WINDOWS\system32\drivers\downld\95468.exe C:\WINDOWS\system32\drivers\downld\96171.exe C:\WINDOWS\system32\drivers\downld\961812.exe C:\WINDOWS\system32\drivers\downld\967375.exe C:\WINDOWS\system32\drivers\downld\97000.exe C:\WINDOWS\system32\drivers\downld\98734.exe C:\WINDOWS\system32\drivers\hldrrr.exe C:\WINDOWS\system32\drivers\mdelk.exe C:\WINDOWS\system32\drivers\srosa.sys C:\WINDOWS\system32\lsprst7.dll C:\WINDOWS\system32\mdelk.exe C:\WINDOWS\system32\ssprs.dll C:\WINDOWS\system32\wintems.exe . ((((((((((((((((((((((((((((( Fichiers crÚÚs 2008-07-13 to 2008-08-13 )))))))))))))))))))))))))))))))))))) . 2008-08-12 18:16 . 2008-08-12 18:16 <REP> d-------- C:\Muestras 2008-08-09 13:06 . 2008-08-09 13:06 <REP> d-------- C:\Program Files\iPod 2008-08-09 13:06 . 2008-08-09 13:06 <REP> d-------- C:\Program Files\Apple Software Update 2008-08-04 20:38 . 2008-08-04 20:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Mindjet 2008-08-04 20:38 . 2002-12-28 10:26 20,569 --a------ C:\WINDOWS\system32\pxc25pm.dll 2008-08-04 20:35 . 2008-08-04 20:35 <REP> d-------- C:\WINDOWS\Downloaded Installations 2008-08-04 20:03 . 2008-08-04 20:03 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\QXL Ricardo 2008-08-03 09:55 . 2006-10-05 04:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys 2008-08-03 09:55 . 2006-10-05 04:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys 2008-08-02 19:57 . 2008-08-02 19:57 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\TeamViewer 2008-08-02 19:56 . 2008-08-02 19:56 <REP> d-------- C:\Documents and Settings\Laure et Steve\temp 2008-08-02 19:56 . 2008-07-10 18:29 212 --ahs---- C:\BOOT.BKK 2008-08-02 19:53 . 2008-08-02 19:53 <REP> d-------- C:\Program Files\TGTSoft 2008-07-30 15:46 . 2004-08-19 16:09 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2008-07-30 15:46 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2008-07-29 13:09 . 2003-03-16 00:15 90,112 --a------ C:\WINDOWS\unvise32.exe 2008-07-28 10:52 . 2008-08-03 09:55 <REP> d-------- C:\Program Files\Google 2008-07-25 14:43 . 2008-07-25 14:43 <REP> d-------- C:\Documents and Settings\Laure et Steve\Application Data\CD-LabelPrint 2008-07-24 21:25 . 2008-07-24 21:25 <REP> d-------- C:\WINDOWS\system32\XPSViewer 2008-07-24 21:25 . 2008-07-24 21:25 <REP> d-------- C:\Program Files\Reference Assemblies 2008-07-24 21:25 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2008-07-20 17:43 . 2008-07-20 17:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage 2008-07-20 17:42 . 2008-02-14 22:50 676,224 --a------ C:\WINDOWS\system32\ogacheckcontrol.dll 2008-07-19 21:36 . 2008-07-19 21:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\U3 2008-07-17 18:10 . 2006-12-07 10:45 1,163,264 --a------ C:\WINDOWS\system32\u3dapi10.dll 2008-07-15 19:47 . 2008-04-23 06:16 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-07-15 19:47 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-07-15 19:47 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-07-15 19:47 . 2008-04-23 06:16 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-07-15 19:47 . 2008-04-23 06:16 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-07-15 19:47 . 2008-04-23 06:16 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-07-15 19:47 . 2008-04-23 06:16 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-07-15 19:47 . 2008-04-23 06:16 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-07-15 19:47 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-07-14 23:05 . 2008-07-14 23:05 <REP> d-------- C:\Program Files\MSXML 4.0 2008-07-14 22:03 . 2008-07-14 22:05 <REP> d-------- C:\WINDOWS\NV26802688.TMP 2008-07-14 22:03 . 2007-03-07 08:49 111,171 --a------ C:\WINDOWS\system32\nvapps.nvb 2008-07-14 22:03 . 2005-06-24 17:05 16,958 --a------ C:\WINDOWS\system32\evga.ico 2008-07-14 22:02 . 2008-07-14 22:02 <REP> d-------- C:\WINDOWS\system32\EVGA 2008-07-14 22:01 . 2007-03-07 02:49 225,280 -ra------ C:\WINDOWS\system32\nvrszhc.dll 2008-07-14 22:01 . 2007-03-07 02:49 167,936 -ra------ C:\WINDOWS\system32\nvwrszht.dll 2008-07-14 22:01 . 2007-03-07 02:49 163,840 -ra------ C:\WINDOWS\system32\nvwrszhc.dll 2008-07-14 22:01 . 2007-03-07 02:49 122,880 -ra------ C:\WINDOWS\system32\nvrszht.dll 2008-07-14 22:01 . 2007-03-07 02:49 111,171 -ra------ C:\WINDOWS\system32\nvapps.xml 2008-07-14 21:59 . 2007-03-07 08:49 6,660,096 --a------ C:\WINDOWS\system32\nvoglnt.dll 2008-07-14 21:59 . 2007-03-07 02:49 335,872 --a------ C:\WINDOWS\system32\nvapi.dll 2008-07-14 21:59 . 2007-03-07 02:49 163,908 --a------ C:\WINDOWS\system32\nvsvc32.exe 2008-07-14 21:52 . 2004-08-19 16:09 116,736 --a--c--- C:\WINDOWS\system32\dllcache\xrxwiadr.dll 2008-07-14 21:52 . 2001-08-23 17:47 27,648 --a--c--- C:\WINDOWS\system32\dllcache\xrxftplt.exe 2008-07-14 21:52 . 2001-08-23 17:47 23,040 --a--c--- C:\WINDOWS\system32\dllcache\xrxwbtmp.dll 2008-07-14 21:52 . 2001-08-23 17:47 17,408 --a--c--- C:\WINDOWS\system32\dllcache\xrxscnui.dll 2008-07-14 21:50 . 2001-08-17 21:28 794,654 --a--c--- C:\WINDOWS\system32\dllcache\usr1801.sys 2008-07-14 21:49 . 2001-08-23 17:47 525,568 --a--c--- C:\WINDOWS\system32\dllcache\tridxp.dll 2008-07-14 21:48 . 2001-08-23 16:57 286,848 --a--c--- C:\WINDOWS\system32\dllcache\stlnata.sys 2008-07-14 21:47 . 2004-08-03 22:41 404,990 --a--c--- C:\WINDOWS\system32\dllcache\slntamr.sys 2008-07-14 21:46 . 2001-08-23 17:46 386,560 --a--c--- C:\WINDOWS\system32\dllcache\sgiul50.dll 2008-07-14 21:45 . 2001-08-23 17:47 495,616 --a--c--- C:\WINDOWS\system32\dllcache\sblfx.dll 2008-07-14 21:44 . 2001-08-23 17:18 899,914 --a--c--- C:\WINDOWS\system32\dllcache\r2mdkxga.sys 2008-07-14 21:43 . 2001-08-17 22:05 351,616 --a--c--- C:\WINDOWS\system32\dllcache\ovcodek2.sys 2008-07-14 21:42 . 2007-02-28 18:02 2,059,648 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe 2008-07-14 21:41 . 2004-08-19 16:09 1,737,856 --a--c--- C:\WINDOWS\system32\dllcache\mtxparhd.dll 2008-07-14 21:40 . 2001-08-17 21:28 802,683 --a--c--- C:\WINDOWS\system32\dllcache\ltsm.sys 2008-07-14 21:39 . 2001-08-23 17:47 372,824 --a--c--- C:\WINDOWS\system32\dllcache\iconf32.dll 2008-07-14 21:38 . 2004-08-03 22:41 1,041,536 --a--c--- C:\WINDOWS\system32\dllcache\hsfdpsp2.sys 2008-07-14 21:37 . 2001-08-23 17:46 1,733,120 --a--c--- C:\WINDOWS\system32\dllcache\g400d.dll 2008-07-14 21:36 . 2001-08-23 17:13 634,166 --a--c--- C:\WINDOWS\system32\dllcache\el656ct5.sys 2008-07-14 21:35 . 2001-08-17 20:14 952,007 --a--c--- C:\WINDOWS\system32\dllcache\diwan.sys 2008-07-14 21:34 . 2001-08-23 17:04 980,034 --a--c--- C:\WINDOWS\system32\dllcache\cicap.sys 2008-07-14 21:33 . 2007-02-28 18:02 2,182,400 --a--c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe 2008-07-14 21:22 . 2008-08-13 19:04 <REP> d-------- C:\WINDOWS\system32\CatRoot2 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-08-13 17:49 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Apple Computer 2008-08-11 16:22 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\U3 2008-08-07 16:42 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL 2008-08-07 16:42 360,320 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS 2008-08-05 15:00 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Canon 2008-07-29 10:44 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-07-29 10:43 --------- d-----w C:\Program Files\Fichiers communs\Adobe 2008-07-28 13:18 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\LimeWire 2008-07-20 09:56 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Azureus 2008-07-19 14:06 --------- d-----w C:\Program Files\Bonjour 2008-07-07 16:30 --------- d-----w C:\Program Files\CrossLoop 2008-07-06 17:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith 2008-07-06 17:45 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard 2008-07-05 17:59 --------- d-----w C:\Program Files\Rapidown 2008-07-05 16:57 --------- d-----w C:\Program Files\Fichiers communs\Java 2008-07-02 16:36 --------- d-----w C:\Program Files\QuickTime 2008-07-02 16:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer 2008-07-02 16:35 --------- d-----w C:\Program Files\Fichiers communs\Apple 2008-07-02 16:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple 2008-06-30 17:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems 2008-06-30 17:11 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared 2008-06-28 12:59 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\ameCache 2008-06-26 18:22 --------- d-----w C:\Program Files\Windows Media Connect 2 2008-06-25 21:32 --------- d-----w C:\Program Files\MSXML 6.0 2008-06-24 16:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Lavasoft 2008-06-23 20:24 --------- d-----w C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software 2008-06-23 18:55 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Druide 2008-06-23 18:26 --------- d-----w C:\Program Files\Fichiers communs\Ahead 2008-06-23 18:24 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Ahead 2008-06-23 16:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help 2008-06-23 16:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus 2008-06-23 16:14 --------- d-----w C:\Program Files\MSBuild 2008-06-23 16:14 --------- d-----w C:\Program Files\Microsoft Works 2008-06-23 16:12 --------- d-----w C:\Program Files\Microsoft.NET 2008-06-23 16:10 --------- d-----w C:\Program Files\Microsoft Visual Studio 8 2008-06-23 16:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec 2008-06-23 15:56 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-06-22 20:47 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Talkback 2008-06-22 20:30 --------- d-----w C:\Documents and Settings\Laure et Steve\Application Data\Symantec 2008-06-22 19:13 --------- d-----w C:\Program Files\Canon 2008-06-22 19:10 --------- d--h--w C:\Documents and Settings\All Users\Application Data\CanonBJ 2008-06-22 18:47 --------- d-----w C:\Program Files\ASUS 2008-06-22 18:46 --------- d-----w C:\Program Files\Fichiers communs\InstallShield 2008-06-22 18:46 --------- d-----w C:\Program Files\Attansic 2008-06-22 18:40 315,392 ----a-w C:\WINDOWS\HideWin.exe 2008-06-22 18:40 --------- d-----w C:\Program Files\Realtek 2008-06-22 18:33 --------- d-----w C:\Program Files\Intel 2008-06-22 18:24 --------- d-----w C:\Program Files\microsoft frontpage 2008-06-22 18:23 --------- d-----w C:\Program Files\Services en ligne 2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll 2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-06-14 17:59 272,768 ----a-w C:\WINDOWS\system32\drivers\bthport.sys 2008-05-16 09:58 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe 2006-06-23 22:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe . ------- Sigcheck ------- 2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys 2008-06-20 12:44 360960 744e57c99232201ae98c49168b918f48 C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys 2008-06-20 13:51 361600 9aefa14bd6b182d61e3119fa5f436d3d C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys 2008-06-20 13:59 361600 ad978a1b783b5719720cff204b666c8e C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys 2007-10-29 14:00 359040 9f4b36614a0fc234525ba224957de55c C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys 2008-08-07 18:42 360320 3adce4790f591bf160a94f6f08039577 C:\WINDOWS\system32\dllcache\TCPIP.SYS 2008-08-07 18:42 360320 3adce4790f591bf160a94f6f08039577 C:\WINDOWS\system32\drivers\TCPIP.SYS . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ÚlÚments vides & les ÚlÚments initiaux lÚgitimes ne sont pas listÚs [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2007-10-29 14:00 15360] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264] "pdfSaver3"="D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe" [2004-09-05 17:20 380928] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "pccguide.exe"="D:\trend micro ver.14\pccguide.exe" [2008-08-13 19:03 901185] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 10:50 413696] "SunJavaUpdateSched"="D:\java\bin\jusched.exe" [2008-03-25 04:28 144784] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-03-07 08:49 8425472] "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-03-07 08:49 81920] "AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 09:47 116040] "MMReminderService"="D:\mind manager 7 pro\MMReminderService.exe" [2007-07-24 03:40 37136] "iTunesHelper"="D:\Itunes\iTunesHelper.exe" [2008-07-30 10:47 289064] "RTHDCPL"="RTHDCPL.EXE" [2007-03-21 16:49 16126464 C:\WINDOWS\RTHDCPL.exe] "nwiz"="nwiz.exe" [2007-03-07 02:49 1622016 C:\WINDOWS\system32\nwiz.exe] C:\Documents and Settings\Laure et Steve\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\iexplore.exe] "Debugger"=StripMyRights.exe /D /L N [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\outlook.exe] "Debugger"=StripMyRights.exe /D /L N [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\TrendFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "C:\\Program Files\\Bonjour\\mDNSResponder.exe"= "D:\\Itunes\\iTunes.exe"= R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 16:12] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{119349c4-43ae-11dd-bd36-001e8c087e1a}] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{119349c5-43ae-11dd-bd36-001e8c087e1a}] \Shell\AutoRun\command - K:\nideiect.com \Shell\explore\Command - K:\nideiect.com \Shell\open\Command - K:\nideiect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2057081d-541c-11dd-b81e-001e8c087e1a}] \Shell\AutoRun\command - J:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c143bb43-42cb-11dd-af99-001e8c087e1a}] \Shell\AutoRun\command - L:\LaunchU3.exe -a [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c143bb44-42cb-11dd-af99-001e8c087e1a}] \Shell\AutoRun\command - M:\nideiect.com \Shell\explore\Command - M:\nideiect.com \Shell\open\Command - M:\nideiect.com *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/TÔches planifiÚes' 2008-08-09 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] . - - - - ORPHANS REMOVED - - - - HKLM-Run-pdfSaver3 - (no file) . ------- Supplementary Scan ------- . FireFox -: Profile - C:\Documents and Settings\Laure et Steve\Application Data\Mozilla\Firefox\Profiles\mq9rmij7.default\ FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q= FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.bluewin.ch/ FF -: plugin - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll FF -: plugin - D:\adobe reader\Reader\browser\nppdf32.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npnul32.dll FF -: plugin - D:\firefox 3.0\prog\plugins\NPOFF12.DLL FF -: plugin - D:\firefox 3.0\prog\plugins\nppdf32.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin2.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin3.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin4.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin5.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin6.dll FF -: plugin - D:\firefox 3.0\prog\plugins\npqtplugin7.dll FF -: plugin - D:\Itunes\Mozilla Plugins\npitunes.dll FF -: plugin - D:\java\bin\npjava11.dll FF -: plugin - D:\java\bin\npjava12.dll FF -: plugin - D:\java\bin\npjava13.dll FF -: plugin - D:\java\bin\npjava14.dll FF -: plugin - D:\java\bin\npjava32.dll FF -: plugin - D:\java\bin\npjpi160_06.dll FF -: plugin - D:\java\bin\npoji610.dll ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-08-13 20:28:01 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachÚs ... Balayage cachÚ autostart entries ... Balayage des fichiers cachÚs ... Scan terminÚ avec succÞs Les fichiers cachÚs: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . D:\ad aware 2008\prog\aawservice.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe . ************************************************************************** . Temps d'accomplissement: 2008-08-13 20:29:22 - machine was rebooted ComboFix-quarantined-files.txt 2008-08-13 18:29:17 Pre-Run: 15,928,295,424 octets libres Post-Run: 15,977,930,752 octets libres 557 --- E O F --- 2008-07-25 12:06:35

re bonsoir j'ai essayer de lancer combofix mais il me met que que combofix n'est pas une application win 32 valide, mais je suis pas sur d'avoir tout fait juste j'ai télécharger combofix sur le bureau, j'ai installé la console de récupération windows et ensuite j'ai renommé combofix en combo-fix.exe et là il m'a mis un message.... application win 32 valide.

hello alors j'ai fait ce que vous m'avez dit et j'ai essayer de relancer le mode sans échec mais c'est sans succès....

bonjour j'ai essayer de démarrer en mode sans échec mais il redémarre une fois le mode choisi, en résumé je ne peux pas accéder au mode sans échec....

bonjour je redémarrer et elibagle se remit à faire un scan je vous poste ici le 2ème fichiers .txt Tue Aug 12 18:16:28 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:16:44 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:20:53 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:21:34 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:21:38 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Tue Aug 12 18:29:34 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:29:38 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ Nº Total de Directorios: 5858 Nº Total de Ficheros: 63404 Nº de Ficheros Analizados: 9781 Nº de Ficheros Infectados: 0 Nº de Ficheros Limpiados: 0

hello alors j'ai essayer de trouver ce que vs m'avez dit dans le registre mais pas trouver par contre j'ai essayer la manoeuvre que je vous ai dis et voici le fichier.txt : Tue Aug 12 18:16:28 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:16:44 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:20:53 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:21:34 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Acción Directa): C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado. Por favor, envienos una muestra del fichero C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 a "virus@satinfo.es". Gracias. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado. C:\DOCUMENTS AND SETTINGS\LAURE ET STEVE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado. Restaurada Clave: "SafeBoot\Minimal y Network" Reinicie para Completar la Limpieza. Tue Aug 12 18:21:38 2008 EliBagle v11.66 ©2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008) ---------------------------------------------- Lista de Acciones (por Exploración): Explorando Unidad C:\ a+

re-hello en farfouillant sur internet par rapport à mon problème je suis tomber sur un cite qui parlait de ELIBAGLA et qui proposait la solution suivante : * Voici en avant-première une astuce capable de rendre Elibagla plus efficace face aux variantes Bagle ! * Il suffit de le renommer en utilisant le même nom qu'un des fichiers faisant partie de l'infection: ici mdelk.exe et le rootkit sera incapable de faire la différence avec le fichier de l'infection qui porte le même nom et qui lui autorise donc un champ d'action beaucoup plus important. * Elibagla ainsi renommé sera capable en un seul passage de neutraliser totalement l'infection. Il suffit ensuite d'un redémarrage du PC et d'un second scan pour supprimer les restes de l'infection. * A noter que cette astuce marche uniquement si l'exe d'Elibagla est correctement renommé en mdelk.exe ! vu que j'y connais pas grand chose la dedans et je n'ai pas envie de détruire plus de choses nécessaire je m'en remet à toi pour savoir si c'est une bonne idée ou pas.... a+ et merci de ton aide.

hello j'ai essayer de faire ce que tu m'a indiquer mais je n'arrive pas à enregistrer le prog en faisant clic droit, le clic droit ne marche pas, mais par contre je peux tél le fichier normalement, est si je le tél sur mon disque et que je le renomme ça irait aussi a+

bonsoir à tous, je viens de faire une désinfection avec ad-aware il m'a enlevé 45 malware et autres de mon ordi sauf 1, il s'appelle Win.32.worm.bagle, d'après ce que j'ai pu lire sur internet il est corriace et pas sympa du tout... alors si quelqu'un pourrait m'aider à le pulvériser, il est le bienvenu... merci d'avance

hello alors j'ai essayer mais rien n'y fait je ne peux pas ouvrir internet explorer, et maintenant concernant ma supposition de malware ou autre j'ai une clé usb sandisk u3 cruzer et normalement que je l'enfile dans le port usb et là le prog u3 doit démarrer mais rien ne marche, j'ai essayer du coup une récupération système (2x) mais il me met que la récupération n'a pas fonctionné! c'est grave docteur?

bonjour à tous, alors me revoilà de nouveau avec des petits soucis, je m'en fais peut-être un peu trop mais on sait jamais, pour faire court je met en ligne mon rapport hijackthis. merci d'avance.... et passant si quelqu'un à une petite idée depuis ma dernière désinfection IE7 ne fonctionne plus sauf firefox.... au cas où quelqu'un aurait une idée.... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:24:36, on 11.08.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\ad aware 2008\prog\aawservice.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE D:\mind manager 7 pro\MMReminderService.exe D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wisptis.exe D:\hijackthis\Laure et Steve.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:\snagit\SnagItBHO.dll O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - D:\mind manager 7 pro\Mm7InternetExplorer.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\java\bin\ssv.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:\snagit\SnagItIEAddin.dll O4 - HKLM\..\Run: [pccguide.exe] "D:\trend micro ver.14\pccguide.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "D:\java\bin\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe O4 - HKLM\..\Run: [MMReminderService] D:\mind manager 7 pro\MMReminderService.exe O4 - HKLM\..\Run: [iTunesHelper] "D:\Itunes\iTunesHelper.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [pdfSaver3] "D:\mind manager 7 pro\PDF-XChange\pdfSaver\pdfSaver3.exe" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\java\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\java\bin\ssv.dll O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Envoyer à Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - D:\mind manager 7 pro\Mm7InternetExplorer.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - D:\antidote rx7\Internet Explorer\7\Antidote K - IE 7.htm (HKCU) O9 - Extra button: Dictionnaires - {F9B969E8-58D0-4dd9-AC8A-EE2336FF8F65} - D:\antidote rx7\Internet Explorer\7\Antidote D - IE 7.htm (HKCU) O9 - Extra button: Guides - {FA089E36-3F1B-4c51-9A1A-C4E7012483AF} - D:\antidote rx7\Internet Explorer\7\Antidote G - IE 7.htm (HKCU) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1214161304953 O17 - HKLM\System\CCS\Services\Tcpip\..\{660C3A53-0541-4744-90B6-9A0626FF3D4B}: NameServer = 195.186.4.108,195.186.1.108 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\ad aware 2008\prog\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NBService - Nero AG - D:\nero 7.5.1\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - D:\TRENDM~1.14\PcCtlCom.exe -- End of file - 7178 bytes

help il n'y a vraiment personne pour m'aider

hello alors voilà après quelques jours de silence radio j'ai fait une petite réparation avec le cd original de win mais apparemment ça a résolu en partie mon problème, maintenant dès que je clic sur internet explorer celà crée un raccourci sur le bureau et ça fait ça à chaque clic sur l'icône internet explorer