Aller au contenu

hesteban2005

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    29

  • Inscription

  • Dernière visite

Tout ce qui a été posté par hesteban2005

  1. hesteban2005
    merci pour tous ces renseignements....mais tout ca a deja été fait...il y a quelques jours avec le forums des virus.... donc je sais plus quoi faire...a moins que la meilleur solution soit le formatage!! surtout que j'ai passer 15 jours a tout nettoyer!! pour info, j'ai un autre disque dur avec une copie de windows...et la tout fonctionne normalement... Merci..bonne journée...HESTEBAN2005...
  2. hesteban2005
    bonsoir... je decris mon probleme.... voila depuis quelques temps j'ai l'ouverture de windows qui se fait tres long...le son est horrible et saccadé....ainsi que l'affichage des pages est tres long...lorsque je met le lecteur windows en marche, tout est saccadé et bin...trop horrible!! pour info...j'ai un deuxieme disque dur avec une copie windows qui passe tres bien sur ce pc.... merci a tous...en esperant avoir une reponse aussi rapide que le le forum "securité"!!!
  3. hesteban2005
    salut Thanos... Merci pour tous ces conseils.... je posterais mon problem sur l'autre forum des que possible... et iras sur Malware-Complaints comme tu me l'as indiqué!! Bonne continuation!!
  4. hesteban2005
    salut Thanos... j'ai un autre probleme que je n'est pas soumi...peut etre suis pas sur le bon forum... j'ai mon son qui saccade grave et est tres lent....ainsi que l'affichage des pages..... j'ai regarder un peu sur le forum mais pas trouver grand chose.... si tu peut m'orienter!! 1ere chose...j'ai defragmenter le dd...mais rien de changer! Bonne journée... HESTEBAN 2005
  5. hesteban2005
    re!!! voila j'envoi le rapport TCleaner : -->- Recherche: C:\Documents and Settings\Propriétaire\Bureau\Dss.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: trouvé ! C:\Program Files\Trend Micro\HijackThis: trouvé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé ! Corbeille vidée! Fichiers temporaires nettoyés ! Point de restauration crée ! --------------------------------- -->- Suppression: C:\Documents and Settings\Propriétaire\Bureau\Dss.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.lnk: supprimé ! C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé ! C:\Program Files\Trend Micro\HijackThis: supprimé ! bonne journée!! @ plus! et merciiiiiii
  6. hesteban2005
    salut Thanos ....euh...dans le rapport hijackthis, j'ai pas trouver ces deux lignes... O4 - HKLM\..\RunOnce: [installShieldSetup] C:\PROGRA~1\INSTAL~1\{3CB05~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{3CB05~1\reboot.ini -l0x40c O4 - HKLM\..\RunOnce: [installShieldSetup1] C:\PROGRA~1\INSTAL~1\{3CB05~1\Setup.exe -rebootC:\PROGRA~1\INSTAL~1\{3CB05~1\reboot.ini -l0x40c d'ailleur je t'envoi le rapport! ensuite vais faire le reste et postera le rapport de ToolsCleaner! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:00:02, on 27/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 8664 bytes @ plus!!
  7. hesteban2005
    ..voila le fichier dll... Fichier Smab.dll reçu le 2008.03.26 01:16:11 (CET) Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE Résultat: 3/32 (9.38%) en train de charger les informations du serveur... Votre fichier est dans la file d'attente, en position: 7. L'heure estimée de démarrage est entre 58 et 84 secondes. Ne fermez pas la fenêtre avant la fin de l'analyse. L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats. Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier. Votre fichier est, en ce moment, en cours d'analyse par VirusTotal, les résultats seront affichés au fur et à mesure de leur génération. Formaté Impression des résultats Votre fichier a expiré ou n'existe pas. Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie. Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée. Email: Antivirus Version Dernière mise à jour Résultat AhnLab-V3 2008.3.26.0 2008.03.25 - AntiVir 7.6.0.75 2008.03.25 - Authentium 4.93.8 2008.03.26 - Avast 4.7.1098.0 2008.03.25 - AVG 7.5.0.516 2008.03.25 - BitDefender 7.2 2008.03.26 - CAT-QuickHeal 9.50 2008.03.24 - ClamAV 0.92.1 2008.03.25 - DrWeb 4.44.0.09170 2008.03.25 - eSafe 7.0.15.0 2008.03.18 Suspicious File eTrust-Vet 31.3.5643 2008.03.25 - Ewido 4.0 2008.03.25 - F-Prot 4.4.2.54 2008.03.25 - F-Secure 6.70.13260.0 2008.03.25 - FileAdvisor 1 2008.03.26 - Fortinet 3.14.0.0 2008.03.26 - Ikarus T3.1.1.20 2008.03.25 - Kaspersky 7.0.0.125 2008.03.25 - McAfee 5259 2008.03.25 - Microsoft 1.3301 2008.03.26 - NOD32v2 2972 2008.03.26 - Norman 5.80.02 2008.03.25 - Panda 9.0.0.4 2008.03.25 Suspicious file Prevx1 V2 2008.03.26 - Rising 20.37.02.00 2008.03.24 - Sophos 4.27.0 2008.03.25 - Sunbelt 3.0.978.0 2008.03.18 - Symantec 10 2008.03.26 - TheHacker 6.2.92.254 2008.03.25 - VBA32 3.12.6.3 2008.03.25 - VirusBuster 4.3.26:9 2008.03.25 - Webwasher-Gateway 6.6.2 2008.03.25 Virus.Win32.FileInfector.gen!90 (suspicious) Information additionnelle File size: 399360 bytes MD5: e04344cc3ce9d9d40b521d2fc2a40b3f SHA1: 22dcf85bc21a1d0187a76567f735fb4247581d36 PEiD: PECompact 2.xx --> BitSum Technologies packers: PecBundle, PECompact packers: PE_Patch.PECompact, PecBundle, PECompact
  8. hesteban2005
    voila le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:11:45, on 26/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\PowerCheck\PowerCheck.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\WINDOWS\explorer.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Camfrog\Camfrog Video Chat\Camfrog Video Chat.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE C:\Program Files\Nero\Nero 7\Core\nero.exe C:\Program Files\Nero\Nero 7\Core\nero.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Nero\Nero 7\Core\nero.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe \?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" O4 - HKLM\..\Run: [mmtray2k] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" O4 - HKLM\..\Run: [mmtraylsi] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 10\LaunchList.exe O4 - HKLM\..\RunOnce: [installShieldSetup] C:\PROGRA~1\INSTAL~1\{3CB05~1\setup.exe -rebootC:\PROGRA~1\INSTAL~1\{3CB05~1\reboot.ini -l0x40c O4 - HKLM\..\RunOnce: [installShieldSetup1] C:\PROGRA~1\INSTAL~1\{3CB05~1\Setup.exe -rebootC:\PROGRA~1\INSTAL~1\{3CB05~1\reboot.ini -l0x40c O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PowerCheck.lnk = C:\Program Files\PowerCheck\PowerCheck.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 13844 bytes
  9. hesteban2005
    hello Thanos euh.....SweetIM For Internet Explorer....je sais pas ce que c'est!! mais je crois que ca fait parti de msn?? ..le menage sur le disque dur, c'est prevu car j'y ai placé des fichiers videos que je doit enlever! ... pour les applications qui demarre ,je le sais... mais je sais pas comment faire pour ne pas qu'elles demarrent avec windows.. ... ..oui j'avais cocher la case...mais bon vais le refaire..au ca s ou!! voila!!! bon vais faire le scan du fichier que je poste apres!! bonne nuit...HESTEBAN 2005
  10. hesteban2005
    ...et je fait quoi de tous les rapports accumulés depuis le depart???
  11. hesteban2005
    ....hello! voila le dernier rapport je pense!! Deckard's System Scanner v20071014.68 Run by Propriétaire on 2008-03-25 03:36:19 Computer is in Normal Mode. -------------------------------------------------------------------------------- System Drive C: has 4.94 GiB (less than 15%) free. -- HijackThis (run as Propriétaire.exe) ---------------------------------------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 03:36:40, on 25/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\Creative\MediaSource\RemoteControl\OSDMenu.EXE C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Documents and Settings\Propriétaire\Bureau\dss.exe C:\PROGRA~1\TRENDM~1\HIJACK~1\PROPRI~1.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" O4 - HKLM\..\Run: [mmtray2k] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" O4 - HKLM\..\Run: [mmtraylsi] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PowerCheck.lnk = C:\Program Files\PowerCheck\PowerCheck.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 13322 bytes -- Files created between 2008-02-25 and 2008-03-25 ----------------------------- 2008-03-25 02:27:34 0 d--hs---- C:\found.003 2008-03-25 01:10:56 200779 --a------ C:\WINDOWS\system32\sfms32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product> 2008-03-25 01:10:56 36864 --a------ C:\WINDOWS\system32\sfman32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product> 2008-03-25 01:10:50 159744 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Creative Labs; Creative Labs OpenAL32> 2008-03-24 17:44:36 0 d-------- C:\Program Files\Trend Micro 2008-03-24 05:11:46 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Webcammax 2008-03-24 05:11:46 0 d-------- C:\Documents and Settings\All Users\Application Data\Webcammax 2008-03-24 05:09:16 0 d-------- C:\Program Files\WebcamMax 2008-03-23 12:55:11 0 d-------- C:\hesteban2005 2008-03-21 02:37:28 0 d-------- C:\Program Files\Microsoft Silverlight 2008-03-20 23:27:33 0 d-------- C:\Program Files\Avira 2008-03-20 23:27:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-19 16:29:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-03-19 16:29:24 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-19 07:47:16 0 d-------- C:\Program Files\Alwil Software 2008-03-17 19:26:53 399360 --a------ C:\WINDOWS\system32\Smab.dll 2008-03-17 19:26:52 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec> 2008-03-17 19:26:52 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll 2008-03-17 19:26:52 66560 --a------ C:\WINDOWS\MOTA113.exe 2008-03-17 19:26:51 217073 --a------ C:\WINDOWS\meta4.exe 2008-03-17 18:32:11 0 d-------- C:\3gptemp 2008-03-17 18:28:32 0 d-------- C:\Program Files\MIKSOFT 2008-03-03 03:34:07 0 d--hs---- C:\found.002 2008-03-03 03:05:47 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-03-02 06:10:44 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-02 06:10:29 0 d-------- C:\Program Files\Windows Live 2008-03-02 06:09:46 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 02:28:05 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Smart PC Solutions 2008-02-29 02:28:02 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-29 02:26:46 0 d-------- C:\Program Files\Smart PC Solutions -- Find3M Report --------------------------------------------------------------- 2008-03-25 01:25:39 0 d--h----- C:\Program Files\InstallShield Installation Information 2008-03-25 00:43:00 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Camfrog 2008-03-24 16:50:40 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Azureus 2008-03-21 02:19:38 79520 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT 2008-03-21 02:04:45 0 d-------- C:\Program Files\Microsoft Works 2008-03-19 17:19:25 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared 2008-03-19 06:35:31 0 d-------- C:\Program Files\Movie Maker 2008-03-19 06:00:14 0 d-------- C:\Program Files\Fichiers communs 2008-03-18 00:48:55 0 d-------- C:\Program Files\Ripp-it_AM 2008-03-18 00:45:04 12208 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2008-03-18 00:42:09 0 d-------- C:\Program Files\AviSynth 2.5 2008-03-16 11:20:03 0 d-------- C:\Program Files\eMule 2008-03-10 06:31:46 0 d-------- C:\Program Files\Azureus 2008-03-02 07:50:50 0 d-------- C:\Program Files\MSN Messenger 2008-02-17 05:18:34 0 d-------- C:\Program Files\Namtuk 2008-02-14 05:22:32 0 d-------- C:\Program Files\MSECache 2008-02-12 03:55:18 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Google 2008-02-12 03:53:37 0 d-------- C:\Program Files\Google 2008-02-01 07:36:46 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Adobe 2008-02-01 01:41:29 0 d-------- C:\Program Files\Fichiers communs\Real 2008-02-01 01:40:45 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Real 2008-01-31 02:40:40 0 d-------- C:\Program Files\SlySoft 2008-01-28 23:43:16 0 d-------- C:\Program Files\KC Softwares -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [16/09/2004 19:39 C:\WINDOWS\SOUNDMAN.EXE] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [25/02/2004 15:15] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [25/02/2004 16:15] "SbUsb AudCtrl"="sbusbdll.dll" [09/07/2004 03:27 C:\WINDOWS\system32\sbusbdll.dll] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 00:00] "EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [11/09/2003 04:00] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [13/09/2004 14:49] "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [19/06/2002 08:50] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11] "QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [04/06/2007 18:22] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [12/01/2006 14:40] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [22/02/2005 20:05] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [29/09/2004 07:39] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [10/11/2003 16:06] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [23/09/2004 17:56] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53] "MMTray"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" [25/03/2003 04:49] "mmtray2k"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" [25/03/2003 04:49] "mmtraylsi"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" [25/03/2003 04:49] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10/11/2006 11:35] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [25/02/2004 16:06] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20/03/2008 23:31] "WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [01/08/2007 01:55] "KernelFaultCheck"="C:\WINDOWS\system32\dumprep 0 -k" [] "CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [17/09/2003 10:43] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 13:00] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [19/07/2007 13:18] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [15/01/2007 15:14] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 15:45] "Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\ypager.exe" [] "RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" [25/06/2004 10:21] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [20/09/2005 9:28:16] D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [04/11/2004 18:50:52] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [04/11/2004 18:28:24] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 21:05:26] PowerCheck.lnk - C:\Program Files\PowerCheck\PowerCheck.exe [16/09/2004 16:03:54] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [17/12/2002 16:23:32] Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [18/06/2007 11:22:58] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" -- End of Deckard's System Scanner: finished at 2008-03-25 03:37:13 ------------ bon toujours mon probleme de son qui bugue grave....peut etre faut -il que je voit un autre forum?? et merci !!
  12. hesteban2005
    ...re Thanos, bon voila le rapport Kaspersky... : ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Tuesday, March 25, 2008 12:28:08 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 24/03/2008 Kaspersky Anti-Virus database records: 658588 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ G:\ I:\ J:\ Scan Statistics: Total number of scanned objects: 88669 Number of viruses found: 2 Number of infected objects: 9 Number of suspicious objects: 0 Duration of the scan process: 05:03:14 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\dfsr.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\fsr.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\fsrtmp.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\tmp.edb Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\reynald76780@hotmail.fr\real\members.stg Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\reynald76780@hotmail.fr\shadow\members.stg Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008032420080325\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_3a0.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF7B67.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF9A7D.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF9A91.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DFA6DD.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DFA6FA.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP1\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_748.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped E:\PROGRAMMES\photo.exe/file11 Infected: Backdoor.Win32.LiteBot.i skipped E:\PROGRAMMES\photo.exe Inno: infected - 1 skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe 7-Zip: infected - 1 skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe 7-Zip: infected - 1 skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP1\change.log Object is locked skipped Scan process completed. je crois qu'il y a encore des problemes....HESTEBAN 2005....
  13. hesteban2005
    re...Thanos... voila le dernier rapport hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:06:02, on 24/03/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\PowerCheck\PowerCheck.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" O4 - HKLM\..\Run: [mmtray2k] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" O4 - HKLM\..\Run: [mmtraylsi] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PowerCheck.lnk = C:\Program Files\PowerCheck\PowerCheck.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing) O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing) O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe -- End of file - 13275 bytes enfin je penses que cé ca car j'en ai fait deux sans le vouloir et je sais pas si l'autree rapport a été enregistré!! trop nul que je suis! L'analyse kaspersky se fait en ce moment...je poste des que cé fini..bonne soirée!@ plus
  14. hesteban2005
    autre chose!!! au sujet de ce fichier : C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE, c'est un fichier du programme de ma carte son?? il faut que je la reinstalle?? ...car j'ai aussi mon son qui bugue enormenent a la lecture du musique...
  15. hesteban2005
    re Thanos.... j'ai pas trouver ce fichier...: C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE j'ai refait la desinstalation complete de norton...(je l'avait deja fait) bon la vé refaire le scan que j'enverrai apres!!
  16. hesteban2005
    bonjour, une question peut etre nul Hijackthis?? faut le demarrer en mode sans echec???
  17. hesteban2005
    ...bonjour Thanos.. voici les rappports Antivir: AntiVir PersonalEdition Classic Report file date: dimanche 23 mars 2008 13:01 Scanning for 1161960 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: Propriétaire Computer name: DOUDOU Version information: BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 22:31:04 ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 21/03/2008 22:30:24 ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 22/03/2008 22:29:56 AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 20/03/2008 22:31:12 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 20/03/2008 22:31:12 AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: F:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox, Macro heuristic..................: on File heuristic...................: medium Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR, Start of the scan: dimanche 23 mars 2008 13:01 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 11 processes with 11 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'E:\' [NOTE] No virus was found! Boot sector 'F:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( '63' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'E:\' <DD1> E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip [0] Archive type: ZIP --> WebcamMax 4.0.1.0 (Key+Serial).exe [DETECTION] Is the Trojan horse TR/Killav.NX.1 [iNFO] The file was moved to '4848e0b0.qua'! E:\Emule-incoming\WebcamMax CamFrog Camtasia With Patches or Serials.zip [0] Archive type: ZIP --> Webcam Apps/Camfrog Video Chat v3/Camfrog 3.6 Patch.exe [DETECTION] Is the Trojan horse TR/Agent.41984.E [iNFO] The file was moved to '4848e0d0.qua'! Begin scan in 'F:\' <DD2> F:\Musiques\Frédéric FRANCOIS\Frédéric.Francois.60.Chansons.3.Cd.ace [0] Archive type: ACE --> Frdric FRANCOIS_60 Chansons_3 Cd\Frdric FRANCOIS_60 Chansons-Inside-Back.jpg [WARNING] Error creating the file --> Frdric FRANCOIS_60 Chansons_3 Cd\Frdric FRANCOIS_60 Chansons-Inside-Front.jpg [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed F:\Musiques\musiques packard a trier du 28.07.06\Abba-.The.Definitive.Collection.ace [0] Archive type: ACE --> Abba front.jpg [WARNING] Error creating the file --> Abba back.jpg [WARNING] No further files can be extracted from this archive. The archive will be closed [WARNING] No further files can be extracted from this archive. The archive will be closed End of the scan: lundi 24 mars 2008 01:47 Used time: 12:45:27 min The scan has been done completely. 7794 Scanning directories 288351 Files were scanned 2 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 2 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 288349 Files not concerned 3008 Archives were scanned 7 Warnings 0 Notes le rapport dss: Deckard's System Scanner v20071014.68 Run by Propriétaire on 2008-03-24 03:04:07 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- System Restore is disabled; attempting to re-enable...success. -- Last 1 Restore Point(s) -- 1: 2008-03-24 02:04:11 UTC - RP1 - Point de vérification système Backed up registry hives. Performed disk cleanup. System Drive C: has 6.19 GiB (less than 15%) free. -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-03-24 03:06:43 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\system32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\explorer.exe C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\CTSVCCDA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\LVCOMSX.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\E_S4I0F2.EXE C:\WINDOWS\system32\fxssvc.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\WINDOWS\system32\qttask.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe C:\Program Files\Pinnacle\Shared Files\Programs\Remote\remoterm.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe C:\Program Files\Netropa\Multimedia Keyboard\Traymon.exe C:\Program Files\Netropa\Onscreen Display\osd.exe C:\Program Files\Logitech\Video\LogiTray.exe C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\WebcamMax\wcmmon.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\PowerCheck\PowerCheck.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Documents and Settings\Propriétaire\Bureau\dss.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neufportail.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [sbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.EXE /P30 "EPSON Stylus Photo R300 Series" /O6 "USB001" /M "Stylus Photo R300" O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\system32\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [PMCS] C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [PMCRemote] C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [MMTray] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" O4 - HKLM\..\Run: [mmtray2k] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" O4 - HKLM\..\Run: [mmtraylsi] "C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files\WebcamMax\wcmmon.exe" /a O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RemoteCenter] C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\ypager.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: PowerCheck.lnk = C:\Program Files\PowerCheck\PowerCheck.exe O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.secuser.com (HKCU) O16 - DPF: {00000055-9980-0010-8000-00AA00389B71} () - http://codecs.microsoft.com/codecs/i386/fhg.CAB O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clien...1.0/Rawflow.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1180917174218 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwa...ash/swflash.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Fichiers communs\Microsoft Shared\Information Retrieval\MSITSS.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Fichiers communs\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: C-DillaCdaC11BA - C-Dilla Ltd - C:\WINDOWS\system32\drivers\CDAC11BA.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: SmartLinkService (SLService) - Unknown owner - C:\WINDOWS\system32\slserv.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 14467 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 BTHidMgr (Bluetooth HID Manager Service) - c:\windows\system32\drivers\bthidmgr.sys <Not Verified; IVT Corporation; BlueSoleil©> R1 PCLEPCI - c:\windows\system32\drivers\pclepci.sys <Not Verified; Pinnacle Systems GmbH; PCLEPCI> R2 CamthWDM (WebcamMax, WDM Video Capture) - c:\windows\system32\drivers\camthwdm.sys <Not Verified; YewSoft; Cam Theme> R2 CdaC15BA - c:\windows\system32\drivers\cdac15ba.sys R3 ASAPIW2k - c:\windows\system32\drivers\asapiw2k.sys <Not Verified; Pinnacle Systems GmbH; asapi> R3 BlueletAudio (Bluetooth Audio Service) - c:\windows\system32\drivers\blueletaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver> R3 BlueletSCOAudio (Bluetooth SCO Audio Service) - c:\windows\system32\drivers\blueletscoaudio.sys <Not Verified; IVT Corporation; Windows ® 2000 DDK driver> R3 BT (Bluetooth PAN Network Adapter) - c:\windows\system32\drivers\btnetdrv.sys <Not Verified; IVT Corporation; BlueSoleil> R3 BTHidEnum (Bluetooth HID Enumerator) - c:\windows\system32\drivers\vbtenum.sys R3 MarvinBus (Pinnacle Marvin Bus) - c:\windows\system32\drivers\marvinbus.sys <Not Verified; Pinnacle Systems GmbH; Pinnacle Marvin Discrete> R3 VComm (Virtual Serial port driver) - c:\windows\system32\drivers\vcomm.sys <Not Verified; IVT Corporation; BlueSoleil> R3 VcommMgr (Bluetooth VComm Manager Service) - c:\windows\system32\drivers\vcommmgr.sys <Not Verified; IVT Corporation; BlueSoleil> R3 ZDPSp50 (ZDPSp50 NDIS Protocol Driver) - c:\windows\system32\drivers\zdpsp50.sys <Not Verified; Printing Communications Assoc., Inc. (PCAUSA); PCAUSA Rawether for Windows> S3 Btcsrusb (Bluetooth USB For Bluetooth Service) - c:\windows\system32\drivers\btcusb.sys <Not Verified; IVT Corporation; Bluetooth USB Device Driver> S3 BTNetFilter (Bluetooth Network Filter) - c:\windows\system32\drivers\btnetfilter.sys S3 catchme - c:\docume~1\propri~1\locals~1\temp\catchme.sys (file missing) S3 EraserUtilDrv10741 - c:\program files\fichiers communs\symantec shared\eengine\eraserutildrv10741.sys (file missing) S3 LHidUsbK (Logitech SetPoint USB Receiver device driver) - c:\windows\system32\drivers\lhidusbk.sys (file missing) S3 LMouKE (Logitech SetPoint Mouse Filter Driver) - c:\windows\system32\drivers\lmouke.sys (file missing) S3 PCANDIS5 (PCANDIS5 Protocol Driver) - c:\windows\system32\pcandis5.sys (file missing) S3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys (file missing) S3 ZDCndis5 (ZDCndis5 Protocol Driver) - c:\windows\system32\zdcndis5.sys (file missing) S3 ZDPNDIS5 (ZDPNDIS5 NDIS Protocol Driver) - c:\windows\system32\zdpndis5.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 AntiVirScheduler (AntiVir PersonalEdition Classic Scheduler) - "c:\program files\avira\antivir personaledition classic\sched.exe" <Not Verified; Avira GmbH; Scheduler> R2 BlueSoleil Hid Service - c:\program files\ivt corporation\bluesoleil\btntservice.exe R2 C-DillaCdaC11BA - c:\windows\system32\drivers\cdac11ba.exe <Not Verified; C-Dilla Ltd; SafeCast Windows NT> R2 nhksrv (Netropa NHK Server) - c:\program files\netropa\multimedia keyboard\nhksrv.exe R3 NMIndexingService - "c:\program files\fichiers communs\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home> S2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" (file missing) S2 PinnacleSys.MediaServer (Pinnacle Systems Media Service) - "c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe" <Not Verified; Pinnacle Systems; Media Server> S2 Planificateur LiveUpdate automatique - "c:\program files\symantec\liveupdate\aluschedulersvc.exe" (file missing) S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Files created between 2008-02-24 and 2008-03-24 ----------------------------- 2008-03-23 12:55:11 0 d-------- C:\hesteban2005 2008-03-21 02:37:28 0 d-------- C:\Program Files\Microsoft Silverlight 2008-03-20 23:27:33 0 d-------- C:\Program Files\Avira 2008-03-20 23:27:33 0 d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-03-20 15:41:17 0 d-------- C:\WINDOWS\system32\drivers\down 2008-03-19 16:29:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-03-19 16:29:24 0 d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-19 07:47:16 0 d-------- C:\Program Files\Alwil Software 2008-03-17 19:26:53 399360 --a------ C:\WINDOWS\system32\Smab.dll 2008-03-17 19:26:52 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec> 2008-03-17 19:26:52 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll 2008-03-17 19:26:52 66560 --a------ C:\WINDOWS\MOTA113.exe 2008-03-17 19:26:51 217073 --a------ C:\WINDOWS\meta4.exe 2008-03-17 18:32:11 0 d-------- C:\3gptemp 2008-03-17 18:28:32 0 d-------- C:\Program Files\MIKSOFT 2008-03-03 03:34:07 0 d--hs---- C:\found.002 2008-03-03 03:05:47 0 d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-03-02 06:10:44 0 d--hs--c- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-02 06:10:29 0 d-------- C:\Program Files\Windows Live 2008-03-02 06:09:46 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 02:28:05 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Smart PC Solutions 2008-02-29 02:28:02 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-29 02:26:46 0 d-------- C:\Program Files\Smart PC Solutions -- Find3M Report --------------------------------------------------------------- 2008-03-23 12:43:04 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Azureus 2008-03-21 02:19:38 79520 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT 2008-03-21 02:04:45 0 d-------- C:\Program Files\Microsoft Works 2008-03-19 17:19:25 0 d-------- C:\Program Files\Fichiers communs\Symantec Shared 2008-03-19 06:35:31 0 d-------- C:\Program Files\Movie Maker 2008-03-19 06:00:14 0 d-------- C:\Program Files\Fichiers communs 2008-03-18 01:17:16 0 d-------- C:\Program Files\WebcamMax 2008-03-18 00:48:55 0 d-------- C:\Program Files\Ripp-it_AM 2008-03-18 00:45:04 12208 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2008-03-18 00:42:09 0 d-------- C:\Program Files\AviSynth 2.5 2008-03-16 11:20:03 0 d-------- C:\Program Files\eMule 2008-03-10 06:31:46 0 d-------- C:\Program Files\Azureus 2008-03-02 07:50:50 0 d-------- C:\Program Files\MSN Messenger 2008-02-27 05:55:38 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Camfrog 2008-02-17 05:18:34 0 d-------- C:\Program Files\Namtuk 2008-02-14 05:22:32 0 d-------- C:\Program Files\MSECache 2008-02-12 03:55:18 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Google 2008-02-12 03:53:37 0 d-------- C:\Program Files\Google 2008-02-01 07:36:46 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Adobe 2008-02-01 01:41:29 0 d-------- C:\Program Files\Fichiers communs\Real 2008-02-01 01:40:45 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Real 2008-01-31 02:40:40 0 d-------- C:\Program Files\SlySoft 2008-01-28 23:43:16 0 d-------- C:\Program Files\KC Softwares 2008-01-27 23:35:39 0 d-------- C:\Documents and Settings\Propriétaire\Application Data\Webcammax -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [16/09/2004 19:39 C:\WINDOWS\SOUNDMAN.EXE] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [25/02/2004 15:15] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [25/02/2004 16:15] "SbUsb AudCtrl"="sbusbdll.dll" [09/07/2004 03:27 C:\WINDOWS\system32\sbusbdll.dll] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [11/05/2000 00:00] "EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [11/09/2003 04:00] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [13/09/2004 14:49] "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [19/06/2002 08:50] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 00:11] "QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [04/06/2007 18:22] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [12/01/2006 14:40] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [22/02/2005 20:05] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [29/09/2004 07:39] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [10/11/2003 16:06] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [23/09/2004 17:56] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53] "MMTray"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" [25/03/2003 04:49] "mmtray2k"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" [25/03/2003 04:49] "mmtraylsi"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" [25/03/2003 04:49] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [10/11/2006 11:35] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [25/02/2004 16:06] "CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [17/09/2003 10:43] "WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [01/08/2007 01:55] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [20/03/2008 23:31] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [05/08/2004 13:00] "RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" [] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [19/07/2007 13:18] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [15/01/2007 15:14] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [27/12/2006 15:53] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [30/03/2006 15:45] "Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\ypager.exe" [] C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [20/09/2005 9:28:16] D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [04/11/2004 18:50:52] HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [04/11/2004 18:28:24] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23/09/2005 21:05:26] PowerCheck.lnk - C:\Program Files\PowerCheck\PowerCheck.exe [16/09/2004 16:03:54] Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [17/12/2002 16:23:32] Utilitaire r‚seau pour SAGEM Wi-Fi 11g USB adapter.lnk - C:\Program Files\SAGEM WiFi manager\WLANUTL.exe [18/06/2007 11:22:58] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"=0 (0x0) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" -- End of Deckard's System Scanner: finished at 2008-03-24 03:07:45 ------------ [color="#0000FF"]le rapport extra.txt de dss, je sais pas si il fallait le poster, donc je le poste!! [/color] 03:17 24/03/2008Deckard's System Scanner v20071014.68 Extra logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- System Information ---------------------------------------------------------- Microsoft Windows XP Édition familiale (build 2600) SP 2.0 Architecture: X86; Language: French CPU 0: AMD Athlon 64 Processor 3000+ Percentage of Memory in Use: 55% Physical Memory (total/avail): 1022.73 MiB / 455.47 MiB Pagefile Memory (total/avail): 2461.56 MiB / 1909.92 MiB Virtual Memory (total/avail): 2047.88 MiB / 1916.55 MiB C: is Fixed (NTFS) - 48.83 GiB total, 6.19 GiB free. E: is Fixed (NTFS) - 92.03 GiB total, 3.83 GiB free. F: is Fixed (NTFS) - 92.02 GiB total, 40.66 GiB free. G: is CDROM (No Media) I: is Removable (No Media) J: is CDROM (No Media) \\.\PHYSICALDRIVE0 - SAMSUNG SP2514N - 232.88 GiB - 3 partitions \PARTITION0 (bootable) - Système de fichiers installable - 48.83 GiB - C: \PARTITION1 - Étendu avec Inter. 13 étendue - 184.05 GiB - E: - F: \\.\PHYSICALDRIVE1 - EPSON Stylus Storage USB Device -- Security Center ------------------------------------------------------------- AUOptions is scheduled to auto-install. Windows Internal Firewall is enabled. FirstRunDisabled is set. AntiVirusDisableNotify is set. AntivirusOverride is set. FirewallOverride is set. Unable to create WMI object. -- Environment Variables ------------------------------------------------------- ALLUSERSPROFILE=C:\Documents and Settings\All Users APPDATA=C:\Documents and Settings\Propriétaire\Application Data CLIENTNAME=Console CommonProgramFiles=C:\Program Files\Fichiers communs COMPUTERNAME=DOUDOU ComSpec=C:\WINDOWS\system32\cmd.exe FP_NO_HOST_CHECK=NO HOMEDRIVE=C: HOMEPATH=\Documents and Settings\Propriétaire LOGONSERVER=\\DOUDOU NUMBER_OF_PROCESSORS=1 OS=Windows_NT Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\Pinnacle\Shared Files;C:\Program Files\Pinnacle\Shared Files\Filter;C:\Program Files\Fichiers communs\Ahead\Lib\ PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH PROCESSOR_ARCHITECTURE=x86 PROCESSOR_IDENTIFIER=x86 Family 15 Model 12 Stepping 0, AuthenticAMD PROCESSOR_LEVEL=15 PROCESSOR_REVISION=0c00 ProgramFiles=C:\Program Files PROMPT=$P$G SESSIONNAME=Console SystemDrive=C: SystemRoot=C:\WINDOWS TEMP=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp TMP=C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp USERDOMAIN=DOUDOU USERNAME=Propriétaire USERPROFILE=C:\Documents and Settings\Propriétaire windir=C:\WINDOWS __COMPAT_LAYER=DisableNXShowUI -- User Profiles --------------------------------------------------------------- Propriétaire (admin) Administrateur (new local, admin) -- Add/Remove Programs --------------------------------------------------------- --> "C:\Program Files\Creative\SBLive 24-Bit External\Program\Ctzapxx.EXE" SBUSB.INI /U /S /L:FRN --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER --> C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" -c"C:\WINDOWS\StiRegstFre.dll" --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1494984B-9AC5-4F16-B61A-C21D5EFCC1C4}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A6AAC11-0860-11D7-908C-00A0C98173F1}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{27B9131D-CEFA-42C5-8D7D-56EFD80BAA25}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5933921D-4253-40B6-B4D9-B7D680F1B6EC}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D1A81AA-ED90-11D6-86D3-00055DF3561E}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BDFC3C8D-823E-4FCF-870B-E756B27CB57E}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x40c /remove --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x40c /remove --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf ABBYY FineReader 5.0 Sprint --> MsiExec.exe /X{D1696920-9794-4BBC-8A30-7A88763DE5A2} ABBYY FineReader 6.0 --> MsiExec.exe /I{AF600F7B-67A7-48D9-BA3B-0FF97F35F970} ACE Mega CoDecS Pack --> "C:\Program Files\ACE Mega CoDecS Pack\unins000.exe" Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0.9 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70900000002} Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoImpression --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\SETUP.EXE" -l0x40c -uninst ATI - Software Uninstall Utility --> C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe ATI Catalyst Control Center --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055EE59D-217B-43A7-ABFF-507B966405D8}\setup.exe" -l0x3f3f ATI Control Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean ATI HYDRAVISION --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{083F79E4-6FE9-46FB-A6C6-4F8862742947}\setup.exe" Avira AntiVir PersonalEdition Classic --> C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe" Azureus --> C:\Program Files\Azureus\Uninstall.exe BlueSoleil --> MsiExec.exe /X{63D1A44F-E1FD-4460-BE0A-8745012F67EF} Camfrog Video Chat 4.1 (remove only) --> "C:\Program Files\Camfrog\Camfrog Video Chat\uninstall.exe" Capture My Screen 1 --> "C:\Program Files\Namtuk\Capture My Screen\unins000.exe" CastleNet 56K PCI Modem --> C:\WINDOWS\Modio\SLAMR2KV\Setup.exe /Remove Classic PhoneTools --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E3436EE2-D5CB-4249-840B-3A0140CC34C3}\setup.exe" -l0x40c Compatibility Pack for the 2007 Office system --> MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Complément Office 2007 - Microsoft Enregistrer en tant que PDF ou XPS (Beta) --> MsiExec.exe /X{30120000-00B2-040C-0000-0000000FF1CE} Composant de Presto! BizCard 4.0 pour Windows CE --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FCC30665-B924-4EA0-92F7-D9D676FB70A1}\setup.exe" -l0x40c Correctif pour Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe" Correctif Windows XP - KB834707 --> C:\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe Correctif Windows XP - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Correctif Windows XP - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Correctif Windows XP - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Correctif Windows XP - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Correctif Windows XP - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Correctif Windows XP - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Correctif Windows XP - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe" Correctif Windows XP - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Creative MediaSource --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x40c /remove Creative System Information --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{87499F38-FD69-4A2B-B41A-BAB8DE9B94FE}\setup.exe" -l0x40c /remove Creative WebCam Driver --> C:\WINDOWS\CtDrvIns.exe -uninstall USB\VID_041E&PID_400D -plugin P1001Pin.dll -pluginres P1001Pin.crl DiscAPI --> MsiExec.exe /X{A77F3C2D-50CC-4A29-A1FB-1E018BE4DCA2} DivX --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER DivX Converter --> C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER DivX Player --> C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN EasyRecovery Professional --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{268723B7-A994-4286-9F85-B974D5CAFC7B} /l1036 eMule --> "C:\Program Files\eMule\Uninstall.exe" EPSON CardMonitor --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{109D28C7-FB38-483A-9C91-001CB59E2699}\SETUP.EXE" -l0x40c uninst EPSON Copy Utility --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x40c ADDREMOVEDLG EPSON Logiciel imprimante --> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /r EPSON Photo Print --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C24FE0B8-0A25-42E6-8532-A4ABAA1FA400}\setup.exe" -l0x40c MyUninstall EPSON PhotoQuicker3.5 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{65F5B7AF-3363-11D7-BB6B-00018021113F}\SETUP.EXE" -l0x40c uninst EPSON PhotoStarter3.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C48817E7-AA05-4151-A99D-1E1E550CE801}\SETUP.EXE" -l0x40c uninst EPSON Print CD --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}\SETUP.EXE" -l0x40c -SYSTEM EPSON PRINT Image Framer Tool2.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59ED4-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything EPSON Scan --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0E0131B2-CF18-40D9-A331-60A3746C1204}\SETUP.EXE" -l0x40c UNINSTALL EPSON Smart Panel --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\SETUP.EXE" -l0x40c Uninstall Google Earth --> MsiExec.exe /I{1E04F83B-2AB9-4301-9EF7-E86307F79C72} Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29} Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll" Hotfix for Windows Media Format SDK (KB902344) --> "C:\WINDOWS\$NtUninstallKB902344$\spuninst\spuninst.exe" HP Appareils photos Photosmart 4.5 --> C:\Program Files\HP\Digital Imaging\{2171F767-B6D7-4651-9198-24A0812AA528}\setup\hpzscr01.exe -datfile hpiscr01.dat HP Digital Photo Advisor --> MsiExec.exe /X{A157DF9D-462F-4BF9-8C5E-3854BC9CC08F} HP Image Zone 4.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1} ICD Client 5.3.1.0 --> "C:\Program Files\RawFlow\ICD Clients\unins000.exe" Java 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020} Java 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030} Java SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010} Kaspersky Online Scanner --> C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe KC Softwares IDPhotoStudio --> "C:\Program Files\KC Softwares\IDPhotoStudio\unins000.exe" Lame ACM MP3 Codec --> C:\WINDOWS\system32\rundll32.exe setupapi,InstallHinfSection Remove_LameMP3 132 C:\WINDOWS\INF\LameACM.inf Le journal de votre naissance --> C:\PROGRA~1\ANUMAN~1\LEJOUR~1\UNWISE.EXE C:\PROGRA~1\ANUMAN~1\LEJOUR~1\INSTALL.LOG Livebox --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC7DDAAE-7F2B-4270-9BFD-5A130B667E9E}\Setup.exe" -l0x40c LiveUpdate BVRP Software --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -l0x40c Logitech Print Service --> C:\PROGRA~1\Logitech\PRINTS~1\UNWISE.EXE C:\PROGRA~1\Logitech\PRINTS~1\INSTALL.LOG Logitech QuickCam --> MsiExec.exe /I{466B21EE-2858-4845-B2B3-056FC544DAA3} Macrogaming SweetIM 2.0 --> MsiExec.exe /X{D9BBFA60-4514-4F08-A78F-91957F957495} Micro Application - PrintPratic 4 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EC79B672-686B-4C0A-9402-12EA1A04A99C}\Setup.exe" -l0x40c Micro Application - PrintPratic Edition Photo --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{03A80A3C-2E33-4CB2-A0C8-57DACD48CF7C}\Setup.exe" -l0x40c Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft Silverlight --> MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server Desktop Engine (PINNACLESYS) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A} Mise à jour de sécurité pour Lecteur Windows Media (KB911564) --> "C:\WINDOWS\$NtUninstallKB911564$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 10 (KB936782) --> "C:\WINDOWS\$NtUninstallKB936782_WMP10$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) --> "C:\WINDOWS\$NtUninstallKB925398_WMP64$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media 9 (KB917734) --> "C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920342) --> "C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB925720) --> "C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB925876) --> "C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB933360) --> "C:\WINDOWS\$NtUninstallKB933360$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe" MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E} Nero 7 Premium --> MsiExec.exe /I{F0A7FB2C-99E2-4884-9187-4BC60B2C1036} Neuf - Kit de connexion --> C:\Program Files\Neuf\Kit\uninstall.exe Package de base Microsoft de service de chiffrement pour cartes à puce --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe" PIF DESIGNER2.1 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23B59B9F-C360-11D7-875B-0090CC005647}\SETUP.EXE" -l0x40c anything Pinnacle Hollywood FX for Studio --> C:\WINDOWS\unvise32.exe C:\Program Files\Pinnacle\Hollywood FX for Studio\6.0\uninstal.log Pinnacle Instant DVD Recorder --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}\setup.exe" -l0x40c UNINSTALL Pinnacle MediaCenter --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe" -l0x40c UNINSTALL Pinnacle MediaServer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x40c UNINSTALL PowerCheck 4.2.3F --> "C:\Program Files\PowerCheck\unins000.exe" Presto! BizCard 4.1 Fre --> C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\NewSoft\Presto! BizCard Fre\Uninst.isu" Programme de gestion Camera de Logitech® --> "C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT RAPID --> MsiExec.exe /X{EEECE229-49F6-4851-A73A-99B058221F8C} Ri4m v5.0.1d --> C:\Program Files\Ripp-it_AM\Ri4m_Uninstal.exe Ripp-It Codec Pack v 4.2.6 --> C:\Program Files\Ripp-It Codec Pack\uninst.exe Sagem Wi-Fi 11g USB adapter (driver) --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2ED60C17-4568-4CD5-830A-03C4688B09A1}\setup.exe" -l0x40c Sagem Wi-Fi 11g USB adapter (utility) --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AAFD22B6-A6C7-4134-AF4E-080BCBCD3493}\setup.exe" -l0x40c SAMSUNG CDMA Modem Driver Set --> C:\Program Files\SAMSUNG\SAMSUNG CDMA Modem\SSCDUninstall.exe SAMSUNG Mobile USB Modem 1.0 Software --> C:\Program Files\SAMSUNG\SAMSUNG Mobile USB Modem\1\SS_Uninstall.exe SAMSUNG Mobile USB Modem Software --> C:\Program Files\SAMSUNG\SAMSUNG Mobile USB Modem\2\SSM_Uninstall.exe Samsung PC Studio --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -l0x40c -removeonly Samsung PC Studio 3 USB Driver Installer --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -l0x40c -removeonly ScanToWeb --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Smart Office Keyboard --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0208A7E3-0D30-11D4-A1FC-00508B9D1BA2}\Setup.exe" -l0x40c Smart PC Professional v5.0 --> "C:\Program Files\Smart PC Solutions\Smart PC Professional\unins000.exe" SmartSound Quicktracks Plugin --> C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} Sony USB Driver --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\Setup.exe" UNINSTALL Sound Blaster Live! 24-Bit External --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C0054EB-24A5-46A8-80E3-62AAA930DEFA}\SETUP.EXE" -l0x40c Studio 10 --> RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3CB05291-F546-458E-A796-B5BCF5A3CDC4}\setup.exe" -l0x40c UNINSTALL SweetIM For Internet Explorer 3.0b --> MsiExec.exe /X{F6D63A65-BD23-46F3-B9A3-87F442423481} TV sur PC --> C:\Program Files\Neuf\TV_PC\uninstall.exe vanBasco's Karaoke Player --> C:\Program Files\vanBasco's Karaoke Player\uninst.exe VIA Rhine-Family Fast-Ethernet Adapter --> Rundll32.exe vuins32.dll,vuins32Ex $Rhine $VIA WebcamMax --> "C:\Program Files\WebcamMax\uninst.exe" Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows Live installer --> MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Messenger --> MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live Sign-in Assistant --> MsiExec.exe /I{0ED47137-C071-46CC-A243-E5E33271E10E} Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe" Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840} Windows Presentation Foundation Language Pack (FRA) --> MsiExec.exe /X{6901DD22-527A-41EF-9059-E81FEDE9E494} Windows Workflow Foundation FR Language Pack --> MsiExec.exe /I{B84C141C-9A13-44BE-9A69-301D7B11D836} XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe" XML Paper Specification Shared Components Pack 1.0 --> Yahoo! Install Manager --> C:\WINDOWS\system32\regsvr32 /u C:\PROGRA~1\Yahoo!\Common\YINSTH~1.DLL Yahoo! Messenger --> C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Toolbar avec bloqueur de fenêtres pop-up --> C:\PROGRA~1\Yahoo!\Common\unyt.exe Zodiac --> "C:\Program Files\orange\jeux\Zodiac\Uninstall.exe" "C:\Program Files\orange\jeux\Zodiac\install.log" -- Application Event Log ------------------------------------------------------- Event Record #/Type596 / Error Event Submitted/Written: 03/24/2008 02:30:07 AM Event ID/Source: 1802 / SecurityCenter Event Description: Le service Centre de sécurité de Windows n'a pas pu établir de requêtes d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers. Event Record #/Type595 / Warning Event Submitted/Written: 03/24/2008 02:28:53 AM Event ID/Source: 19011 / MSSQL$PINNACLESYS Event Description: (SpnRegister) : Error 1355 Event Record #/Type594 / Warning Event Submitted/Written: 03/24/2008 02:28:46 AM Event ID/Source: 2 / LOGITECH Event Description: Event Record #/Type583 / Error Event Submitted/Written: 03/23/2008 04:15:08 AM Event ID/Source: 1802 / SecurityCenter Event Description: Le service Centre de sécurité de Windows n'a pas pu établir de requêtes d'événements avec WMI pour contrôler le programme antivirus et le pare-feu tiers. Event Record #/Type582 / Warning Event Submitted/Written: 03/23/2008 04:13:55 AM Event ID/Source: 19011 / MSSQL$PINNACLESYS Event Description: (SpnRegister) : Error 1355 -- Security Event Log ---------------------------------------------------------- No Errors/Warnings found. -- System Event Log ------------------------------------------------------------ Event Record #/Type660232 / Error Event Submitted/Written: 03/24/2008 02:31:55 AM Event ID/Source: 7016 / Service Control Manager Event Description: Le service SmartLinkService a signalé un état actuel 0 non valide. Event Record #/Type660211 / Error Event Submitted/Written: 03/24/2008 02:30:23 AM Event ID/Source: 7000 / Service Control Manager Event Description: Le service Pinnacle Systems Media Service n'a pas pu démarrer en raison de l'erreur : %%1053 Event Record #/Type660210 / Error Event Submitted/Written: 03/24/2008 02:30:23 AM Event ID/Source: 7009 / Service Control Manager Event Description: Délai (30000 millisecondes) d'attente pour une connexion du service Pinnacle Systems Media Service. Event Record #/Type660209 / Error Event Submitted/Written: 03/24/2008 02:30:22 AM Event ID/Source: 7000 / Service Control Manager Event Description: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur : %%3 Event Record #/Type660208 / Error Event Submitted/Written: 03/24/2008 02:30:20 AM Event ID/Source: 7001 / Service Control Manager Event Description: Le service Configuration automatique sans fil dépend du service NDIS mode utilisateur E/S Protocole qui n'a pas pu démarrer en raison de l'erreur : %%1058 -- End of Deckard's System Scanner: finished at 2008-03-24 03:07:45 ------------ merci de ton aide....@ plus...Hesteban 2005... [/color]
  18. hesteban2005
    comment je fait pour "demarrer" Hijackthis.... ou alors je suis vraiment trop nul.... merci...... comment je fait pour "demarrer" Hijackthis.... ou alors je suis vraiment trop nul.... merci......
  19. hesteban2005
    ...autre chose....j'ai installer l'antivirus,mais j'ai stopper le scan...(c'etait ecrit) je le ferais en rentrant. bon j'esper ne pas avoir choper d'autres virus depuis!!...aller bye!!
  20. hesteban2005
    bonjour Thanos, merci pour tout ces conseils.Mais je pourrais pas le faire avant la fin du week end,car je pars.. Des que j'ai fait tout ca je posterais... merci encore et bon week end!!
  21. hesteban2005
    ....bonsoir.... voila j'envoie le rapport kaspersky .. ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 20, 2008 10:56:39 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 20/03/2008 Kaspersky Anti-Virus database records: 644561 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ G:\ J:\ Scan Statistics: Total number of scanned objects: 83462 Number of viruses found: 9 Number of infected objects: 57 Number of suspicious objects: 0 Duration of the scan process: 04:19:28 Infected Object Name / Virus Name / Last Action C:\catchme2008-03-20_152829.20.zip/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\catchme2008-03-20_152829.20.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\catchme2008-03-20_152829.20.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\catchme2008-03-20_152829.20.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\catchme2008-03-20_152829.20.zip ZIP: infected - 4 skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008032020080321\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_5b0.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF238C.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14915531.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14922015.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14923750.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14982890.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\15235500.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29806578.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29841687.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30004421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30056281.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30061765.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\301156.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\323796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\340203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346078.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\348203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\351484.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352500.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\354140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\361609.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\365781.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\370562.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\375796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\377203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\380921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\384734.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\386656.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\391593.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\392562.exe.vir Infected: Trojan.Win32.Pakes.bwy skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\406125.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\420375.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\44605531.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\44864937.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\60211406.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\60238312.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\683421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\702015.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\75017734.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\Registry_backups\Service_srosa.reg.dat Infected: Trojan-Downloader.Win32.Bagle.hp skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_140.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip/WebcamMax 4.0.1.0 (Key+Serial).exe Infected: Trojan-Downloader.Win32.Bagle.li skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip ZIP: infected - 1 skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped E:\PROGRAMMES\photo.exe/file11 Infected: Backdoor.Win32.LiteBot.i skipped E:\PROGRAMMES\photo.exe Inno: infected - 1 skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe 7-Zip: infected - 1 skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe 7-Zip: infected - 1 skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. je vais installer Antivir....en esprant ne pas avoir de probleme pour desinstallé avast!! ...et que je vais comprendre l'anglais!! MERCI HESTEBAN 2005
  22. hesteban2005
    ....re!! bon voila j'envoi le rapportcombofix : ComboFix 08-03-18.1 - Propriétaire 2008-03-20 15:28:30.4 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.461 [GMT 1:00] Endroit: C:\Documents and Settings\Propriétaire\Bureau\hesteban2005.exe Command switches used :: C:\Documents and Settings\PropriÚtaire\Bureau\CFScript.txt * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\down C:\WINDOWS\system32\drivers\down\380500.exe C:\WINDOWS\system32\drivers\down\380921.exe C:\WINDOWS\system32\drivers\down\381093.exe C:\WINDOWS\system32\drivers\down\381171.exe C:\WINDOWS\system32\drivers\down\381312.exe C:\WINDOWS\system32\drivers\down\382140.exe C:\WINDOWS\system32\drivers\down\382656.exe C:\WINDOWS\system32\drivers\down\383796.exe C:\WINDOWS\system32\drivers\down\384734.exe C:\WINDOWS\system32\drivers\down\384859.exe C:\WINDOWS\system32\drivers\down\385515.exe C:\WINDOWS\system32\drivers\down\385578.exe C:\WINDOWS\system32\drivers\down\386656.exe C:\WINDOWS\system32\drivers\down\387078.exe C:\WINDOWS\system32\drivers\down\388750.exe C:\WINDOWS\system32\drivers\down\389140.exe C:\WINDOWS\system32\drivers\down\389328.exe C:\WINDOWS\system32\drivers\down\389531.exe C:\WINDOWS\system32\drivers\down\390218.exe C:\WINDOWS\system32\drivers\down\391234.exe C:\WINDOWS\system32\drivers\down\391515.exe C:\WINDOWS\system32\drivers\down\391593.exe C:\WINDOWS\system32\drivers\down\391750.exe C:\WINDOWS\system32\drivers\down\391859.exe C:\WINDOWS\system32\drivers\down\392500.exe C:\WINDOWS\system32\drivers\down\392562.exe C:\WINDOWS\system32\drivers\down\393906.exe C:\WINDOWS\system32\drivers\down\394218.exe C:\WINDOWS\system32\drivers\down\394609.exe C:\WINDOWS\system32\drivers\down\395046.exe C:\WINDOWS\system32\drivers\down\395312.exe C:\WINDOWS\system32\drivers\down\396203.exe C:\WINDOWS\system32\drivers\down\396828.exe C:\WINDOWS\system32\drivers\down\397734.exe C:\WINDOWS\system32\drivers\down\398000.exe C:\WINDOWS\system32\drivers\down\398359.exe C:\WINDOWS\system32\drivers\down\398968.exe C:\WINDOWS\system32\drivers\down\399781.exe C:\WINDOWS\system32\drivers\down\401125.exe C:\WINDOWS\system32\drivers\down\401171.exe C:\WINDOWS\system32\drivers\down\402828.exe C:\WINDOWS\system32\drivers\down\403250.exe C:\WINDOWS\system32\drivers\down\403296.exe C:\WINDOWS\system32\drivers\down\403328.exe C:\WINDOWS\system32\drivers\down\403781.exe C:\WINDOWS\system32\drivers\down\404687.exe C:\WINDOWS\system32\drivers\down\405343.exe C:\WINDOWS\system32\drivers\down\405531.exe C:\WINDOWS\system32\drivers\down\405937.exe C:\WINDOWS\system32\drivers\down\406125.exe C:\WINDOWS\system32\drivers\down\407562.exe C:\WINDOWS\system32\drivers\down\409031.exe C:\WINDOWS\system32\drivers\down\409546.exe C:\WINDOWS\system32\drivers\down\409578.exe C:\WINDOWS\system32\drivers\down\409734.exe C:\WINDOWS\system32\drivers\down\411828.exe C:\WINDOWS\system32\drivers\down\413250.exe C:\WINDOWS\system32\drivers\down\416296.exe C:\WINDOWS\system32\drivers\down\417031.exe C:\WINDOWS\system32\drivers\down\418031.exe C:\WINDOWS\system32\drivers\down\419062.exe C:\WINDOWS\system32\drivers\down\419343.exe C:\WINDOWS\system32\drivers\down\419359.exe C:\WINDOWS\system32\drivers\down\420375.exe C:\WINDOWS\system32\drivers\down\421640.exe C:\WINDOWS\system32\drivers\down\421953.exe C:\WINDOWS\system32\drivers\down\422796.exe C:\WINDOWS\system32\drivers\down\423078.exe C:\WINDOWS\system32\drivers\down\423406.exe C:\WINDOWS\system32\drivers\down\423796.exe C:\WINDOWS\system32\drivers\down\424734.exe C:\WINDOWS\system32\drivers\down\425468.exe C:\WINDOWS\system32\drivers\down\425687.exe C:\WINDOWS\system32\drivers\down\426218.exe C:\WINDOWS\system32\drivers\down\426296.exe C:\WINDOWS\system32\drivers\down\426687.exe C:\WINDOWS\system32\drivers\down\427375.exe C:\WINDOWS\system32\drivers\down\427390.exe C:\WINDOWS\system32\drivers\down\427859.exe C:\WINDOWS\system32\drivers\down\427875.exe C:\WINDOWS\system32\drivers\down\427937.exe C:\WINDOWS\system32\drivers\down\428390.exe C:\WINDOWS\system32\drivers\down\428437.exe C:\WINDOWS\system32\drivers\down\428625.exe C:\WINDOWS\system32\drivers\down\428734.exe C:\WINDOWS\system32\drivers\down\428921.exe C:\WINDOWS\system32\drivers\down\429406.exe C:\WINDOWS\system32\drivers\down\429796.exe C:\WINDOWS\system32\drivers\down\430593.exe C:\WINDOWS\system32\drivers\down\431062.exe C:\WINDOWS\system32\drivers\down\431093.exe C:\WINDOWS\system32\drivers\down\431218.exe C:\WINDOWS\system32\drivers\down\432203.exe C:\WINDOWS\system32\drivers\down\432281.exe C:\WINDOWS\system32\drivers\down\433218.exe C:\WINDOWS\system32\drivers\down\433453.exe C:\WINDOWS\system32\drivers\down\433781.exe C:\WINDOWS\system32\drivers\down\434125.exe C:\WINDOWS\system32\drivers\down\434609.exe C:\WINDOWS\system32\drivers\down\435531.exe C:\WINDOWS\system32\drivers\down\435750.exe C:\WINDOWS\system32\drivers\down\436843.exe C:\WINDOWS\system32\drivers\down\437015.exe C:\WINDOWS\system32\drivers\down\439000.exe C:\WINDOWS\system32\drivers\down\440187.exe C:\WINDOWS\system32\drivers\down\440250.exe C:\WINDOWS\system32\drivers\down\440281.exe C:\WINDOWS\system32\drivers\down\440562.exe C:\WINDOWS\system32\drivers\down\441234.exe C:\WINDOWS\system32\drivers\down\441281.exe C:\WINDOWS\system32\drivers\down\441421.exe C:\WINDOWS\system32\drivers\down\441921.exe C:\WINDOWS\system32\drivers\down\442171.exe C:\WINDOWS\system32\drivers\down\442453.exe C:\WINDOWS\system32\drivers\down\443859.exe C:\WINDOWS\system32\drivers\down\444187.exe C:\WINDOWS\system32\drivers\down\444593.exe C:\WINDOWS\system32\drivers\down\445546.exe C:\WINDOWS\system32\drivers\down\44557453.exe C:\WINDOWS\system32\drivers\down\44560359.exe C:\WINDOWS\system32\drivers\down\44563015.exe C:\WINDOWS\system32\drivers\down\44565031.exe C:\WINDOWS\system32\drivers\down\44570406.exe C:\WINDOWS\system32\drivers\down\44596531.exe C:\WINDOWS\system32\drivers\down\44596968.exe C:\WINDOWS\system32\drivers\down\44605531.exe C:\WINDOWS\system32\drivers\down\44606453.exe C:\WINDOWS\system32\drivers\down\44608640.exe C:\WINDOWS\system32\drivers\down\44610734.exe C:\WINDOWS\system32\drivers\down\44620843.exe C:\WINDOWS\system32\drivers\down\44624703.exe C:\WINDOWS\system32\drivers\down\44626093.exe C:\WINDOWS\system32\drivers\down\44627578.exe C:\WINDOWS\system32\drivers\down\44629890.exe C:\WINDOWS\system32\drivers\down\44662781.exe C:\WINDOWS\system32\drivers\down\44667234.exe C:\WINDOWS\system32\drivers\down\447109.exe C:\WINDOWS\system32\drivers\down\44739015.exe C:\WINDOWS\system32\drivers\down\447406.exe C:\WINDOWS\system32\drivers\down\447468.exe C:\WINDOWS\system32\drivers\down\44757500.exe C:\WINDOWS\system32\drivers\down\44771734.exe C:\WINDOWS\system32\drivers\down\447718.exe C:\WINDOWS\system32\drivers\down\44792125.exe C:\WINDOWS\system32\drivers\down\44819609.exe C:\WINDOWS\system32\drivers\down\44857343.exe C:\WINDOWS\system32\drivers\down\44864937.exe C:\WINDOWS\system32\drivers\down\448671.exe C:\WINDOWS\system32\drivers\down\44906171.exe C:\WINDOWS\system32\drivers\down\449093.exe C:\WINDOWS\system32\drivers\down\44913406.exe C:\WINDOWS\system32\drivers\down\449312.exe C:\WINDOWS\system32\drivers\down\44938296.exe C:\WINDOWS\system32\drivers\down\44942609.exe C:\WINDOWS\system32\drivers\down\44960093.exe C:\WINDOWS\system32\drivers\down\449718.exe C:\WINDOWS\system32\drivers\down\44983093.exe C:\WINDOWS\system32\drivers\down\44987703.exe C:\WINDOWS\system32\drivers\down\450234.exe C:\WINDOWS\system32\drivers\down\45051203.exe C:\WINDOWS\system32\drivers\down\450671.exe C:\WINDOWS\system32\drivers\down\45076656.exe C:\WINDOWS\system32\drivers\down\45085109.exe C:\WINDOWS\system32\drivers\down\45086359.exe C:\WINDOWS\system32\drivers\down\45104265.exe C:\WINDOWS\system32\drivers\down\451125.exe C:\WINDOWS\system32\drivers\down\451578.exe C:\WINDOWS\system32\drivers\down\45179203.exe C:\WINDOWS\system32\drivers\down\45180203.exe C:\WINDOWS\system32\drivers\down\45190796.exe C:\WINDOWS\system32\drivers\down\452359.exe C:\WINDOWS\system32\drivers\down\452421.exe C:\WINDOWS\system32\drivers\down\45245234.exe C:\WINDOWS\system32\drivers\down\452703.exe C:\WINDOWS\system32\drivers\down\45319890.exe C:\WINDOWS\system32\drivers\down\45340625.exe C:\WINDOWS\system32\drivers\down\453718.exe C:\WINDOWS\system32\drivers\down\453734.exe C:\WINDOWS\system32\drivers\down\45428562.exe C:\WINDOWS\system32\drivers\down\45471468.exe C:\WINDOWS\system32\drivers\down\45487515.exe C:\WINDOWS\system32\drivers\down\45492671.exe C:\WINDOWS\system32\drivers\down\45531125.exe C:\WINDOWS\system32\drivers\down\456390.exe C:\WINDOWS\system32\drivers\down\45667203.exe C:\WINDOWS\system32\drivers\down\456984.exe C:\WINDOWS\system32\drivers\down\45716359.exe C:\WINDOWS\system32\drivers\down\457515.exe C:\WINDOWS\system32\drivers\down\457531.exe C:\WINDOWS\system32\drivers\down\457546.exe C:\WINDOWS\system32\drivers\down\458437.exe C:\WINDOWS\system32\drivers\down\458546.exe C:\WINDOWS\system32\drivers\down\459031.exe C:\WINDOWS\system32\drivers\down\459656.exe C:\WINDOWS\system32\drivers\down\461484.exe C:\WINDOWS\system32\drivers\down\462281.exe C:\WINDOWS\system32\drivers\down\462406.exe C:\WINDOWS\system32\drivers\down\462421.exe C:\WINDOWS\system32\drivers\down\463156.exe C:\WINDOWS\system32\drivers\down\463531.exe C:\WINDOWS\system32\drivers\down\464765.exe C:\WINDOWS\system32\drivers\down\465046.exe C:\WINDOWS\system32\drivers\down\465937.exe C:\WINDOWS\system32\drivers\down\466125.exe C:\WINDOWS\system32\drivers\down\466250.exe C:\WINDOWS\system32\drivers\down\466437.exe C:\WINDOWS\system32\drivers\down\466578.exe C:\WINDOWS\system32\drivers\down\466671.exe C:\WINDOWS\system32\drivers\down\467468.exe C:\WINDOWS\system32\drivers\down\467656.exe C:\WINDOWS\system32\drivers\down\468296.exe C:\WINDOWS\system32\drivers\down\468343.exe C:\WINDOWS\system32\drivers\down\469984.exe C:\WINDOWS\system32\drivers\down\470234.exe C:\WINDOWS\system32\drivers\down\471375.exe C:\WINDOWS\system32\drivers\down\471906.exe C:\WINDOWS\system32\drivers\down\473671.exe C:\WINDOWS\system32\drivers\down\473734.exe C:\WINDOWS\system32\drivers\down\474156.exe C:\WINDOWS\system32\drivers\down\474203.exe C:\WINDOWS\system32\drivers\down\474343.exe C:\WINDOWS\system32\drivers\down\476203.exe C:\WINDOWS\system32\drivers\down\478453.exe C:\WINDOWS\system32\drivers\down\479625.exe C:\WINDOWS\system32\drivers\down\480156.exe C:\WINDOWS\system32\drivers\down\482875.exe C:\WINDOWS\system32\drivers\down\483703.exe C:\WINDOWS\system32\drivers\down\483859.exe C:\WINDOWS\system32\drivers\down\484468.exe C:\WINDOWS\system32\drivers\down\486656.exe C:\WINDOWS\system32\drivers\down\487046.exe C:\WINDOWS\system32\drivers\down\488250.exe C:\WINDOWS\system32\drivers\down\489734.exe C:\WINDOWS\system32\drivers\down\490171.exe C:\WINDOWS\system32\drivers\down\490484.exe C:\WINDOWS\system32\drivers\down\490656.exe C:\WINDOWS\system32\drivers\down\490718.exe C:\WINDOWS\system32\drivers\down\491312.exe C:\WINDOWS\system32\drivers\down\492906.exe C:\WINDOWS\system32\drivers\down\493312.exe C:\WINDOWS\system32\drivers\down\493906.exe C:\WINDOWS\system32\drivers\down\494531.exe C:\WINDOWS\system32\drivers\down\496093.exe C:\WINDOWS\system32\drivers\down\497421.exe C:\WINDOWS\system32\drivers\down\498703.exe C:\WINDOWS\system32\drivers\down\498796.exe C:\WINDOWS\system32\drivers\down\502968.exe C:\WINDOWS\system32\drivers\down\503031.exe C:\WINDOWS\system32\drivers\down\503453.exe C:\WINDOWS\system32\drivers\down\503906.exe C:\WINDOWS\system32\drivers\down\507453.exe C:\WINDOWS\system32\drivers\down\511859.exe C:\WINDOWS\system32\drivers\down\515609.exe C:\WINDOWS\system32\drivers\down\518343.exe C:\WINDOWS\system32\drivers\down\519171.exe C:\WINDOWS\system32\drivers\down\519734.exe C:\WINDOWS\system32\drivers\down\519968.exe C:\WINDOWS\system32\drivers\down\520468.exe C:\WINDOWS\system32\drivers\down\524343.exe C:\WINDOWS\system32\drivers\down\526359.exe C:\WINDOWS\system32\drivers\down\526515.exe C:\WINDOWS\system32\drivers\down\526859.exe C:\WINDOWS\system32\drivers\down\528187.exe C:\WINDOWS\system32\drivers\down\529031.exe C:\WINDOWS\system32\drivers\down\529171.exe C:\WINDOWS\system32\drivers\down\530437.exe C:\WINDOWS\system32\drivers\down\533234.exe C:\WINDOWS\system32\drivers\down\533750.exe C:\WINDOWS\system32\drivers\down\536125.exe C:\WINDOWS\system32\drivers\down\539718.exe C:\WINDOWS\system32\drivers\down\540000.exe C:\WINDOWS\system32\drivers\down\546265.exe C:\WINDOWS\system32\drivers\down\550718.exe C:\WINDOWS\system32\drivers\down\554296.exe C:\WINDOWS\system32\drivers\down\556593.exe C:\WINDOWS\system32\drivers\down\558593.exe C:\WINDOWS\system32\drivers\down\562765.exe C:\WINDOWS\system32\drivers\down\570281.exe C:\WINDOWS\system32\drivers\down\574546.exe C:\WINDOWS\system32\drivers\down\590656.exe C:\WINDOWS\system32\drivers\down\595531.exe C:\WINDOWS\system32\drivers\down\598906.exe C:\WINDOWS\system32\drivers\down\60209468.exe C:\WINDOWS\system32\drivers\down\60211406.exe C:\WINDOWS\system32\drivers\down\60237875.exe C:\WINDOWS\system32\drivers\down\60238312.exe C:\WINDOWS\system32\drivers\down\60242000.exe C:\WINDOWS\system32\drivers\down\60250984.exe C:\WINDOWS\system32\drivers\down\60260234.exe C:\WINDOWS\system32\drivers\down\60316312.exe C:\WINDOWS\system32\drivers\down\60348500.exe C:\WINDOWS\system32\drivers\down\60361281.exe C:\WINDOWS\system32\drivers\down\60378593.exe C:\WINDOWS\system32\drivers\down\60424796.exe C:\WINDOWS\system32\drivers\down\60462375.exe C:\WINDOWS\system32\drivers\down\60467718.exe C:\WINDOWS\system32\drivers\down\60468500.exe C:\WINDOWS\system32\drivers\down\60487296.exe C:\WINDOWS\system32\drivers\down\60555296.exe C:\WINDOWS\system32\drivers\down\60561375.exe C:\WINDOWS\system32\drivers\down\647062.exe C:\WINDOWS\system32\drivers\down\658937.exe C:\WINDOWS\system32\drivers\down\681421.exe C:\WINDOWS\system32\drivers\down\683421.exe C:\WINDOWS\system32\drivers\down\692343.exe C:\WINDOWS\system32\drivers\down\694687.exe C:\WINDOWS\system32\drivers\down\697843.exe C:\WINDOWS\system32\drivers\down\701015.exe C:\WINDOWS\system32\drivers\down\702015.exe C:\WINDOWS\system32\drivers\down\704156.exe C:\WINDOWS\system32\drivers\down\708046.exe C:\WINDOWS\system32\drivers\down\709578.exe C:\WINDOWS\system32\drivers\down\712687.exe C:\WINDOWS\system32\drivers\down\716609.exe C:\WINDOWS\system32\drivers\down\718390.exe C:\WINDOWS\system32\drivers\down\722359.exe C:\WINDOWS\system32\drivers\down\727187.exe C:\WINDOWS\system32\drivers\down\728843.exe C:\WINDOWS\system32\drivers\down\734218.exe C:\WINDOWS\system32\drivers\down\736500.exe C:\WINDOWS\system32\drivers\down\739156.exe C:\WINDOWS\system32\drivers\down\740265.exe C:\WINDOWS\system32\drivers\down\748312.exe C:\WINDOWS\system32\drivers\down\75006796.exe C:\WINDOWS\system32\drivers\down\75017515.exe C:\WINDOWS\system32\drivers\down\75017734.exe C:\WINDOWS\system32\drivers\down\75019296.exe C:\WINDOWS\system32\drivers\down\75045109.exe C:\WINDOWS\system32\drivers\down\75046187.exe C:\WINDOWS\system32\drivers\down\75056890.exe C:\WINDOWS\system32\drivers\down\75152046.exe C:\WINDOWS\system32\drivers\down\75167687.exe C:\WINDOWS\system32\drivers\down\75175718.exe C:\WINDOWS\system32\drivers\down\75207234.exe C:\WINDOWS\system32\drivers\down\75243109.exe C:\WINDOWS\system32\drivers\down\75249203.exe C:\WINDOWS\system32\drivers\down\75253875.exe C:\WINDOWS\system32\drivers\down\75254312.exe C:\WINDOWS\system32\drivers\down\75264781.exe C:\WINDOWS\system32\drivers\down\75363218.exe C:\WINDOWS\system32\drivers\down\75371312.exe C:\WINDOWS\system32\drivers\down\763359.exe C:\WINDOWS\system32\drivers\down\767500.exe C:\WINDOWS\system32\drivers\down\767671.exe C:\WINDOWS\system32\drivers\down\770203.exe C:\WINDOWS\system32\drivers\down\773453.exe C:\WINDOWS\system32\drivers\down\775687.exe C:\WINDOWS\system32\drivers\down\801375.exe C:\WINDOWS\system32\drivers\down\809343.exe C:\WINDOWS\system32\drivers\down\813578.exe C:\WINDOWS\system32\drivers\down\850234.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_srosa ((((((((((((((((((((((((((((( Fichiers créés 2008-02-20 to 2008-03-20 )))))))))))))))))))))))))))))))))))) . 2008-03-20 01:56 . <REP> C:\Documents and Settings\PropriÚtaire\Local Settings 2008-03-20 01:56 . <REP> C:\Documents and Settings\PropriÚtaire\Local Settings 2008-03-20 01:10 . 2008-03-20 01:10 724,729 --a------ C:\catchme2008-03-20_152829.20.zip 2008-03-19 16:29 . 2008-03-19 16:29 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2008-03-19 16:29 . 2008-03-19 16:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2008-03-19 07:49 . 2007-01-15 18:25 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys 2008-03-19 07:49 . 2006-12-21 00:51 31,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys 2008-03-19 07:49 . 2007-01-15 18:26 23,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys 2008-03-19 07:48 . 2006-12-21 00:56 94,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys 2008-03-19 07:48 . 2006-12-21 00:56 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys 2008-03-19 07:47 . 2008-03-19 07:47 <REP> d-------- C:\Program Files\Alwil Software 2008-03-19 07:47 . 2007-01-15 18:32 689,280 --a------ C:\WINDOWS\system32\aswBoot.exe 2008-03-19 07:47 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx 2008-03-19 07:47 . 2007-01-15 18:23 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr 2008-03-19 07:40 . 2008-03-19 07:41 18,944 --ahs---- C:\WINDOWS\system32\Thumbs.db 2008-03-18 00:55 . 2008-03-18 00:55 5,120 --ahs---- C:\Thumbs.db 2008-03-18 00:49 . 2008-03-18 00:54 57,968,640 --a------ C:\film.avi 2008-03-18 00:00 . 2008-03-18 00:00 887 --a------ C:\WINDOWS\cPVAS.INI 2008-03-17 19:26 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe 2008-03-17 19:26 . 2007-11-13 09:31 399,360 --a------ C:\WINDOWS\system32\Smab.dll 2008-03-17 19:26 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe 2008-03-17 19:26 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe 2008-03-17 19:26 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll 2008-03-17 19:26 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe 2008-03-17 19:26 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll 2008-03-17 19:24 . 2005-02-13 00:00 186,880 -r-hs---- C:\WINDOWS\system32\RLOgg.ax 2008-03-17 19:24 . 2005-01-18 00:26 179,200 -r-hs---- C:\WINDOWS\system32\DiracSplitter.ax 2008-03-17 19:24 . 2006-08-16 15:53 175,104 -r-hs---- C:\WINDOWS\system32\CoreAAC.ax 2008-03-17 19:24 . 2005-02-06 00:00 92,672 -r-hs---- C:\WINDOWS\system32\RLVorbisDec.ax 2008-03-17 19:24 . 2005-02-13 00:00 67,584 -r-hs---- C:\WINDOWS\system32\RLTheoraDec.ax 2008-03-17 19:24 . 2005-02-13 00:00 51,712 -r-hs---- C:\WINDOWS\system32\RLSpeexDec.ax 2008-03-17 18:28 . 2008-03-17 18:28 <REP> d-------- C:\Program Files\MIKSOFT 2008-03-03 03:34 . 2008-03-03 03:34 <REP> d--hs---- C:\found.002 2008-03-03 03:05 . 2008-03-03 03:05 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2008-03-02 23:58 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll 2008-03-02 23:58 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll 2008-03-02 23:58 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui 2008-03-02 06:10 . 2008-03-02 06:13 <REP> d-------- C:\Program Files\Windows Live 2008-03-02 06:10 . 2008-03-02 06:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller 2008-03-02 06:09 . 2008-03-02 06:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-02-29 02:28 . 2008-03-02 19:40 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP 2008-02-29 02:26 . 2008-02-29 02:26 <REP> d-------- C:\Program Files\Smart PC Solutions 2008-02-21 14:35 . 2008-02-21 14:35 <REP> d--hs---- C:\found.001 . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-19 16:19 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared 2008-03-18 00:17 --------- d-----w C:\Program Files\WebcamMax 2008-03-17 23:48 --------- d-----w C:\Program Files\Ripp-it_AM 2008-03-17 23:42 --------- d-----w C:\Program Files\AviSynth 2.5 2008-03-16 10:20 --------- d-----w C:\Program Files\eMule 2008-03-16 04:12 94,208 ----a-w C:\WINDOWS\DUMP4c12.tmp 2008-03-16 04:08 94,208 ----a-w C:\WINDOWS\DUMPaf1c.tmp 2008-03-10 05:31 --------- d-----w C:\Program Files\Azureus 2008-03-02 06:50 --------- d-----w C:\Program Files\MSN Messenger 2008-02-22 00:07 94,208 ----a-w C:\WINDOWS\DUMP693a.tmp 2008-02-17 04:18 --------- d-----w C:\Program Files\Namtuk 2008-02-14 04:22 --------- d-----w C:\Program Files\MSECache 2008-02-14 03:54 --------- d-----w C:\Documents and Settings\LocalService\Application Data\Ahead 2008-02-12 02:53 --------- d-----w C:\Program Files\Google 2008-02-05 02:38 --------- d-----w C:\Documents and Settings\All Users\Application Data\Webcammax 2008-02-01 00:41 --------- d-----w C:\Program Files\Fichiers communs\Real 2008-01-31 01:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\SlySoft 2008-01-31 01:40 --------- d-----w C:\Program Files\SlySoft 2008-01-28 22:43 --------- d-----w C:\Program Files\KC Softwares 2008-01-28 22:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Emjysoft 2008-01-20 16:23 --------- d-----w C:\Program Files\Anuman Interactive . ((((((((((((((((((((((((((((( snapshot_2008-03-20_ 1.49.47.84 ))))))))))))))))))))))))))))))))))))))))) . + 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE + 2008-03-20 14:40:08 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_140.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360] "RemoteCenter"="C:\Program Files\Creative\MediaSource\RemoteControl\RCMan.EXE" [2006-04-03 06:06 647168] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-19 13:18 68856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-01-15 15:14 147456] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 15:53 73840] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 15:45 313472] "Yahoo! Pager"="~C:\Program Files\Yahoo!\Messenger\ypager.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2004-09-16 19:39 69632 C:\WINDOWS\SOUNDMAN.EXE] "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-02-25 15:15 221184] "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-25 16:15 454656] "SbUsb AudCtrl"="sbusbdll.dll" [2004-07-09 03:27 119296 C:\WINDOWS\system32\sbusbdll.dll] "UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00 90112] "EPSON Stylus Photo R300 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0F2.exe" [2003-09-11 04:00 99840] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 14:49 49152] "MULTIMEDIA KEYBOARD"="C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe" [2002-06-19 08:50 180224] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496] "QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2007-06-04 18:22 98304] "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 14:40 155648] "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-02-22 20:05 339968] "PMCS"="C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe" [2004-09-29 07:39 24576] "PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-11-10 16:06 406016] "PMCRemote"="C:\Program Files\Pinnacle\Shared Files\Programs\Remote\Remoterm.exe" [2004-09-23 17:56 73728] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 15:53 73840] "MMTray"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\MMTray.exe" [2003-03-25 04:49 53248] "mmtray2k"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtray2k.exe" [2003-03-25 04:49 57344] "mmtraylsi"="C:\Program Files\ACE Mega CoDecS Pack\SystemS\Morgan Multimedia\mmtraylsi.exe" [2003-03-25 04:49 53248] "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35 90112] "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-25 16:06 212992] "CTSysVol"="C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43 57344] "WebcamMaxMoniter"="C:\Program Files\WebcamMax\wcmmon.exe" [2007-08-01 01:55 450048] "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-20 01:09 108160] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "C:\\Program Files\\Pinnacle\\Shared Files\\Programs\\MediaCenterService\\PMC.Service.Main.exe"= "C:\\Program Files\\Yahoo!\\Messenger\\YPager.exe"= "C:\\Program Files\\Azureus\\Azureus.exe"= "C:\\Program Files\\Camfrog\\Camfrog Video Chat\\Camfrog Video Chat.exe"= "C:\\Program Files\\Pinnacle\\MediaCenter\\PMC.exe"= "C:\\Program Files\\eMule\\emule.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= R0 sonyhcb;Sony Digital Imaging Base;C:\WINDOWS\system32\DRIVERS\sonyhcb.sys [2001-11-05 08:23] R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 07:02] R2 CamthWDM;WebcamMax, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\CamthWDM.sys [2007-01-11 06:39] R2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe [2001-08-06 04:41] R3 3xHybrid;Pinnacle PCTV Stereo service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2004-09-03 11:14] R3 FET5X86V;VIA Rhine-Family Fast-Ethernet Adapter Driver Service;C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys [2007-09-21 11:24] R3 sbusb;Sound Blaster USB Audio Driver;C:\WINDOWS\system32\DRIVERS\sbusb.sys [2004-07-27 10:31] S3 EraserUtilDrv10741;EraserUtilDrv10741;C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilDrv10741.sys [] S3 P1001VID;Creative WebCam (WDM);C:\WINDOWS\system32\DRIVERS\P1001Vid.sys [2002-01-30 03:25] S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2004-02-14 05:09] S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 13:45] S3 sonyhcs;Sony Digital Imaging Video;C:\WINDOWS\system32\DRIVERS\sonyhcs.sys [2001-11-05 08:23] S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS [] . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-20 15:40:50 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\drivers\CDAC11BA.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe C:\Program Files\Netropa\Onscreen Display\OSD.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\PowerCheck\PowerCheck.exe C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\Program Files\SAGEM WiFi manager\WLANUTL.exe C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe C:\Program Files\Logitech\Video\FxSvr2.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Temps d'accomplissement: 2008-03-20 15:46:02 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-20 14:45:57 ComboFix2.txt 2008-03-20 00:56:45 ComboFix3.txt 2007-12-07 01:47:47 je vais continuer la suite.... ....HESTEBAN 2005
  23. hesteban2005
    merci....bon vais faire ca....j'imprime avant car avec ma petite memoire.... et j'envoi ca apres...bon apres midi!!! HESTEBAN 2005!!
  24. hesteban2005
    ....DESOLE....J'AI FAIT UNE BETISE....J4AI ARRETER LE SCAN DE KASPESKY.....JE L'AI REFAIT DONC VOILA LE RESULTAT.... ...EXCUSEZ MOI.... ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 20, 2008 8:58:10 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 20/03/2008 Kaspersky Anti-Virus database records: 643114 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ G:\ H:\ J:\ Scan Statistics: Total number of scanned objects: 88515 Number of viruses found: 51 Number of infected objects: 451 Number of suspicious objects: 0 Duration of the scan process: 04:29:09 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip ZIP: infected - 4 skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008032020080321\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_618.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF66B8.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14915531.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14922015.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14923750.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14982890.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\15235500.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29806578.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29841687.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30004421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30056281.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30061765.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\301156.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\323796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\340203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346078.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\348203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\351484.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352500.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\354140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\361609.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\365781.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\370562.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\375796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\377203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0128923.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129921.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129928.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130927.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131944.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131988.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0132981.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133986.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0134078.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136091.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136194.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136198.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136199.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136242.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137274.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137278.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137279.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138682.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138714.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138715.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138716.dll Infected: Trojan-Downloader.Win32.Agent.bkd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138717.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138718.dll Infected: Trojan.Win32.Agent.vg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138719.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138720.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138721.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138722.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138723.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138725.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138726.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138727.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138728.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138729.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138730.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138731.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138732.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138733.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138734.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138735.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138736.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138737.dll Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138738.exe Infected: Trojan-Downloader.Win32.Alphabet.k skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138739.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138740.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138741.exe Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138742.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138743.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138744.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138745.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138746.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138747.dll Infected: Trojan.Win32.BHO.o skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138748.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138749.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138750.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138751.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138752.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138753.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138754.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138756.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138757.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138758.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138760.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138761.exe Infected: Trojan-Downloader.Win32.Zlob.cdj skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138762.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138763.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138764.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138765.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138766.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138768.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138769.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138770.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138771.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138772.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138773.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138774.exe Infected: Trojan.Win32.Obfuscated.gx skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138775.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138776.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138777.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138778.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138779.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138780.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138781.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138782.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138783.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138784.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138785.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138786.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138787.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138788.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138789.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138790.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138791.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138792.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138793.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138794.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138795.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138796.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138797.sys Infected: Email-Worm.Win32.Bagle.ik skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138798.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138799.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138800.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138801.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138802.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138803.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138804.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138805.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138806.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138807.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138808.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138809.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138810.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138811.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138812.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138813.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138814.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138815.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138816.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138817.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138818.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138819.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138820.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138821.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138822.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138823.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138824.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138825.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138826.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138827.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138828.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138829.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138830.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138831.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138832.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138833.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138834.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138835.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138836.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138837.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138838.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138839.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138840.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138841.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138842.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138843.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138844.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138845.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138846.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138847.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138848.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138849.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138851.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138852.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138853.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138854.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138855.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138856.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138857.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138858.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138860.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138861.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138862.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138863.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138864.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138865.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138866.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138867.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138868.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138869.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138871.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138872.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138873.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138874.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138875.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138876.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138877.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138879.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138880.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138881.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138882.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138883.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138884.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138885.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138886.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138887.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138888.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138889.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138890.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138891.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138892.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138893.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138894.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138895.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138896.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138897.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138898.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138899.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138900.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138901.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138902.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138903.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138904.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138905.exe Infected: Trojan-Downloader.Win32.Zlob.cfs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138906.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138907.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138908.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138909.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138910.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138911.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138912.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138913.exe Infected: Trojan-Downloader.Win32.Alphabet.z skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138914.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138916.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138917.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138918.dll Infected: Trojan.Win32.BHO.bd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138919.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138920.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138921.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138922.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138923.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138924.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138925.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138926.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138927.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138928.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138929.exe Infected: Trojan.Win32.Agent.anr skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138930.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138931.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138932.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138933.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138934.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138935.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138936.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138937.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138938.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138939.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138940.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138941.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138942.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138943.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138944.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138945.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138946.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138947.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138948.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138949.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138950.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138951.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138953.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138955.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138956.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138957.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138958.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138960.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138961.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138962.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138963.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138964.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138965.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138966.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138967.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138968.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138969.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138970.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138971.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138972.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138973.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138974.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138975.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138976.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138977.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138978.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138979.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138980.exe Infected: Trojan-Downloader.Win32.Agent.cke skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138981.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138982.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138983.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138984.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138985.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138986.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138987.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138988.dll Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138990.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138991.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138993.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138994.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138995.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138996.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138997.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138998.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138999.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139000.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139001.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139003.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139004.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139005.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139006.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139007.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139008.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139009.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139010.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139011.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139012.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139014.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139015.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139016.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139017.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139018.exe Infected: Trojan-Downloader.Win32.PurityScan.ej skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139019.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139020.exe Infected: not-a-virus:FraudTool.Win32.VirusProtectPro.g skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139023.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ash skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139024.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139025.dll Infected: not-a-virus:AdWare.Win32.PurityScan.fs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139028.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139029.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139030.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139031.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139032.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139033.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139034.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139035.dll Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139036.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139037.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139038.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139039.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139040.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139053.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140055.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140079.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140115.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140234.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140239.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140240.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140380.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140382.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140384.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140394.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140424.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140462.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140464.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140471.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140484.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140486.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140499.exe Infected: Trojan-PSW.Win32.Agent.xd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140515.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140520.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140523.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140525.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140528.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140535.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140536.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140538.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140542.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140552.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140557.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140563.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140573.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0141590.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{FEFA8EE3-DC0C-4A21-B341-E6EC95D4E8F6}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\down\380921.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\384734.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\386656.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\391593.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\392562.exe Infected: Trojan.Win32.Pakes.bwy skipped C:\WINDOWS\system32\drivers\down\406125.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\420375.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\44605531.exe Infected: Trojan-PSW.Win32.Agent.xd skipped C:\WINDOWS\system32\drivers\down\44864937.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\60211406.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\60238312.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\683421.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\702015.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\75017734.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_200.dat Object is locked skipped C:\WINDOWS\Temp\T30DebugLogFile.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip/WebcamMax 4.0.1.0 (Key+Serial).exe Infected: Trojan-Downloader.Win32.Bagle.li skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip ZIP: infected - 1 skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped E:\PROGRAMMES\photo.exe/file11 Infected: Backdoor.Win32.LiteBot.i skipped E:\PROGRAMMES\photo.exe Inno: infected - 1 skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe 7-Zip: infected - 1 skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe 7-Zip: infected - 1 skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped Scan process completed. MERCI DE VOTRE AIDE...@ PLUS.....HESTEBAN 2005 ....DESOLE....J'AI FAIT UNE BETISE....J4AI ARRETER LE SCAN DE KASPESKY.....JE L'AI REFAIT DONC VOILA LE RESULTAT.... ...EXCUSEZ MOI.... ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 20, 2008 8:58:10 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 20/03/2008 Kaspersky Anti-Virus database records: 643114 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ G:\ H:\ J:\ Scan Statistics: Total number of scanned objects: 88515 Number of viruses found: 51 Number of infected objects: 451 Number of suspicious objects: 0 Duration of the scan process: 04:29:09 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/srosa.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/wintems.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip/hldrrr.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Documents and Settings\Propriétaire\Bureau\catchme.zip ZIP: infected - 4 skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Folders.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Identities\{F09CBA65-83D3-4D0B-A370-917CA2AEF8C8}\Microsoft\Outlook Express\Offline.dbx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008032020080321\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_618.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF66B8.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14915531.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14922015.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14923750.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\14982890.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\15235500.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29806578.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\29841687.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30004421.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30056281.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\30061765.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\301156.exe.vir Infected: Trojan-PSW.Win32.Agent.xd skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\323796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\340203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346078.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\346921.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\348203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\351484.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\352500.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\354140.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\361609.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\365781.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\370562.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\375796.exe.vir Infected: Email-Worm.Win32.Bagle.of skipped C:\qoobox\Quarantine\C\WINDOWS\system32\drivers\down\377203.exe.vir Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0128923.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129921.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129928.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130927.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131944.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131988.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0132981.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133986.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0134078.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136091.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136194.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136198.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136199.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136242.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137274.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137278.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137279.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138682.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138714.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138715.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138716.dll Infected: Trojan-Downloader.Win32.Agent.bkd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138717.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138718.dll Infected: Trojan.Win32.Agent.vg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138719.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138720.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138721.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138722.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138723.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138725.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138726.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138727.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138728.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138729.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138730.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138731.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138732.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138733.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138734.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138735.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138736.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138737.dll Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138738.exe Infected: Trojan-Downloader.Win32.Alphabet.k skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138739.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138740.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138741.exe Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138742.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138743.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138744.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138745.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138746.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138747.dll Infected: Trojan.Win32.BHO.o skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138748.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138749.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138750.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138751.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138752.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138753.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138754.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138756.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138757.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138758.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138760.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138761.exe Infected: Trojan-Downloader.Win32.Zlob.cdj skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138762.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138763.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138764.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138765.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138766.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138768.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138769.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138770.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138771.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138772.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138773.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138774.exe Infected: Trojan.Win32.Obfuscated.gx skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138775.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138776.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138777.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138778.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138779.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138780.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138781.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138782.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138783.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138784.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138785.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138786.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138787.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138788.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138789.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138790.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138791.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138792.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138793.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138794.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138795.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138796.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138797.sys Infected: Email-Worm.Win32.Bagle.ik skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138798.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138799.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138800.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138801.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138802.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138803.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138804.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138805.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138806.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138807.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138808.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138809.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138810.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138811.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138812.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138813.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138814.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138815.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138816.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138817.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138818.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138819.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138820.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138821.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138822.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138823.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138824.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138825.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138826.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138827.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138828.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138829.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138830.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138831.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138832.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138833.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138834.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138835.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138836.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138837.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138838.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138839.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138840.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138841.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138842.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138843.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138844.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138845.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138846.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138847.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138848.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138849.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138851.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138852.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138853.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138854.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138855.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138856.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138857.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138858.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138860.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138861.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138862.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138863.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138864.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138865.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138866.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138867.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138868.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138869.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138871.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138872.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138873.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138874.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138875.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138876.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138877.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138879.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138880.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138881.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138882.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138883.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138884.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138885.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138886.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138887.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138888.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138889.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138890.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138891.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138892.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138893.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138894.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138895.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138896.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138897.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138898.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138899.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138900.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138901.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138902.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138903.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138904.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138905.exe Infected: Trojan-Downloader.Win32.Zlob.cfs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138906.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138907.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138908.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138909.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138910.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138911.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138912.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138913.exe Infected: Trojan-Downloader.Win32.Alphabet.z skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138914.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138916.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138917.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138918.dll Infected: Trojan.Win32.BHO.bd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138919.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138920.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138921.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138922.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138923.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138924.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138925.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138926.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138927.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138928.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138929.exe Infected: Trojan.Win32.Agent.anr skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138930.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138931.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138932.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138933.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138934.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138935.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138936.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138937.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138938.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138939.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138940.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138941.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138942.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138943.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138944.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138945.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138946.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138947.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138948.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138949.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138950.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138951.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138953.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138955.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138956.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138957.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138958.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138960.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138961.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138962.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138963.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138964.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138965.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138966.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138967.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138968.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138969.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138970.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138971.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138972.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138973.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138974.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138975.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138976.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138977.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138978.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138979.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138980.exe Infected: Trojan-Downloader.Win32.Agent.cke skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138981.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138982.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138983.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138984.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138985.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138986.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138987.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138988.dll Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138990.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138991.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138993.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138994.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138995.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138996.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138997.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138998.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138999.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139000.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139001.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139003.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139004.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139005.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139006.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139007.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139008.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139009.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139010.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139011.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139012.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139014.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139015.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139016.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139017.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139018.exe Infected: Trojan-Downloader.Win32.PurityScan.ej skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139019.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139020.exe Infected: not-a-virus:FraudTool.Win32.VirusProtectPro.g skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139023.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ash skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139024.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139025.dll Infected: not-a-virus:AdWare.Win32.PurityScan.fs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139028.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139029.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139030.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139031.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139032.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139033.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139034.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139035.dll Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139036.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139037.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139038.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139039.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139040.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139053.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140055.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140079.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140115.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140234.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140239.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140240.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140380.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140382.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140384.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140394.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140424.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140462.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140464.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140471.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140484.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140486.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140499.exe Infected: Trojan-PSW.Win32.Agent.xd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140515.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140520.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140523.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140525.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140528.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140535.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140536.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140538.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140542.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140552.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140557.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140563.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0140573.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\A0141590.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{FEFA8EE3-DC0C-4A21-B341-E6EC95D4E8F6}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\down\380921.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\384734.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\386656.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\391593.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\392562.exe Infected: Trojan.Win32.Pakes.bwy skipped C:\WINDOWS\system32\drivers\down\406125.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\420375.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\44605531.exe Infected: Trojan-PSW.Win32.Agent.xd skipped C:\WINDOWS\system32\drivers\down\44864937.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\60211406.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\60238312.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\683421.exe Infected: Trojan.Win32.Pakes.ciw skipped C:\WINDOWS\system32\drivers\down\702015.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\drivers\down\75017734.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_200.dat Object is locked skipped C:\WINDOWS\Temp\T30DebugLogFile.txt Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip/WebcamMax 4.0.1.0 (Key+Serial).exe Infected: Trojan-Downloader.Win32.Bagle.li skipped E:\Emule-incoming\WebcamMax 4.0.1.0 (Key+Serial).zip ZIP: infected - 1 skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar/Nero-7.7.5.1 FR.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped E:\PROGRAMMES\Nero-7.7.5.1 FR.rar RAR: infected - 2 skipped E:\PROGRAMMES\photo.exe/file11 Infected: Backdoor.Win32.LiteBot.i skipped E:\PROGRAMMES\photo.exe Inno: infected - 1 skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.1.1.4\Nero-8.1.1.4_all_trial.exe 7-Zip: infected - 1 skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe/Toolbar.exe Infected: not-a-virus:AdTool.Win32.MyWebSearch.bm skipped F:\dossier programmes azureus\Nero 8 Ultra Edition 8.2.8.0\Nero\Nero-8.2.8.0_fra_trial.exe 7-Zip: infected - 1 skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP320\change.log Object is locked skipped Scan process completed. MERCI DE VOTRE AIDE...@ PLUS.....HESTEBAN 2005
  25. hesteban2005
    ... et le rapport kaspersky: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, March 20, 2008 12:59:37 AM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 19/03/2008 Kaspersky Anti-Virus database records: 640648 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: C:\ E:\ F:\ G:\ J:\ Scan Statistics: Total number of scanned objects: 94033 Number of viruses found: 50 Number of infected objects: 395 Number of suspicious objects: 0 Duration of the scan process: 07:15:20 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\ApplicationHistory\PMC.Service.Main.exe.d04bbf2f.ini.inuse Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\dfsr.db Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\fsr.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\fsrtmp.log Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Messenger\reynald76780@hotmail.fr\SharingMetadata\Working\database_7294_C2C9_94C2_8ED3\tmp.edb Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\reynald76780@hotmail.fr\real\members.stg Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows Live Contacts\reynald76780@hotmail.fr\shadow\members.stg Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008031920080320\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\Perflib_Perfdata_2fc.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF6795.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF67B4.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF786E.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DF7897.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temp\~DFBE37.tmp Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\34H4S19Z\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\92RO0UD9\b64_2[1].jpg Infected: Trojan.Win32.Pakes.bwy skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\92RO0UD9\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_1[1].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_1[2].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_1[3].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_2[2].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_2[3].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\HFVO6701\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\LTEY5T8U\b64_1[1].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\LTEY5T8U\b64_1[2].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_1[1].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_1[2].jpg Infected: Trojan-PSW.Win32.Agent.xd skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_2[1].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_2[2].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_2[3].jpg Infected: Email-Worm.Win32.Bagle.sz skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\QUK2XS8C\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\V9M13J0I\b64_1[1].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\V9M13J0I\b64_1[2].jpg Infected: Trojan.Win32.Pakes.ciw skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\V9M13J0I\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\V9M13J0I\b64_31[2].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\YDQ31NXQ\b64_31[1].jpg Infected: Email-Worm.Win32.Bagle.of skipped C:\Documents and Settings\Propriétaire\ntuser.dat Object is locked skipped C:\Documents and Settings\Propriétaire\ntuser.dat.LOG Object is locked skipped C:\Program Files\Creative\MediaSource\RemoteControl\RcMan.exe Infected: Trojan-Downloader.Win32.Bagle.li skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\master.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\mastlog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\model.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\modellog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\PinnacleSys_GlobalContext_log.LDF Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\tempdb.mdf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\Data\templog.ldf Object is locked skipped C:\Program Files\Microsoft SQL Server\MSSQL$PINNACLESYS\LOG\ERRORLOG Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0128923.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129921.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0129928.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130926.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0130927.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131922.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131944.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0131988.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0132981.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133982.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133986.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0133987.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0134078.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136091.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136194.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136198.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136199.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0136242.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137274.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137278.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137279.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0137341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138337.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138340.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138341.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138682.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138714.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138715.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138716.dll Infected: Trojan-Downloader.Win32.Agent.bkd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138717.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138718.dll Infected: Trojan.Win32.Agent.vg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138719.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138720.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138721.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138722.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138723.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138725.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138726.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138727.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138728.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138729.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138730.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138731.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138732.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138733.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138734.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138735.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138736.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138737.dll Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138738.exe Infected: Trojan-Downloader.Win32.Alphabet.k skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138739.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138740.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138741.exe Infected: Trojan-Clicker.Win32.Small.mw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138742.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138743.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138744.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138745.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138746.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138747.dll Infected: Trojan.Win32.BHO.o skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138748.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138749.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138750.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138751.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138752.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138753.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138754.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138755.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138756.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138757.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138758.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138760.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138761.exe Infected: Trojan-Downloader.Win32.Zlob.cdj skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138762.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138763.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138764.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138765.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138766.exe Infected: Backdoor.Win32.Bifrose.d skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138767.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138768.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138769.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138770.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138771.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138772.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138773.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138774.exe Infected: Trojan.Win32.Obfuscated.gx skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138775.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138776.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138777.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138778.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138779.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138780.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138781.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138782.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138783.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138784.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138785.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138786.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138787.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138788.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138789.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138790.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138791.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138792.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138793.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138794.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138795.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138796.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138797.sys Infected: Email-Worm.Win32.Bagle.ik skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138798.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138799.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138800.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138801.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138802.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138803.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138804.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138805.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138806.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138807.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138808.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138809.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138810.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138811.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138812.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138813.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138814.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138815.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138816.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138817.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138818.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138819.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138820.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138821.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138822.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138823.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138824.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138825.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138826.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138827.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138828.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138829.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138830.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138831.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138832.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138833.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138834.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138835.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138836.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138837.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138838.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138839.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138840.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138841.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138842.exe Infected: Trojan-Downloader.Win32.Agent.brf skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138843.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138844.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138845.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138846.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138847.EXE Infected: not-a-virus:AdWare.Win32.PurityScan.fn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138848.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138849.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138851.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138852.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138853.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138854.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138855.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138856.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138857.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138858.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138859.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138860.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138861.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138862.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138863.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138864.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138865.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138866.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138867.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138868.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138869.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cbp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138870.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138871.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138872.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138873.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138874.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138875.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138876.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138877.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138879.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138880.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138881.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138882.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138883.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138884.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138885.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138886.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138887.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138888.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138889.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138890.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138891.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138892.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138893.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138894.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138895.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138896.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138897.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138898.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138899.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138900.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138901.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138902.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138903.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138904.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138905.exe Infected: Trojan-Downloader.Win32.Zlob.cfs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138906.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138907.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138908.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138909.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138910.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138911.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138912.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138913.exe Infected: Trojan-Downloader.Win32.Alphabet.z skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138914.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.jp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138916.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138917.exe Infected: Trojan-Downloader.Win32.Agent.bls skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138918.dll Infected: Trojan.Win32.BHO.bd skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138919.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138920.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138921.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138922.exe Infected: Trojan-Downloader.Win32.Bagle.by skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138923.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138924.dll Infected: Trojan-Spy.Win32.VBStat.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138925.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138926.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.fp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138927.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138928.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138929.exe Infected: Trojan.Win32.Agent.anr skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138930.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138931.exe Infected: Trojan-Downloader.Win32.Alphabet.gen skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138932.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138933.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138934.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138935.exe Infected: Email-Worm.Win32.Bagle.jm skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138936.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138937.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138938.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138939.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138940.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138941.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138942.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138943.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138944.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138945.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138946.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138947.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138948.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138949.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138950.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138951.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138953.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138954.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138955.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138956.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138957.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138958.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe/data0002 Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe NSIS: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138959.exe CryptFF: infected - 1 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138960.exe Infected: Trojan-Dropper.Win32.Agent.bmk skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138961.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138962.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138963.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138964.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138965.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.b skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138966.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138967.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138968.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138969.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138970.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138971.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138972.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138973.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138974.exe Infected: Trojan.Win32.Agent.qt skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138975.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138976.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138977.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138978.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138979.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138980.exe Infected: Trojan-Downloader.Win32.Agent.cke skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138981.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138982.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138983.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138984.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138985.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138986.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138987.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138988.dll Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138990.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138991.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe/stream Infected: Trojan-Downloader.Win32.Zlob.cdb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe NSIS: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138992.exe CryptFF: infected - 2 skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138993.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138994.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138995.exe Infected: Trojan-Downloader.Win32.Alphabet.p skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138996.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138997.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138998.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0138999.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139000.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139001.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139003.exe Infected: Trojan-Clicker.Win32.Small.mv skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139004.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139005.exe Infected: Trojan-Downloader.Win32.Agent.bqw skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139006.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139007.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139008.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139009.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139010.exe Infected: Trojan.Win32.Agent.arp skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139011.exe Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139012.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139014.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139015.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139016.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139017.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139018.exe Infected: Trojan-Downloader.Win32.PurityScan.ej skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139019.exe Infected: Trojan-Downloader.Win32.PurityScan.eg skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139020.exe Infected: not-a-virus:FraudTool.Win32.VirusProtectPro.g skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139023.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ash skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139024.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139025.dll Infected: not-a-virus:AdWare.Win32.PurityScan.fs skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139027.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139028.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139029.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139030.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.c skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139031.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139032.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139033.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139034.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139035.dll Infected: Trojan.Win32.Dialer.qn skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139036.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139037.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139038.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139039.exe Infected: Trojan-Downloader.Win32.Alphabet.h skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139040.exe Infected: Email-Worm.Win32.Bagle.il skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0139053.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140055.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140079.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140115.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140234.sys Infected: Trojan-Downloader.Win32.Bagle.ln skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140239.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\A0140240.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\System Volume Information\_restore{53FE73C4-7EFB-415C-A5B3-E1A4D50A631B}\RP319\change.log Object is locked skipped C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe Object is locked skipped C:\WINDOWS\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe Object is locked skipped C:\WINDOWS\$NtUninstallKB890859$\ntkrnlpa.exe Object is locked skipped C:\WINDOWS\$NtUninstallKB931784$\ntkrnlpa.exe Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Driver Cache\i386\ntkrnlpa.exe Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\Internet.evt Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\mdelk.exe Infected: Email-Worm.Win32.Bagle.of skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_200.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped Scan was interrupted by user! BON COURAGE ET MERCI A CEUX QUI M'AIDERONT... @ plus....
×
×
  • Créer...