gawel

Re. Non toujours pas, j'ai l'ancer une recherche pour le trouver et l'ordi ne le trouve plus. Il s'est peut etre suprimer quand j'ai suprimer les ficher en quarantaine de l'anti virus?

Toujours impossible a ziper... par contre je vais a lendroit ou est le placer et il n'y figure pas c'est bizzard mais quand je fait rechercher je le trouve. Bon je suis rassuré si c'est moin grave! On finiras demain si sa te derange pas car demain boulot. Bye et merci encore!

Voici le rapport mais toujours aucune traces des 2 fichiers: ComboFix 08-05-12.1 - GaWeL 2008-05-16 23:45:43.4 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1282 [GMT 2:00] Endroit: C:\Users\GaWeL\Desktop\combo-fix.exe Command switches used :: C:\Users\GaWeL\Desktop\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\QooBox.zip . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\QooBox.zip c:\Users\GaWeL\AppData\Roaming\m\flec006.exe . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier cr‚‚ dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-15 22:51 --------- d-----w C:\ProgramData\Avira 2008-05-15 22:51 --------- d-----w C:\Program Files\Avira 2008-05-15 06:50 --------- d-----w C:\ProgramData\Microsoft Help 2008-05-13 22:51 --------- d-----w C:\Program Files\Alwil Software 2008-05-13 22:01 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-05-13 22:01 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-05-13 21:27 --------- d-----w C:\Program Files\CCleaner 2008-05-11 20:05 --------- d-----w C:\ProgramData\pixelStorm 2008-05-11 14:27 --------- d-----w C:\Program Files\PpStream Fr 2008-05-11 14:25 --------- d-----w C:\Users\GaWeL\AppData\Roaming\ppStream 2008-05-05 17:20 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-05-05 17:20 22,328 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrK.sys 2008-05-05 17:20 103,736 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrB.exe 2008-05-05 17:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-05 16:59 --------- d-----w C:\Program Files\Activision 2008-05-01 13:25 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files 2008-05-01 10:42 --------- d-----w C:\Program Files\Apple Software Update 2008-04-20 20:49 --------- d-----w C:\Program Files\pspvideo9 2008-04-20 20:41 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-04-20 20:41 --------- d-----w C:\Program Files\Realtek 2008-04-14 20:11 --------- d-----w C:\Program Files\AviSynth 2.5 2008-04-03 23:00 --------- d--h--r C:\Users\GaWeL\AppData\Roaming\SecuROM 2008-04-03 22:44 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Sports Interactive 2008-04-03 22:39 --------- d--h--w C:\Program Files\Zero G Registry 2008-04-03 22:33 --------- d-----w C:\Program Files\Sports Interactive 2008-04-03 16:04 --------- d-----w C:\Program Files\iTunes 2008-04-03 16:04 --------- d-----w C:\Program Files\iPod 2008-04-03 16:03 --------- d-----w C:\Program Files\QuickTime 2008-03-21 18:43 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Apple Computer 2008-03-20 17:53 --------- d-----w C:\Program Files\Safari 2008-03-16 18:15 --------- d-----w C:\ProgramData\NVIDIA 2008-03-16 04:57 --------- d-----w C:\Users\GaWeL\AppData\Roaming\WinBatch 2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-04 19:26 82 ----a-w C:\Users\GaWeL\AppData\Roaming\wklnhst.dat 2008-02-04 19:25 47,360 ----a-w C:\Users\GaWeL\AppData\Roaming\pcouffin.sys 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\Users\GaWeL\AppData\Roaming\m ---- c:\Users\GaWeL\AppData\Roaming\m\ ------- Sigcheck ------- . ((((((((((((((((((((((((((((( snapshot_2008-05-16_23.21.22,85 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-16 21:13:26 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-05-16 21:48:16 67,584 --s-a-w C:\Windows\bootstat.dat - 2008-05-16 21:15:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-16 21:48:43 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-16 21:48:43 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-05-16 21:14:57 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-16 21:48:43 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-16 21:48:43 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-05-16 21:08:48 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-05-16 21:33:47 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-05-16 21:08:48 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-05-16 21:33:47 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-05-16 21:08:48 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-05-16 21:33:47 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-14 00:01 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-19 00:28 1006264] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 12:59 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "VX6000"="C:\Windows\vVX6000.exe" [2007-04-10 14:46 996712] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "HPAIO_PrintFolderMgr"="C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe" [ ] "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 09:23 132624] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 18:59 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 18:59 8473120] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 18:59 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ] C:\Users\GaWeL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 17:51 192512] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3072763064-2446227072-4167713054-1000] "EnableNotificationsRef"=dword:00000004 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6D627958-CCBC-4F0D-86EA-814307131E64}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{540C4478-A48C-4271-81C8-B312B78F5CD9}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{48ED27BD-4D5C-4483-A8AD-C9C463E81AF8}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{F941FE5E-E53C-412C-A2D8-0339ACB9EB76}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "{73E54759-DADF-4B25-9ADE-FC0CEC637531}"= Disabled:UDP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{89C5A30E-BA8B-4A1F-A260-6172F1C8EE2C}"= Disabled:TCP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{23BF2E3B-7760-4D96-B3F8-59E6955F4804}"= Disabled:UDP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{D66CA116-176E-453F-B9FD-F1F41B96189D}"= Disabled:TCP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{98DE3049-F1BB-4828-8A84-6411E529D14B}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{8FBFFE59-6FDE-4598-A05F-1E5CEC5E7443}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{2C10C3AB-CE1C-4515-96FA-A57BCED63DF5}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{94C8C4C4-8632-4B6C-998D-C1ECFBC63523}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "TCP Query User{932CA54F-49E3-4D4A-A864-CCAA54BD20CA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{F4F8E69B-40BA-405C-BD82-2237C2AE3463}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{77DF3217-5272-47CC-8DBA-1101B32A5D27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{1F84B188-BFE2-4FD0-9250-88F6BEC8BBEF}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{6E30E2E8-F8F9-4295-BF15-28B63DFEDC74}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{C9581EA9-5CE7-419C-9E74-8C62834DE3D6}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C9A552AD-84B9-42F6-AC47-437E898F82B6}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4D69BB7C-0995-4A56-B788-EDE78F5EDEAF}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B4A249E-4B06-4E73-9D04-B9D0E9E48B68}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{0C8D9FB4-BE31-4A0D-832A-D2E570934E1A}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{1FC82F46-9F77-4191-A7E5-D4B98ACA6646}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{B9622CB5-EB26-4DEF-9F3E-150EB96C78E1}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{61D1E7E4-CE5A-427A-8F94-CC1A104C87B7}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C269D18D-2E5C-4592-8C30-358FEED71359}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4B1F9833-512C-4D7E-8F61-50B975A705E0}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B64E45C-5802-40D1-95D5-1F539FB9137E}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{D6DD97F8-43B4-43CF-AE3C-A8D541181EA1}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{48307B80-3264-46FB-B078-3366468C8810}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{3B963C37-3149-41CC-8450-F84F0D87B63F}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{38B24799-AD50-4759-ACDA-A799790B7EA3}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{78BF92EF-58C0-475F-B36A-C5CB0B0A5E1D}C:\\users\\gawel\\desktop\\viviplay.exe"= UDP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "UDP Query User{DB60AA64-5A66-4A56-9503-278736AB17F1}C:\\users\\gawel\\desktop\\viviplay.exe"= TCP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "{85107586-3806-4B67-BBC3-C0F9C52DD8A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{BF23537A-2CAB-4E9F-AA99-698848A1CDB3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{D266B7DB-B012-4802-8B20-F9145C464865}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{0595A42E-1164-4B80-A380-1DCD8B3FA3B4}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\Windows\system32\plcndis5.sys [2004-05-17 11:21] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] S3 VX6000;Microsoft LifeCam VX-6000;C:\Windows\system32\DRIVERS\VX6000Xp.sys [2007-04-10 14:46] S4 usbprint;Microsoft USB PRINTER Class;C:\Windows\system32\drivers\usbprint.sys [2006-11-02 11:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-16 23:48:49 Windows 6.0.6000 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\System32\PnkBstrA.exe C:\Windows\System32\PnkBstrB.exe C:\Windows\System32\WUDFHost.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\wbem\unsecapp.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\hp\KBD\kbd.exe C:\Windows\System32\conime.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-16 23:55:04 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-16 21:54:56 ComboFix2.txt 2008-05-16 21:22:25 ComboFix3.txt 2008-05-15 21:41:34 ComboFix4.txt 2008-05-14 22:38:55 Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application. 225 --- E O F --- 2008-05-15 06:50:23

Le rapport mais par contre aucune trace des deux fichiers, j'ai fait rechercher mais rien. ComboFix 08-05-12.1 - GaWeL 2008-05-16 23:16:55.3 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1302 [GMT 2:00] Endroit: C:\Users\GaWeL\Desktop\combo-fix.exe Command switches used :: C:\Users\GaWeL\Desktop\CFScript.txt * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\drivers\downld . ((((((((((((((((((((((((((((( Fichiers créés 2008-04-16 to 2008-05-16 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-16 20:11 1,921,208 ----a-w C:\QooBox.zip 2008-05-15 22:51 --------- d-----w C:\ProgramData\Avira 2008-05-15 22:51 --------- d-----w C:\Program Files\Avira 2008-05-15 06:50 --------- d-----w C:\ProgramData\Microsoft Help 2008-05-13 22:51 --------- d-----w C:\Program Files\Alwil Software 2008-05-13 22:01 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-05-13 22:01 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-05-13 21:27 --------- d-----w C:\Program Files\CCleaner 2008-05-11 20:05 --------- d-----w C:\ProgramData\pixelStorm 2008-05-11 14:27 --------- d-----w C:\Program Files\PpStream Fr 2008-05-11 14:25 --------- d-----w C:\Users\GaWeL\AppData\Roaming\ppStream 2008-05-05 17:20 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-05-05 17:20 22,328 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrK.sys 2008-05-05 17:20 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-05-05 17:20 103,736 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrB.exe 2008-05-05 17:18 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe 2008-05-05 17:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-05 16:59 --------- d-----w C:\Program Files\Activision 2008-05-01 13:25 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files 2008-05-01 10:42 --------- d-----w C:\Program Files\Apple Software Update 2008-04-20 20:49 --------- d-----w C:\Program Files\pspvideo9 2008-04-20 20:41 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-04-20 20:41 --------- d-----w C:\Program Files\Realtek 2008-04-14 20:11 --------- d-----w C:\Program Files\AviSynth 2.5 2008-04-03 23:00 --------- d--h--r C:\Users\GaWeL\AppData\Roaming\SecuROM 2008-04-03 22:44 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Sports Interactive 2008-04-03 22:39 --------- d--h--w C:\Program Files\Zero G Registry 2008-04-03 22:33 --------- d-----w C:\Program Files\Sports Interactive 2008-04-03 16:04 --------- d-----w C:\Program Files\iTunes 2008-04-03 16:04 --------- d-----w C:\Program Files\iPod 2008-04-03 16:03 --------- d-----w C:\Program Files\QuickTime 2008-03-21 18:43 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Apple Computer 2008-03-20 17:53 --------- d-----w C:\Program Files\Safari 2008-03-16 18:15 --------- d-----w C:\ProgramData\NVIDIA 2008-03-16 04:57 --------- d-----w C:\Users\GaWeL\AppData\Roaming\WinBatch 2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll 2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll 2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll 2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe 2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe 2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll 2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll 2008-02-29 04:14 2,028,544 ----a-w C:\Windows\System32\win32k.sys 2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll 2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll 2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll 2008-02-04 19:26 82 ----a-w C:\Users\GaWeL\AppData\Roaming\wklnhst.dat 2008-02-04 19:25 47,360 ----a-w C:\Users\GaWeL\AppData\Roaming\pcouffin.sys 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini . ------- Sigcheck ------- . ((((((((((((((((((((((((((((( snapshot_2008-05-15_23.40.01,12 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-15 21:22:48 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-05-16 21:13:26 67,584 --s-a-w C:\Windows\bootstat.dat - 2008-05-15 21:22:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-05-16 21:13:27 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-05-15 21:22:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-05-16 21:13:27 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-04-16 19:57:06 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-05-16 20:42:56 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\usrclass.dat - 2008-05-15 21:25:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-16 21:15:02 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-16 21:15:02 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-04-16 19:45:08 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat + 2008-05-16 20:43:00 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\usrclass.dat - 2008-05-15 21:25:43 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-16 21:14:57 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-16 21:14:57 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 + 2008-05-15 22:45:25 203,409 ----a-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin - 2008-05-15 21:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-05-16 21:08:48 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-05-15 21:35:55 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-05-16 21:08:48 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-05-15 21:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-05-16 21:08:48 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-03-04 11:28:53 79,424 ----a-w C:\Windows\System32\drivers\avipbb.sys + 2007-03-01 08:34:22 28,352 ----a-w C:\Windows\System32\drivers\ssmdrv.sys - 2008-04-10 06:53:05 433,536 ----a-w C:\Windows\System32\FNTCACHE.DAT + 2008-05-15 22:45:10 433,536 ----a-w C:\Windows\System32\FNTCACHE.DAT - 2008-05-15 21:26:35 12,214 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3072763064-2446227072-4167713054-1000_UserData.bin + 2008-05-16 21:15:17 12,602 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3072763064-2446227072-4167713054-1000_UserData.bin - 2008-05-15 21:26:34 57,692 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-05-16 21:15:17 58,574 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-05-01 01:55:01 4,212 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat + 2008-05-16 00:23:32 4,212 ----a-w C:\Windows\System32\WDI\ERCQueuedResolutions.dat - 2008-05-15 21:26:33 43,892 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-05-16 21:15:16 45,056 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-14 00:01 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-19 00:28 1006264] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 12:59 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "VX6000"="C:\Windows\vVX6000.exe" [2007-04-10 14:46 996712] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "HPAIO_PrintFolderMgr"="C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe" [ ] "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 09:23 132624] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 18:59 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 18:59 8473120] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 18:59 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ] C:\Users\GaWeL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 17:51 192512] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3072763064-2446227072-4167713054-1000] "EnableNotificationsRef"=dword:00000004 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6D627958-CCBC-4F0D-86EA-814307131E64}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{540C4478-A48C-4271-81C8-B312B78F5CD9}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{48ED27BD-4D5C-4483-A8AD-C9C463E81AF8}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{F941FE5E-E53C-412C-A2D8-0339ACB9EB76}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "{73E54759-DADF-4B25-9ADE-FC0CEC637531}"= Disabled:UDP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{89C5A30E-BA8B-4A1F-A260-6172F1C8EE2C}"= Disabled:TCP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{23BF2E3B-7760-4D96-B3F8-59E6955F4804}"= Disabled:UDP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{D66CA116-176E-453F-B9FD-F1F41B96189D}"= Disabled:TCP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{98DE3049-F1BB-4828-8A84-6411E529D14B}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{8FBFFE59-6FDE-4598-A05F-1E5CEC5E7443}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{2C10C3AB-CE1C-4515-96FA-A57BCED63DF5}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{94C8C4C4-8632-4B6C-998D-C1ECFBC63523}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "TCP Query User{932CA54F-49E3-4D4A-A864-CCAA54BD20CA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{F4F8E69B-40BA-405C-BD82-2237C2AE3463}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{77DF3217-5272-47CC-8DBA-1101B32A5D27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{1F84B188-BFE2-4FD0-9250-88F6BEC8BBEF}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{6E30E2E8-F8F9-4295-BF15-28B63DFEDC74}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{C9581EA9-5CE7-419C-9E74-8C62834DE3D6}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C9A552AD-84B9-42F6-AC47-437E898F82B6}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4D69BB7C-0995-4A56-B788-EDE78F5EDEAF}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B4A249E-4B06-4E73-9D04-B9D0E9E48B68}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{0C8D9FB4-BE31-4A0D-832A-D2E570934E1A}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{1FC82F46-9F77-4191-A7E5-D4B98ACA6646}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{B9622CB5-EB26-4DEF-9F3E-150EB96C78E1}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{61D1E7E4-CE5A-427A-8F94-CC1A104C87B7}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C269D18D-2E5C-4592-8C30-358FEED71359}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4B1F9833-512C-4D7E-8F61-50B975A705E0}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B64E45C-5802-40D1-95D5-1F539FB9137E}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{D6DD97F8-43B4-43CF-AE3C-A8D541181EA1}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{48307B80-3264-46FB-B078-3366468C8810}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{3B963C37-3149-41CC-8450-F84F0D87B63F}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{38B24799-AD50-4759-ACDA-A799790B7EA3}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{78BF92EF-58C0-475F-B36A-C5CB0B0A5E1D}C:\\users\\gawel\\desktop\\viviplay.exe"= UDP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "UDP Query User{DB60AA64-5A66-4A56-9503-278736AB17F1}C:\\users\\gawel\\desktop\\viviplay.exe"= TCP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "{85107586-3806-4B67-BBC3-C0F9C52DD8A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{BF23537A-2CAB-4E9F-AA99-698848A1CDB3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{D266B7DB-B012-4802-8B20-F9145C464865}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{0595A42E-1164-4B80-A380-1DCD8B3FA3B4}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\Windows\system32\plcndis5.sys [2004-05-17 11:21] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] S3 VX6000;Microsoft LifeCam VX-6000;C:\Windows\system32\DRIVERS\VX6000Xp.sys [2007-04-10 14:46] S4 usbprint;Microsoft USB PRINTER Class;C:\Windows\system32\drivers\usbprint.sys [2006-11-02 11:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{873325f9-71be-11dc-95f5-001bb982436e}] \shell\AutoRun\command - ie.exe \shell\explore\Command - ie.exe \shell\open\Command - ie.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-16 23:20:41 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-05-16 23:22:19 ComboFix-quarantined-files.txt 2008-05-16 21:21:39 ComboFix2.txt 2008-05-15 21:41:34 ComboFix3.txt 2008-05-14 22:38:55 Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. 235 --- E O F --- 2008-05-15 06:50:23

oui et quand je confirme il ya le message qui apparait.

Ok je viens de suivre ta procédure mais quand j'ai trouver le ficher et que je veux le zipper il ya ce message d'erreur qui apparait: "le chemin d'accés n'existe pas. vérifiez le chemin d'accés et réssayez."

Je peux suprimer les suprimer maintenant ou pas? Ben le zip si je me suis pas planter fait 1.83Mo.

Puré je me rend compte que il y en avait un bonnnnnnnnnn paquet enfaite

Voici le rapport apres annalyse des mon PC avec Antivir: Que dois je faire une fois les virus en quarantaine? (Je crois savoir qu'il faut attendre un peux pour voir si l'ordi peut fonctionner sans les fichier) Avira AntiVir Personal Report file date: vendredi 16 mai 2008 00:55 Scanning for 1274495 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (plain) [6.0.6000] Boot mode: Normally booted Username: SYSTEM Computer name: PC-DE-GAWEL Version information: BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00 AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56 AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37 LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23 LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34 ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58 ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 22:53:30 ANTIVIR3.VDF : 7.0.4.46 307712 Bytes 15/05/2008 22:53:31 Engineversion : 8.1.0.46 AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21 AESCRIPT.DLL : 8.1.0.33 266618 Bytes 15/05/2008 22:53:39 AESCN.DLL : 8.1.0.18 119156 Bytes 15/05/2008 22:53:37 AERDL.DLL : 8.1.0.20 418165 Bytes 15/05/2008 22:53:37 AEPACK.DLL : 8.1.1.5 364918 Bytes 15/05/2008 22:53:36 AEOFFICE.DLL : 8.1.0.18 192890 Bytes 15/05/2008 22:53:35 AEHEUR.DLL : 8.1.0.29 1253750 Bytes 15/05/2008 22:53:34 AEHELP.DLL : 8.1.0.14 115063 Bytes 15/05/2008 22:53:33 AEGEN.DLL : 8.1.0.21 303477 Bytes 15/05/2008 22:53:32 AEEMU.DLL : 8.1.0.6 430451 Bytes 15/05/2008 22:53:32 AECORE.DLL : 8.1.0.29 168311 Bytes 15/05/2008 22:53:31 AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53 AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50 AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47 AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49 AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23 AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02 SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39 NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10 RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25 RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: vendredi 16 mai 2008 00:55 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'VSSVC.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'iPodService.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned Scan process 'kbd.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrB.exe' - '1' Module(s) have been scanned Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned Scan process 'NBService.exe' - '1' Module(s) have been scanned Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned Scan process 'ehmsas.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'ONENOTEM.EXE' - '1' Module(s) have been scanned Scan process 'ehtray.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned Scan process 'sidebar.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'wmdc.exe' - '1' Module(s) have been scanned Scan process 'SMSTray.exe' - '1' Module(s) have been scanned Scan process 'vVX6000.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'OSD.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'spoolsv.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'SLsvc.exe' - '1' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 66 processes with 66 modules were scanned Starting master boot sector scan: Master boot sector HD0 [iNFO] No virus was found! Master boot sector HD1 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD2 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD3 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Master boot sector HD4 [iNFO] No virus was found! [WARNING] Le périphérique n'est pas prêt. [iNFO] Please restart the search with Administrator rights Start scanning boot sectors: Boot sector 'C:\' [iNFO] No virus was found! Boot sector 'D:\' [iNFO] No virus was found! Starting to scan the registry. c:\hp\support\hpsysdrv.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL [NOTE] The file was moved to '489fbfe1.qua'! The registry was scanned ( '17' files ). Starting the file scan: Begin scan in 'C:\' <HP> C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! C:\QooBox.rar [0] Archive type: RAR --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\data.oct.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ABBYY_FineReader_OCR_Professional_8.0.zip.vir [1] Archive type: ZIP --> ABBYY_FineReader_OCR_Professional_8.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Access_Password_Recovery_Helper_1.62.zip.vir [1] Archive type: ZIP --> Access_Password_Recovery_Helper_1.62.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Advanced_PDF_Password_Recovery_Pro_2.21.zip.vir [1] Archive type: ZIP --> Advanced_PDF_Password_Recovery_Pro_2.21.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AGDL_5_Bhoomika_Chawla_Wallpapers_1.zip.vir [1] Archive type: ZIP --> AGDL_5_Bhoomika_Chawla_Wallpapers_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Ankrie_ImageCutter_1.0_Serial.zip.vir [1] Archive type: ZIP --> Ankrie_ImageCutter_1.0_Serial.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AntiHook_3.0.0.23.zip.vir [1] Archive type: ZIP --> AntiHook_3.0.0.23.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AppAway_1.0.zip.vir [1] Archive type: ZIP --> AppAway_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Asp.Net_Shopping_Cart_Lite_Edition_2.0.zip.vir [1] Archive type: ZIP --> Asp.Net_Shopping_Cart_Lite_Edition_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Auto_Shutdown_1.2.zip.vir [1] Archive type: ZIP --> Auto_Shutdown_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Autumn_XP_Falls_Screensaver_1.0.zip.vir [1] Archive type: ZIP --> Autumn_XP_Falls_Screensaver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.zip.vir [1] Archive type: ZIP --> Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Avast.Antivirus.HomeEdition.zip.vir [1] Archive type: ZIP --> Avast.Antivirus.HomeEdition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AVI_Frame_Rate_Changer_1.10.zip.vir [1] Archive type: ZIP --> AVI_Frame_Rate_Changer_1.10.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Big_Mountain_4.39_(Patch).zip.vir [1] Archive type: ZIP --> Big_Mountain_4.39_(Patch).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Bitdefender.v9.Pro.Plus.FR.zip.vir [1] Archive type: ZIP --> Bitdefender.v9.Pro.Plus.FR.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Blue_Byte_File_Editor_1.0.zip.vir [1] Archive type: ZIP --> Blue_Byte_File_Editor_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\BudgetKel_1.0.zip.vir [1] Archive type: ZIP --> BudgetKel_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Budget_Sheet_Manager_4.0.zip.vir [1] Archive type: ZIP --> Budget_Sheet_Manager_4.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Calodiet_2007_07.03.30.zip.vir [1] Archive type: ZIP --> Calodiet_2007_07.03.30.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\CD_FrontEnd_Lite_3.0_[KeyGen].zip.vir [1] Archive type: ZIP --> CD_FrontEnd_Lite_3.0_[KeyGen].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Colorado_Web_Cams_1.1.zip.vir [1] Archive type: ZIP --> Colorado_Web_Cams_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Command_&_Conquer_Renegade_-_map_pack_4.zip.vir [1] Archive type: ZIP --> Command_&_Conquer_Renegade_-_map_pack_4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Completely_Gone_1.12_Key.zip.vir [1] Archive type: ZIP --> Completely_Gone_1.12_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Crypt_Keeper_WP_0.001.zip.vir [1] Archive type: ZIP --> Crypt_Keeper_WP_0.001.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\daER_3.5.zip.vir [1] Archive type: ZIP --> daER_3.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Data_Doctor_Recovery_Removable_Media_2.0.1.5.zip.vir [1] Archive type: ZIP --> Data_Doctor_Recovery_Removable_Media_2.0.1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.zip.vir [1] Archive type: ZIP --> Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Doom_3_Church_of_Ruins_map.zip.vir [1] Archive type: ZIP --> Doom_3_Church_of_Ruins_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DotNetPanel_2.1.0.zip.vir [1] Archive type: ZIP --> DotNetPanel_2.1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\drweb_432b_key.zip.vir [1] Archive type: ZIP --> drweb_432b_key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DUNDUP_1.20_beta_1.zip.vir [1] Archive type: ZIP --> DUNDUP_1.20_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DVDPizza_1.0.15_Patch.zip.vir [1] Archive type: ZIP --> DVDPizza_1.0.15_Patch.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DynamicMagic_4.0_[Patch].zip.vir [1] Archive type: ZIP --> DynamicMagic_4.0_[Patch].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\E-Diary_Gold_2004.07.03.zip.vir [1] Archive type: ZIP --> E-Diary_Gold_2004.07.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Easysoft_ODBC-Firebird_Driver_1.0.zip.vir [1] Archive type: ZIP --> Easysoft_ODBC-Firebird_Driver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Enterprise_Manager_PassView_1.00.zip.vir [1] Archive type: ZIP --> Enterprise_Manager_PassView_1.00.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\eRanch_1.zip.vir [1] Archive type: ZIP --> eRanch_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Experience_WWII_mod_(Battlefield_1942)_2.4_beta.zip.vir [1] Archive type: ZIP --> Experience_WWII_mod_(Battlefield_1942)_2.4_beta.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\FantasyCodec_2.9_Build_1018.zip.vir [1] Archive type: ZIP --> FantasyCodec_2.9_Build_1018.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\File-Ease_1.05.00_[Cracked].zip.vir [1] Archive type: ZIP --> File-Ease_1.05.00_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Flip_Screensaver_1.1.6.zip.vir [1] Archive type: ZIP --> Flip_Screensaver_1.1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\FlowChartX_control_4.1.1.zip.vir [1] Archive type: ZIP --> FlowChartX_control_4.1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\GUIz_1.12.zip.vir [1] Archive type: ZIP --> GUIz_1.12.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.zip.vir [1] Archive type: ZIP --> Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Heatsoft_Automatic_Synchronizer_1.08.zip.vir [1] Archive type: ZIP --> Heatsoft_Automatic_Synchronizer_1.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Hours_and_Minutes_1.6_build_2314.zip.vir [1] Archive type: ZIP --> Hours_and_Minutes_1.6_build_2314.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\HTTP-Tunnel_Client_4.0.3065.zip.vir [1] Archive type: ZIP --> HTTP-Tunnel_Client_4.0.3065.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Hunter_Dictionary_1.0.zip.vir [1] Archive type: ZIP --> Hunter_Dictionary_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\i.Vista_Panorama_1.0.zip.vir [1] Archive type: ZIP --> i.Vista_Panorama_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\iBreeder_2.0.9.zip.vir [1] Archive type: ZIP --> iBreeder_2.0.9.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ICQ_Password_Spy_1.zip.vir [1] Archive type: ZIP --> ICQ_Password_Spy_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IE_Contacts_Spy_1.50_(Key).zip.vir [1] Archive type: ZIP --> IE_Contacts_Spy_1.50_(Key).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Invoice_Sheet_Manager_5.0.zip.vir [1] Archive type: ZIP --> Invoice_Sheet_Manager_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IPD_LAN_Manager_and_Tools_3.3_Key.zip.vir [1] Archive type: ZIP --> IPD_LAN_Manager_and_Tools_3.3_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IQ_Backup_1.4.zip.vir [1] Archive type: ZIP --> IQ_Backup_1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\JeRM_Image_To_ASCII_Art_1.0.0.2.zip.vir [1] Archive type: ZIP --> JeRM_Image_To_ASCII_Art_1.0.0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.zip.vir [1] Archive type: ZIP --> Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.zip.vir [1] Archive type: ZIP --> Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kernel_Palm_PDB_4.03.zip.vir [1] Archive type: ZIP --> Kernel_Palm_PDB_4.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\KozMos_AutoTableX_3.5.61231_[With_Crack].zip.vir [1] Archive type: ZIP --> KozMos_AutoTableX_3.5.61231_[With_Crack].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\KyoSoft_Earth_Screensaver_1.1.26.zip.vir [1] Archive type: ZIP --> KyoSoft_Earth_Screensaver_1.1.26.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Lyrics_Search_1.6.zip.vir [1] Archive type: ZIP --> Lyrics_Search_1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ManageEngine_WiFi_Manager_5.6.zip.vir [1] Archive type: ZIP --> ManageEngine_WiFi_Manager_5.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Matrox_G200_OpenGL_ICD_Drivers_beta_1.zip.vir [1] Archive type: ZIP --> Matrox_G200_OpenGL_ICD_Drivers_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).zip.vir [1] Archive type: ZIP --> Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Microsoft_CD-ROM_Changer_Drivers_4.00.950.zip.vir [1] Archive type: ZIP --> Microsoft_CD-ROM_Changer_Drivers_4.00.950.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MindSoft_Pocket_CleanUp_2.0.2003.zip.vir [1] Archive type: ZIP --> MindSoft_Pocket_CleanUp_2.0.2003.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Miro_0.9.8.1_Public_Preview_1.zip.vir [1] Archive type: ZIP --> Miro_0.9.8.1_Public_Preview_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MultiPing_1.01.2.zip.vir [1] Archive type: ZIP --> MultiPing_1.01.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MyVideoSoft_6.08.zip.vir [1] Archive type: ZIP --> MyVideoSoft_6.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\My_Reminder_1.0.zip.vir [1] Archive type: ZIP --> My_Reminder_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NaPalm_Runner_1.04.01.zip.vir [1] Archive type: ZIP --> NaPalm_Runner_1.04.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Net232_1.04_[Cracked].zip.vir [1] Archive type: ZIP --> Net232_1.04_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NewsInjector_1.2.1.zip.vir [1] Archive type: ZIP --> NewsInjector_1.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NOD32.2.51.26.ITA.zip.vir [1] Archive type: ZIP --> NOD32.2.51.26.ITA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NOD32.win9598ME.crack.zip.vir [1] Archive type: ZIP --> NOD32.win9598ME.crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Numerology_Master_Program_5.0.zip.vir [1] Archive type: ZIP --> Numerology_Master_Program_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Object_Dropper_3D_2.0_Key.zip.vir [1] Archive type: ZIP --> Object_Dropper_3D_2.0_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\OCTeam_RSS_feed_2.0.zip.vir [1] Archive type: ZIP --> OCTeam_RSS_feed_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\OEWakeUp_1.0.1.zip.vir [1] Archive type: ZIP --> OEWakeUp_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Oscillator_Timing_Calculator_1.0_(KeyGen).zip.vir [1] Archive type: ZIP --> Oscillator_Timing_Calculator_1.0_(KeyGen).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\PAL_Keylogger_1.01.zip.vir [1] Archive type: ZIP --> PAL_Keylogger_1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Part_It_3.02.zip.vir [1] Archive type: ZIP --> Part_It_3.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Passion_Clock_ScreenSaver_2.3.zip.vir [1] Archive type: ZIP --> Passion_Clock_ScreenSaver_2.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Password_Retriever_5.3.4.zip.vir [1] Archive type: ZIP --> Password_Retriever_5.3.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\PC_Guard_for_Win32_5.01.0590.zip.vir [1] Archive type: ZIP --> PC_Guard_for_Win32_5.01.0590.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixbyte_Burning_SDK_1.5.1.zip.vir [1] Archive type: ZIP --> Pixbyte_Burning_SDK_1.5.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixel_1.0_Beta6_bld_560.zip.vir [1] Archive type: ZIP --> Pixel_1.0_Beta6_bld_560.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixel_Grease_-_Easy_Image_Editor_2.0.zip.vir [1] Archive type: ZIP --> Pixel_Grease_-_Easy_Image_Editor_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Purge_(Confidential_Files_Eraser)_1.06.zip.vir [1] Archive type: ZIP --> Purge_(Confidential_Files_Eraser)_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Quicken_Password_Recovery_Key_8.0_build_2514.zip.vir [1] Archive type: ZIP --> Quicken_Password_Recovery_Key_8.0_build_2514.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ReTreeval_1.00a_With_Crack.zip.vir [1] Archive type: ZIP --> ReTreeval_1.00a_With_Crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Save_Message_Action_for_InboxRULES_2.10_Cracked.zip.vir [1] Archive type: ZIP --> Save_Message_Action_for_InboxRULES_2.10_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Scrabble_Rack_Attack.zip.vir [1] Archive type: ZIP --> Scrabble_Rack_Attack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SCWebCam_3.5.14.zip.vir [1] Archive type: ZIP --> SCWebCam_3.5.14.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Sinope_Summarizer_PE_Trial_1.2.zip.vir [1] Archive type: ZIP --> Sinope_Summarizer_PE_Trial_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Snap_Font_1.0.zip.vir [1] Archive type: ZIP --> Snap_Font_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SonicClick_1.0.1.zip.vir [1] Archive type: ZIP --> SonicClick_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SQL_Server_Critical_Update_Tools_8.00.0194.zip.vir [1] Archive type: ZIP --> SQL_Server_Critical_Update_Tools_8.00.0194.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\StepUp_3.0.5.zip.vir [1] Archive type: ZIP --> StepUp_3.0.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SubTool_2.6.zip.vir [1] Archive type: ZIP --> SubTool_2.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Supreme_Auction_2.zip.vir [1] Archive type: ZIP --> Supreme_Auction_2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SyncTime_Deluxe_1.1.zip.vir [1] Archive type: ZIP --> SyncTime_Deluxe_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\System_Tray_Icons_ActiveX_Control_1.06.zip.vir [1] Archive type: ZIP --> System_Tray_Icons_ActiveX_Control_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TableTools_0.20.zip.vir [1] Archive type: ZIP --> TableTools_0.20.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\The_Bible_Collection.zip.vir [1] Archive type: ZIP --> The_Bible_Collection.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Tiny_Watcher_1.5.zip.vir [1] Archive type: ZIP --> Tiny_Watcher_1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Touch_It_1.2.7.0.zip.vir [1] Archive type: ZIP --> Touch_It_1.2.7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TrayDay_7.02.zip.vir [1] Archive type: ZIP --> TrayDay_7.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TribalWeb_2.40.zip.vir [1] Archive type: ZIP --> TribalWeb_2.40.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TurboFTP_SDK_1.2.zip.vir [1] Archive type: ZIP --> TurboFTP_SDK_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Uninstaller_for_Total_Commander_1.7.3d.zip.vir [1] Archive type: ZIP --> Uninstaller_for_Total_Commander_1.7.3d.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\UninstallKing2005_2.18_Cracked.zip.vir [1] Archive type: ZIP --> UninstallKing2005_2.18_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2003_-_Bulldog_Support_mod.zip.vir [1] Archive type: ZIP --> Unreal_Tournament_2003_-_Bulldog_Support_mod.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2004_AS_HMStormWitch_map.zip.vir [1] Archive type: ZIP --> Unreal_Tournament_2004_AS_HMStormWitch_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Update_To_Pixel_Penguins_4.06.18.zip.vir [1] Archive type: ZIP --> Update_To_Pixel_Penguins_4.06.18.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\UPX_Tool+_1.1.zip.vir [1] Archive type: ZIP --> UPX_Tool+_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\urlStart_1.0.2.1.zip.vir [1] Archive type: ZIP --> urlStart_1.0.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\WAV_Joiner_3.0.0.zip.vir [1] Archive type: ZIP --> WAV_Joiner_3.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\WinX_Burner_Master_3.2.20.152_Build_0610.zip.vir [1] Archive type: ZIP --> WinX_Burner_Master_3.2.20.152_Build_0610.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).zip.vir [1] Archive type: ZIP --> World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.zip.vir [1] Archive type: ZIP --> Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Xtreme_Importer_1.0_[Cracked].zip.vir [1] Archive type: ZIP --> Xtreme_Importer_1.0_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox\Quarantine\C\Windows\System32\1.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\113038.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\113865.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\122055.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\123615.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\125892.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\1265230.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\1291438.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\133396.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\139620.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\14695855.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\14742656.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\14784979.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\1482103.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\14880810.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\1506813.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\15550179.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\15565327.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\16160190.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\16178270.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\177872.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\185375.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\217059.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\231661.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\29429245.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\29540536.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\29557057.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\30808793.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\30831553.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\313655.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\335214.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\384355.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\404728.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\44010315.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\44154569.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\44171620.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\45466366.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\69451.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\72041.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\75457.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\83039.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\89731.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\90433.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\93725.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\downld\95566.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox\Quarantine\C\Windows\System32\drivers\downld\984303.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\hldrrr.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.zip [1] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\C\Windows\System32\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\C\Windows\System32\wintems.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox\Quarantine\catchme2008-05-15_ 02907,76.zip [1] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen --> wintems.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> mdelk.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> hldrrr.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL --> mdelk.exe.1 [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL [NOTE] The file was moved to '489bbffb.qua'! C:\QooBox.zip [0] Archive type: ZIP --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/data.oct.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/ABBYY_FineReader_OCR_Professional_8.0.zip.vir [1] Archive type: ZIP --> ABBYY_FineReader_OCR_Professional_8.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Access_Password_Recovery_Helper_1.62.zip.vir [1] Archive type: ZIP --> Access_Password_Recovery_Helper_1.62.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Advanced_PDF_Password_Recovery_Pro_2.21.zip.vir [1] Archive type: ZIP --> Advanced_PDF_Password_Recovery_Pro_2.21.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/AGDL_5_Bhoomika_Chawla_Wallpapers_1.zip.vir [1] Archive type: ZIP --> AGDL_5_Bhoomika_Chawla_Wallpapers_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Ankrie_ImageCutter_1.0_Serial.zip.vir [1] Archive type: ZIP --> Ankrie_ImageCutter_1.0_Serial.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/AntiHook_3.0.0.23.zip.vir [1] Archive type: ZIP --> AntiHook_3.0.0.23.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/AppAway_1.0.zip.vir [1] Archive type: ZIP --> AppAway_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Asp.Net_Shopping_Cart_Lite_Edition_2.0.zip.vir [1] Archive type: ZIP --> Asp.Net_Shopping_Cart_Lite_Edition_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Auto_Shutdown_1.2.zip.vir [1] Archive type: ZIP --> Auto_Shutdown_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Autumn_XP_Falls_Screensaver_1.0.zip.vir [1] Archive type: ZIP --> Autumn_XP_Falls_Screensaver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.zip.vir [1] Archive type: ZIP --> Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Avast.Antivirus.HomeEdition.zip.vir [1] Archive type: ZIP --> Avast.Antivirus.HomeEdition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/AVI_Frame_Rate_Changer_1.10.zip.vir [1] Archive type: ZIP --> AVI_Frame_Rate_Changer_1.10.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Big_Mountain_4.39_(Patch).zip.vir [1] Archive type: ZIP --> Big_Mountain_4.39_(Patch).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Bitdefender.v9.Pro.Plus.FR.zip.vir [1] Archive type: ZIP --> Bitdefender.v9.Pro.Plus.FR.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Blue_Byte_File_Editor_1.0.zip.vir [1] Archive type: ZIP --> Blue_Byte_File_Editor_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/BudgetKel_1.0.zip.vir [1] Archive type: ZIP --> BudgetKel_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Budget_Sheet_Manager_4.0.zip.vir [1] Archive type: ZIP --> Budget_Sheet_Manager_4.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Calodiet_2007_07.03.30.zip.vir [1] Archive type: ZIP --> Calodiet_2007_07.03.30.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/CD_FrontEnd_Lite_3.0_[KeyGen].zip.vir [1] Archive type: ZIP --> CD_FrontEnd_Lite_3.0_[KeyGen].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Colorado_Web_Cams_1.1.zip.vir [1] Archive type: ZIP --> Colorado_Web_Cams_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Command_&_Conquer_Renegade_-_map_pack_4.zip.vir [1] Archive type: ZIP --> Command_&_Conquer_Renegade_-_map_pack_4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Completely_Gone_1.12_Key.zip.vir [1] Archive type: ZIP --> Completely_Gone_1.12_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Crypt_Keeper_WP_0.001.zip.vir [1] Archive type: ZIP --> Crypt_Keeper_WP_0.001.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/daER_3.5.zip.vir [1] Archive type: ZIP --> daER_3.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Data_Doctor_Recovery_Removable_Media_2.0.1.5.zip.vir [1] Archive type: ZIP --> Data_Doctor_Recovery_Removable_Media_2.0.1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.zip.vir [1] Archive type: ZIP --> Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Doom_3_Church_of_Ruins_map.zip.vir [1] Archive type: ZIP --> Doom_3_Church_of_Ruins_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/DotNetPanel_2.1.0.zip.vir [1] Archive type: ZIP --> DotNetPanel_2.1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/drweb_432b_key.zip.vir [1] Archive type: ZIP --> drweb_432b_key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/DUNDUP_1.20_beta_1.zip.vir [1] Archive type: ZIP --> DUNDUP_1.20_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/DVDPizza_1.0.15_Patch.zip.vir [1] Archive type: ZIP --> DVDPizza_1.0.15_Patch.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/DynamicMagic_4.0_[Patch].zip.vir [1] Archive type: ZIP --> DynamicMagic_4.0_[Patch].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/E-Diary_Gold_2004.07.03.zip.vir [1] Archive type: ZIP --> E-Diary_Gold_2004.07.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Easysoft_ODBC-Firebird_Driver_1.0.zip.vir [1] Archive type: ZIP --> Easysoft_ODBC-Firebird_Driver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Enterprise_Manager_PassView_1.00.zip.vir [1] Archive type: ZIP --> Enterprise_Manager_PassView_1.00.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/eRanch_1.zip.vir [1] Archive type: ZIP --> eRanch_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Experience_WWII_mod_(Battlefield_1942)_2.4_beta.zip.vir [1] Archive type: ZIP --> Experience_WWII_mod_(Battlefield_1942)_2.4_beta.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/FantasyCodec_2.9_Build_1018.zip.vir [1] Archive type: ZIP --> FantasyCodec_2.9_Build_1018.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/File-Ease_1.05.00_[Cracked].zip.vir [1] Archive type: ZIP --> File-Ease_1.05.00_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Flip_Screensaver_1.1.6.zip.vir [1] Archive type: ZIP --> Flip_Screensaver_1.1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/FlowChartX_control_4.1.1.zip.vir [1] Archive type: ZIP --> FlowChartX_control_4.1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/GUIz_1.12.zip.vir [1] Archive type: ZIP --> GUIz_1.12.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.zip.vir [1] Archive type: ZIP --> Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Heatsoft_Automatic_Synchronizer_1.08.zip.vir [1] Archive type: ZIP --> Heatsoft_Automatic_Synchronizer_1.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Hours_and_Minutes_1.6_build_2314.zip.vir [1] Archive type: ZIP --> Hours_and_Minutes_1.6_build_2314.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/HTTP-Tunnel_Client_4.0.3065.zip.vir [1] Archive type: ZIP --> HTTP-Tunnel_Client_4.0.3065.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Hunter_Dictionary_1.0.zip.vir [1] Archive type: ZIP --> Hunter_Dictionary_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/i.Vista_Panorama_1.0.zip.vir [1] Archive type: ZIP --> i.Vista_Panorama_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/iBreeder_2.0.9.zip.vir [1] Archive type: ZIP --> iBreeder_2.0.9.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/ICQ_Password_Spy_1.zip.vir [1] Archive type: ZIP --> ICQ_Password_Spy_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/IE_Contacts_Spy_1.50_(Key).zip.vir [1] Archive type: ZIP --> IE_Contacts_Spy_1.50_(Key).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Invoice_Sheet_Manager_5.0.zip.vir [1] Archive type: ZIP --> Invoice_Sheet_Manager_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/IPD_LAN_Manager_and_Tools_3.3_Key.zip.vir [1] Archive type: ZIP --> IPD_LAN_Manager_and_Tools_3.3_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/IQ_Backup_1.4.zip.vir [1] Archive type: ZIP --> IQ_Backup_1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/JeRM_Image_To_ASCII_Art_1.0.0.2.zip.vir [1] Archive type: ZIP --> JeRM_Image_To_ASCII_Art_1.0.0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.zip.vir [1] Archive type: ZIP --> Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.zip.vir [1] Archive type: ZIP --> Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Kernel_Palm_PDB_4.03.zip.vir [1] Archive type: ZIP --> Kernel_Palm_PDB_4.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/KozMos_AutoTableX_3.5.61231_[With_Crack].zip.vir [1] Archive type: ZIP --> KozMos_AutoTableX_3.5.61231_[With_Crack].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/KyoSoft_Earth_Screensaver_1.1.26.zip.vir [1] Archive type: ZIP --> KyoSoft_Earth_Screensaver_1.1.26.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Lyrics_Search_1.6.zip.vir [1] Archive type: ZIP --> Lyrics_Search_1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/ManageEngine_WiFi_Manager_5.6.zip.vir [1] Archive type: ZIP --> ManageEngine_WiFi_Manager_5.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Matrox_G200_OpenGL_ICD_Drivers_beta_1.zip.vir [1] Archive type: ZIP --> Matrox_G200_OpenGL_ICD_Drivers_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).zip.vir [1] Archive type: ZIP --> Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Microsoft_CD-ROM_Changer_Drivers_4.00.950.zip.vir [1] Archive type: ZIP --> Microsoft_CD-ROM_Changer_Drivers_4.00.950.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/MindSoft_Pocket_CleanUp_2.0.2003.zip.vir [1] Archive type: ZIP --> MindSoft_Pocket_CleanUp_2.0.2003.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Miro_0.9.8.1_Public_Preview_1.zip.vir [1] Archive type: ZIP --> Miro_0.9.8.1_Public_Preview_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/MultiPing_1.01.2.zip.vir [1] Archive type: ZIP --> MultiPing_1.01.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/MyVideoSoft_6.08.zip.vir [1] Archive type: ZIP --> MyVideoSoft_6.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/My_Reminder_1.0.zip.vir [1] Archive type: ZIP --> My_Reminder_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/NaPalm_Runner_1.04.01.zip.vir [1] Archive type: ZIP --> NaPalm_Runner_1.04.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Net232_1.04_[Cracked].zip.vir [1] Archive type: ZIP --> Net232_1.04_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/NewsInjector_1.2.1.zip.vir [1] Archive type: ZIP --> NewsInjector_1.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/NOD32.2.51.26.ITA.zip.vir [1] Archive type: ZIP --> NOD32.2.51.26.ITA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/NOD32.win9598ME.crack.zip.vir [1] Archive type: ZIP --> NOD32.win9598ME.crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Numerology_Master_Program_5.0.zip.vir [1] Archive type: ZIP --> Numerology_Master_Program_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Object_Dropper_3D_2.0_Key.zip.vir [1] Archive type: ZIP --> Object_Dropper_3D_2.0_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/OCTeam_RSS_feed_2.0.zip.vir [1] Archive type: ZIP --> OCTeam_RSS_feed_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/OEWakeUp_1.0.1.zip.vir [1] Archive type: ZIP --> OEWakeUp_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Oscillator_Timing_Calculator_1.0_(KeyGen).zip.vir [1] Archive type: ZIP --> Oscillator_Timing_Calculator_1.0_(KeyGen).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/PAL_Keylogger_1.01.zip.vir [1] Archive type: ZIP --> PAL_Keylogger_1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Part_It_3.02.zip.vir [1] Archive type: ZIP --> Part_It_3.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Passion_Clock_ScreenSaver_2.3.zip.vir [1] Archive type: ZIP --> Passion_Clock_ScreenSaver_2.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Password_Retriever_5.3.4.zip.vir [1] Archive type: ZIP --> Password_Retriever_5.3.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/PC_Guard_for_Win32_5.01.0590.zip.vir [1] Archive type: ZIP --> PC_Guard_for_Win32_5.01.0590.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Pixbyte_Burning_SDK_1.5.1.zip.vir [1] Archive type: ZIP --> Pixbyte_Burning_SDK_1.5.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Pixel_1.0_Beta6_bld_560.zip.vir [1] Archive type: ZIP --> Pixel_1.0_Beta6_bld_560.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Pixel_Grease_-_Easy_Image_Editor_2.0.zip.vir [1] Archive type: ZIP --> Pixel_Grease_-_Easy_Image_Editor_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Purge_(Confidential_Files_Eraser)_1.06.zip.vir [1] Archive type: ZIP --> Purge_(Confidential_Files_Eraser)_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Quicken_Password_Recovery_Key_8.0_build_2514.zip.vir [1] Archive type: ZIP --> Quicken_Password_Recovery_Key_8.0_build_2514.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/ReTreeval_1.00a_With_Crack.zip.vir [1] Archive type: ZIP --> ReTreeval_1.00a_With_Crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Save_Message_Action_for_InboxRULES_2.10_Cracked.zip.vir [1] Archive type: ZIP --> Save_Message_Action_for_InboxRULES_2.10_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Scrabble_Rack_Attack.zip.vir [1] Archive type: ZIP --> Scrabble_Rack_Attack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/SCWebCam_3.5.14.zip.vir [1] Archive type: ZIP --> SCWebCam_3.5.14.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Sinope_Summarizer_PE_Trial_1.2.zip.vir [1] Archive type: ZIP --> Sinope_Summarizer_PE_Trial_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Snap_Font_1.0.zip.vir [1] Archive type: ZIP --> Snap_Font_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/SonicClick_1.0.1.zip.vir [1] Archive type: ZIP --> SonicClick_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/SQL_Server_Critical_Update_Tools_8.00.0194.zip.vir [1] Archive type: ZIP --> SQL_Server_Critical_Update_Tools_8.00.0194.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/StepUp_3.0.5.zip.vir [1] Archive type: ZIP --> StepUp_3.0.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/SubTool_2.6.zip.vir [1] Archive type: ZIP --> SubTool_2.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Supreme_Auction_2.zip.vir [1] Archive type: ZIP --> Supreme_Auction_2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/SyncTime_Deluxe_1.1.zip.vir [1] Archive type: ZIP --> SyncTime_Deluxe_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/System_Tray_Icons_ActiveX_Control_1.06.zip.vir [1] Archive type: ZIP --> System_Tray_Icons_ActiveX_Control_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/TableTools_0.20.zip.vir [1] Archive type: ZIP --> TableTools_0.20.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/The_Bible_Collection.zip.vir [1] Archive type: ZIP --> The_Bible_Collection.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Tiny_Watcher_1.5.zip.vir [1] Archive type: ZIP --> Tiny_Watcher_1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Touch_It_1.2.7.0.zip.vir [1] Archive type: ZIP --> Touch_It_1.2.7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/TrayDay_7.02.zip.vir [1] Archive type: ZIP --> TrayDay_7.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/TribalWeb_2.40.zip.vir [1] Archive type: ZIP --> TribalWeb_2.40.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/TurboFTP_SDK_1.2.zip.vir [1] Archive type: ZIP --> TurboFTP_SDK_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Uninstaller_for_Total_Commander_1.7.3d.zip.vir [1] Archive type: ZIP --> Uninstaller_for_Total_Commander_1.7.3d.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/UninstallKing2005_2.18_Cracked.zip.vir [1] Archive type: ZIP --> UninstallKing2005_2.18_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Unreal_Tournament_2003_-_Bulldog_Support_mod.zip.vir [1] Archive type: ZIP --> Unreal_Tournament_2003_-_Bulldog_Support_mod.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Unreal_Tournament_2004_AS_HMStormWitch_map.zip.vir [1] Archive type: ZIP --> Unreal_Tournament_2004_AS_HMStormWitch_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Update_To_Pixel_Penguins_4.06.18.zip.vir [1] Archive type: ZIP --> Update_To_Pixel_Penguins_4.06.18.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/UPX_Tool+_1.1.zip.vir [1] Archive type: ZIP --> UPX_Tool+_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/urlStart_1.0.2.1.zip.vir [1] Archive type: ZIP --> urlStart_1.0.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/WAV_Joiner_3.0.0.zip.vir [1] Archive type: ZIP --> WAV_Joiner_3.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/WinX_Burner_Master_3.2.20.152_Build_0610.zip.vir [1] Archive type: ZIP --> WinX_Burner_Master_3.2.20.152_Build_0610.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).zip.vir [1] Archive type: ZIP --> World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.zip.vir [1] Archive type: ZIP --> Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Users/GaWeL/AppData/Roaming/m/shared/Xtreme_Importer_1.0_[Cracked].zip.vir [1] Archive type: ZIP --> Xtreme_Importer_1.0_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD --> QooBox/Quarantine/C/Windows/System32/1.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/113038.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/113865.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/122055.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/123615.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/125892.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/1265230.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/1291438.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/133396.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/139620.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/14695855.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/14742656.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/14784979.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/1482103.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/14880810.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/1506813.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/15550179.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/15565327.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/16160190.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/16178270.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/177872.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/185375.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/217059.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/231661.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/29429245.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/29540536.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/29557057.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/30808793.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/30831553.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/313655.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/335214.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/384355.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/404728.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/44010315.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/44154569.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/44171620.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/45466366.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/69451.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/72041.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/75457.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/83039.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/89731.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/90433.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/93725.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/downld/95566.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> QooBox/Quarantine/C/Windows/System32/drivers/downld/984303.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/hldrrr.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/srosa.sys.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/C/Windows/System32/drivers/srosa.sys.zip [1] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/C/Windows/System32/mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/C/Windows/System32/wintems.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen --> QooBox/Quarantine/catchme2008-05-15_ 02907,76.zip [1] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen --> wintems.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> mdelk.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> hldrrr.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL --> mdelk.exe.1 [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL [NOTE] The file was moved to '489bc037.qua'! C:\QooBox\Quarantine\catchme2008-05-15_ 02907,76.zip [0] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen --> wintems.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> mdelk.exe [DETECTION] Is the Trojan horse TR/Bagle.Gen.B --> hldrrr.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL --> mdelk.exe.1 [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NL [NOTE] The file was moved to '48a0c563.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\data.oct.vir [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c569.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ABBYY_FineReader_OCR_Professional_8.0.zip.vir [0] Archive type: ZIP --> ABBYY_FineReader_OCR_Professional_8.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '486ec54d.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Access_Password_Recovery_Helper_1.62.zip.vir [0] Archive type: ZIP --> Access_Password_Recovery_Helper_1.62.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488fc571.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Advanced_PDF_Password_Recovery_Pro_2.21.zip.vir [0] Archive type: ZIP --> Advanced_PDF_Password_Recovery_Pro_2.21.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a2c576.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AGDL_5_Bhoomika_Chawla_Wallpapers_1.zip.vir [0] Archive type: ZIP --> AGDL_5_Bhoomika_Chawla_Wallpapers_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4870c55c.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Ankrie_ImageCutter_1.0_Serial.zip.vir [0] Archive type: ZIP --> Ankrie_ImageCutter_1.0_Serial.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4897c587.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AntiHook_3.0.0.23.zip.vir [0] Archive type: ZIP --> AntiHook_3.0.0.23.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c58b.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AppAway_1.0.zip.vir [0] Archive type: ZIP --> AppAway_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489cc590.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Asp.Net_Shopping_Cart_Lite_Edition_2.0.zip.vir [0] Archive type: ZIP --> Asp.Net_Shopping_Cart_Lite_Edition_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489cc596.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Auto_Shutdown_1.2.zip.vir [0] Archive type: ZIP --> Auto_Shutdown_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c59b.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Autumn_XP_Falls_Screensaver_1.0.zip.vir [0] Archive type: ZIP --> Autumn_XP_Falls_Screensaver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c59e.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.zip.vir [0] Archive type: ZIP --> Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc5a1.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Avast.Antivirus.HomeEdition.zip.vir [0] Archive type: ZIP --> Avast.Antivirus.HomeEdition.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc5a4.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\AVI_Frame_Rate_Changer_1.10.zip.vir [0] Archive type: ZIP --> AVI_Frame_Rate_Changer_1.10.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4875c587.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Big_Mountain_4.39_(Patch).zip.vir [0] Archive type: ZIP --> Big_Mountain_4.39_(Patch).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4893c59d.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Bitdefender.v9.Pro.Plus.FR.zip.vir [0] Archive type: ZIP --> Bitdefender.v9.Pro.Plus.FR.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c5a1.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Blue_Byte_File_Editor_1.0.zip.vir [0] Archive type: ZIP --> Blue_Byte_File_Editor_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a1c5a7.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\BudgetKel_1.0.zip.vir [0] Archive type: ZIP --> BudgetKel_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4890c5b4.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Budget_Sheet_Manager_4.0.zip.vir [0] Archive type: ZIP --> Budget_Sheet_Manager_4.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4890c5bd.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Calodiet_2007_07.03.30.zip.vir [0] Archive type: ZIP --> Calodiet_2007_07.03.30.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c5ae.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\CD_FrontEnd_Lite_3.0_[KeyGen].zip.vir [0] Archive type: ZIP --> CD_FrontEnd_Lite_3.0_[KeyGen].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488bc594.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Colorado_Web_Cams_1.1.zip.vir [0] Archive type: ZIP --> Colorado_Web_Cams_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c5c5.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Command_&_Conquer_Renegade_-_map_pack_4.zip.vir [0] Archive type: ZIP --> Command_&_Conquer_Renegade_-_map_pack_4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4899c5c8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Completely_Gone_1.12_Key.zip.vir [0] Archive type: ZIP --> Completely_Gone_1.12_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4899c5cc.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Crypt_Keeper_WP_0.001.zip.vir [0] Archive type: ZIP --> Crypt_Keeper_WP_0.001.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a5c5d3.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\daER_3.5.zip.vir [0] Archive type: ZIP --> daER_3.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4871c5c5.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Data_Doctor_Recovery_Removable_Media_2.0.1.5.zip.vir [0] Archive type: ZIP --> Data_Doctor_Recovery_Removable_Media_2.0.1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c5cc.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.zip.vir [0] Archive type: ZIP --> Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc5d5.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Doom_3_Church_of_Ruins_map.zip.vir [0] Archive type: ZIP --> Doom_3_Church_of_Ruins_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489bc5e1.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DotNetPanel_2.1.0.zip.vir [0] Archive type: ZIP --> DotNetPanel_2.1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c5e4.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\drweb_432b_key.zip.vir [0] Archive type: ZIP --> drweb_432b_key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a3c5e9.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DUNDUP_1.20_beta_1.zip.vir [0] Archive type: ZIP --> DUNDUP_1.20_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '487ac5cf.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DVDPizza_1.0.15_Patch.zip.vir [0] Archive type: ZIP --> DVDPizza_1.0.15_Patch.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4870c5d2.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\DynamicMagic_4.0_[Patch].zip.vir [0] Archive type: ZIP --> DynamicMagic_4.0_[Patch].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac5f8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\E-Diary_Gold_2004.07.03.zip.vir [0] Archive type: ZIP --> E-Diary_Gold_2004.07.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4870c5af.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Easysoft_ODBC-Firebird_Driver_1.0.zip.vir [0] Archive type: ZIP --> Easysoft_ODBC-Firebird_Driver_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489fc5e6.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Enterprise_Manager_PassView_1.00.zip.vir [0] Archive type: ZIP --> Enterprise_Manager_PassView_1.00.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c5f6.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\eRanch_1.zip.vir [0] Archive type: ZIP --> eRanch_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc5dc.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Experience_WWII_mod_(Battlefield_1942)_2.4_beta.zip.vir [0] Archive type: ZIP --> Experience_WWII_mod_(Battlefield_1942)_2.4_beta.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489cc605.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\FantasyCodec_2.9_Build_1018.zip.vir [0] Archive type: ZIP --> FantasyCodec_2.9_Build_1018.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac5f3.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\File-Ease_1.05.00_[Cracked].zip.vir [0] Archive type: ZIP --> File-Ease_1.05.00_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c5fb.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Flip_Screensaver_1.1.6.zip.vir [0] Archive type: ZIP --> Flip_Screensaver_1.1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4895c5fe.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\FlowChartX_control_4.1.1.zip.vir [0] Archive type: ZIP --> FlowChartX_control_4.1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489bc5ff.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\GUIz_1.12.zip.vir [0] Archive type: ZIP --> GUIz_1.12.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4875c5e8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.zip.vir [0] Archive type: ZIP --> Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec5f5.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Heatsoft_Automatic_Synchronizer_1.08.zip.vir [0] Archive type: ZIP --> Heatsoft_Automatic_Synchronizer_1.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc5f9.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Hours_and_Minutes_1.6_build_2314.zip.vir [0] Archive type: ZIP --> Hours_and_Minutes_1.6_build_2314.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a1c603.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\HTTP-Tunnel_Client_4.0.3065.zip.vir [0] Archive type: ZIP --> HTTP-Tunnel_Client_4.0.3065.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4880c5e9.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Hunter_Dictionary_1.0.zip.vir [0] Archive type: ZIP --> Hunter_Dictionary_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac60a.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\i.Vista_Panorama_1.0.zip.vir [0] Archive type: ZIP --> i.Vista_Panorama_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4882c5c3.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\iBreeder_2.0.9.zip.vir [0] Archive type: ZIP --> iBreeder_2.0.9.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec5d8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ICQ_Password_Spy_1.zip.vir [0] Archive type: ZIP --> ICQ_Password_Spy_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '487dc5d9.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IE_Contacts_Spy_1.50_(Key).zip.vir [0] Archive type: ZIP --> IE_Contacts_Spy_1.50_(Key).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488bc5dc.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Invoice_Sheet_Manager_5.0.zip.vir [0] Archive type: ZIP --> Invoice_Sheet_Manager_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a2c605.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IPD_LAN_Manager_and_Tools_3.3_Key.zip.vir [0] Archive type: ZIP --> IPD_LAN_Manager_and_Tools_3.3_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4870c5e8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\IQ_Backup_1.4.zip.vir [0] Archive type: ZIP --> IQ_Backup_1.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488bc5e9.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\JeRM_Image_To_ASCII_Art_1.0.0.2.zip.vir [0] Archive type: ZIP --> JeRM_Image_To_ASCII_Art_1.0.0.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '487ec5fd.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.zip.vir [0] Archive type: ZIP --> Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489fc5fa.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.zip.vir [0] Archive type: ZIP --> Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4e9da783.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Kernel_Palm_PDB_4.03.zip.vir [0] Archive type: ZIP --> Kernel_Palm_PDB_4.03.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec5fe.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\KozMos_AutoTableX_3.5.61231_[With_Crack].zip.vir [0] Archive type: ZIP --> KozMos_AutoTableX_3.5.61231_[With_Crack].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a6c609.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\KyoSoft_Earth_Screensaver_1.1.26.zip.vir [0] Archive type: ZIP --> KyoSoft_Earth_Screensaver_1.1.26.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489bc613.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Lyrics_Search_1.6.zip.vir [0] Archive type: ZIP --> Lyrics_Search_1.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec614.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ManageEngine_WiFi_Manager_5.6.zip.vir [0] Archive type: ZIP --> ManageEngine_WiFi_Manager_5.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac5fc.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Matrox_G200_OpenGL_ICD_Drivers_beta_1.zip.vir [0] Archive type: ZIP --> Matrox_G200_OpenGL_ICD_Drivers_beta_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c5fd.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).zip.vir [0] Archive type: ZIP --> Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4897c601.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Microsoft_CD-ROM_Changer_Drivers_4.00.950.zip.vir [0] Archive type: ZIP --> Microsoft_CD-ROM_Changer_Drivers_4.00.950.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488fc606.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MindSoft_Pocket_CleanUp_2.0.2003.zip.vir [0] Archive type: ZIP --> MindSoft_Pocket_CleanUp_2.0.2003.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac606.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Miro_0.9.8.1_Public_Preview_1.zip.vir [0] Archive type: ZIP --> Miro_0.9.8.1_Public_Preview_1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec606.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MultiPing_1.01.2.zip.vir [0] Archive type: ZIP --> MultiPing_1.01.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c613.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\MyVideoSoft_6.08.zip.vir [0] Archive type: ZIP --> MyVideoSoft_6.08.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4882c617.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\My_Reminder_1.0.zip.vir [0] Archive type: ZIP --> My_Reminder_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488bc618.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NaPalm_Runner_1.04.01.zip.vir [0] Archive type: ZIP --> NaPalm_Runner_1.04.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '487cc600.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Net232_1.04_[Cracked].zip.vir [0] Archive type: ZIP --> Net232_1.04_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a0c605.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NewsInjector_1.2.1.zip.vir [0] Archive type: ZIP --> NewsInjector_1.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a3c605.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NOD32.2.51.26.ITA.zip.vir [0] Archive type: ZIP --> NOD32.2.51.26.ITA.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4870c5f0.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\NOD32.win9598ME.crack.zip.vir [0] Archive type: ZIP --> NOD32.win9598ME.crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4e7282e1.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Numerology_Master_Program_5.0.zip.vir [0] Archive type: ZIP --> Numerology_Master_Program_5.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4899c617.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Object_Dropper_3D_2.0_Key.zip.vir [0] Archive type: ZIP --> Object_Dropper_3D_2.0_Key.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4896c604.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\OCTeam_RSS_feed_2.0.zip.vir [0] Archive type: ZIP --> OCTeam_RSS_feed_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4880c5e6.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\OEWakeUp_1.0.1.zip.vir [0] Archive type: ZIP --> OEWakeUp_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4883c5e8.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Oscillator_Timing_Calculator_1.0_(KeyGen).zip.vir [0] Archive type: ZIP --> Oscillator_Timing_Calculator_1.0_(KeyGen).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488fc617.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\PAL_Keylogger_1.01.zip.vir [0] Archive type: ZIP --> PAL_Keylogger_1.01.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4878c5e5.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Part_It_3.02.zip.vir [0] Archive type: ZIP --> Part_It_3.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4aee1fa7.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Passion_Clock_ScreenSaver_2.3.zip.vir [0] Archive type: ZIP --> Passion_Clock_ScreenSaver_2.3.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489fc606.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Password_Retriever_5.3.4.zip.vir [0] Archive type: ZIP --> Password_Retriever_5.3.4.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4aef1fa7.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\PC_Guard_for_Win32_5.01.0590.zip.vir [0] Archive type: ZIP --> PC_Guard_for_Win32_5.01.0590.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4afb1c4a.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixbyte_Burning_SDK_1.5.1.zip.vir [0] Archive type: ZIP --> Pixbyte_Burning_SDK_1.5.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a4c60f.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixel_1.0_Beta6_bld_560.zip.vir [0] Archive type: ZIP --> Pixel_1.0_Beta6_bld_560.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a4c610.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Pixel_Grease_-_Easy_Image_Editor_2.0.zip.vir [0] Archive type: ZIP --> Pixel_Grease_-_Easy_Image_Editor_2.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a4c611.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Purge_(Confidential_Files_Eraser)_1.06.zip.vir [0] Archive type: ZIP --> Purge_(Confidential_Files_Eraser)_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec61d.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Quicken_Password_Recovery_Key_8.0_build_2514.zip.vir [0] Archive type: ZIP --> Quicken_Password_Recovery_Key_8.0_build_2514.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4895c61e.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\ReTreeval_1.00a_With_Crack.zip.vir [0] Archive type: ZIP --> ReTreeval_1.00a_With_Crack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4880c60e.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Save_Message_Action_for_InboxRULES_2.10_Cracked.zip.vir [0] Archive type: ZIP --> Save_Message_Action_for_InboxRULES_2.10_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a2c60b.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Scrabble_Rack_Attack.zip.vir [0] Archive type: ZIP --> Scrabble_Rack_Attack.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec60d.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SCWebCam_3.5.14.zip.vir [0] Archive type: ZIP --> SCWebCam_3.5.14.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4883c5ee.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Sinope_Summarizer_PE_Trial_1.2.zip.vir [0] Archive type: ZIP --> Sinope_Summarizer_PE_Trial_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac614.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Snap_Font_1.0.zip.vir [0] Archive type: ZIP --> Snap_Font_1.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc619.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SonicClick_1.0.1.zip.vir [0] Archive type: ZIP --> SonicClick_1.0.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac61b.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SQL_Server_Critical_Update_Tools_8.00.0194.zip.vir [0] Archive type: ZIP --> SQL_Server_Critical_Update_Tools_8.00.0194.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4878c5fd.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\StepUp_3.0.5.zip.vir [0] Archive type: ZIP --> StepUp_3.0.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4891c621.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SubTool_2.6.zip.vir [0] Archive type: ZIP --> SubTool_2.6.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488ec622.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Supreme_Auction_2.zip.vir [0] Archive type: ZIP --> Supreme_Auction_2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489cc623.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\SyncTime_Deluxe_1.1.zip.vir [0] Archive type: ZIP --> SyncTime_Deluxe_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac627.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\System_Tray_Icons_ActiveX_Control_1.06.zip.vir [0] Archive type: ZIP --> System_Tray_Icons_ActiveX_Control_1.06.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489fc627.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TableTools_0.20.zip.vir [0] Archive type: ZIP --> TableTools_0.20.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488ec610.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\The_Bible_Collection.zip.vir [0] Archive type: ZIP --> The_Bible_Collection.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4891c617.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Tiny_Watcher_1.5.zip.vir [0] Archive type: ZIP --> Tiny_Watcher_1.5.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac619.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Touch_It_1.2.7.0.zip.vir [0] Archive type: ZIP --> Touch_It_1.2.7.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '48a1c61f.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TrayDay_7.02.zip.vir [0] Archive type: ZIP --> TrayDay_7.02.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '488dc623.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TribalWeb_2.40.zip.vir [0] Archive type: ZIP --> TribalWeb_2.40.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4895c623.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\TurboFTP_SDK_1.2.zip.vir [0] Archive type: ZIP --> TurboFTP_SDK_1.2.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec627.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Uninstaller_for_Total_Commander_1.7.3d.zip.vir [0] Archive type: ZIP --> Uninstaller_for_Total_Commander_1.7.3d.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4895c620.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\UninstallKing2005_2.18_Cracked.zip.vir [0] Archive type: ZIP --> UninstallKing2005_2.18_Cracked.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4895c621.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2003_-_Bulldog_Support_mod.zip.vir [0] Archive type: ZIP --> Unreal_Tournament_2003_-_Bulldog_Support_mod.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec622.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2004_AS_HMStormWitch_map.zip.vir [0] Archive type: ZIP --> Unreal_Tournament_2004_AS_HMStormWitch_map.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4e9fe45b.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Update_To_Pixel_Penguins_4.06.18.zip.vir [0] Archive type: ZIP --> Update_To_Pixel_Penguins_4.06.18.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4890c625.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\UPX_Tool+_1.1.zip.vir [0] Archive type: ZIP --> UPX_Tool+_1.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4884c605.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\urlStart_1.0.2.1.zip.vir [0] Archive type: ZIP --> urlStart_1.0.2.1.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c628.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\WAV_Joiner_3.0.0.zip.vir [0] Archive type: ZIP --> WAV_Joiner_3.0.0.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4882c5f7.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\WinX_Burner_Master_3.2.20.152_Build_0610.zip.vir [0] Archive type: ZIP --> WinX_Burner_Master_3.2.20.152_Build_0610.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ac61f.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).zip.vir [0] Archive type: ZIP --> World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec626.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.zip.vir [0] Archive type: ZIP --> Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '4898c620.qua'! C:\QooBox\Quarantine\C\Users\GaWeL\AppData\Roaming\m\shared\Xtreme_Importer_1.0_[Cracked].zip.vir [0] Archive type: ZIP --> Xtreme_Importer_1.0_[Cracked].exe [DETECTION] Is the Trojan horse TR/Dldr.Bagle.PD [NOTE] The file was moved to '489ec62c.qua'! C:\QooBox\Quarantine\C\Windows\System32\1.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4891c5e6.qua'! C:\QooBox\Quarantine\C\Windows\System32\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '4891c61d.qua'! C:\QooBox\Quarantine\C\Windows\System32\wintems.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '489ac622.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\hldrrr.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '4d6f4dbe.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\mdelk.exe.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '4891c61e.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.vir [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '489bc62c.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.zip [0] Archive type: ZIP --> srosa.sys [DETECTION] Is the Trojan horse TR/Trash.Gen [NOTE] The file was moved to '4d64561d.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\113038.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '485fc5ec.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\113865.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485fc5ed.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\122055.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '485ec5ee.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\123615.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485fc5ef.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\125892.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4861c5ef.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\1265230.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4862c5f0.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\1291438.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4865c5f0.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\133396.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '485fc5f2.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\139620.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4865c5f2.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\14695855.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4862c5f4.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\14742656.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4863c5f4.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\14784979.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4863c5f5.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\1482103.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4864c5f6.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\14880810.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4864c5f7.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\15550179.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4861c5fa.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\15565327.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4a0f0f9b.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\16160190.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '485dc5fc.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\16178270.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4a330f9d.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\177872.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4863c5ff.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\185375.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4861c600.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\217059.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4863c5fa.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\231661.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485dc5fd.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\29429245.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4860c604.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\29540536.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4861c605.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\29557057.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4861c606.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\30808793.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4864c5fd.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\30831553.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4864c5fe.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\313655.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485fc600.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\335214.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4861c603.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\384355.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4860c608.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\404728.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4860c601.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\44010315.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485cc605.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\69451.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4860c60d.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\72041.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '485cc607.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\75457.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4860c60a.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\83039.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '485cc609.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\89731.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4863c610.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\90433.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4860c607.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\93725.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4863c60a.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\95566.exe.vir [DETECTION] Is the Trojan horse TR/Bagle.Gen.B [NOTE] The file was moved to '4861c60d.qua'! C:\QooBox\Quarantine\C\Windows\System32\drivers\downld\984303.exe.vir [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [NOTE] The file was moved to '4860c610.qua'! Begin scan in 'D:\' <Recovery> End of the scan: vendredi 16 mai 2008 02:10 Used time: 1:14:56 min The scan has been done completely. 16033 Scanning directories 453801 Files were scanned 540 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 176 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 453261 Files not concerned 3568 Archives were scanned 6 Warnings 176 Notes

Ok pas de probleme, cela sera avec plaisir alors. Je vais suivre tes conseils. Et merci beaucoup! A demain soir.

Oui je l'ai ziper c'est bon, coment te le faire parvenir maintenant? Mais pourquoi? Puis c'est quoi? Car il me semble pas que j'avais ce dossier auparavant.

Ok donc apres annalyse je n'ai rien.

Ipod et lecteur mp3 je doit le considérer comme clé USB ou pas? Sinon, non j'ai pas de clé USB.

Salut, donc voila: ComboFix 08-05-12.1 - GaWeL 2008-05-15 23:37:23.2 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1297 [GMT 2:00] Endroit: C:\Users\GaWeL\Desktop\combo-fix.exe Command switches used :: C:\Users\GaWeL\Desktop\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\Users\GaWeL\AppData\Roaming\m\flec006.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\system32\drivers\downld . ((((((((((((((((((((((((((((( Fichiers créés 2008-04-15 to 2008-05-15 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier créé dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-15 06:50 --------- d-----w C:\ProgramData\Microsoft Help 2008-05-13 22:51 --------- d-----w C:\Program Files\Alwil Software 2008-05-13 22:01 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-05-13 22:01 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-05-13 21:27 --------- d-----w C:\Program Files\CCleaner 2008-05-11 20:05 --------- d-----w C:\ProgramData\pixelStorm 2008-05-11 14:27 --------- d-----w C:\Program Files\PpStream Fr 2008-05-11 14:25 --------- d-----w C:\Users\GaWeL\AppData\Roaming\ppStream 2008-05-05 17:20 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-05-05 17:20 22,328 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrK.sys 2008-05-05 17:20 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe 2008-05-05 17:20 103,736 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrB.exe 2008-05-05 17:18 66,872 ----a-w C:\Windows\System32\PnkBstrA.exe 2008-05-05 17:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-05 16:59 --------- d-----w C:\Program Files\Activision 2008-05-01 13:25 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files 2008-05-01 10:42 --------- d-----w C:\Program Files\Apple Software Update 2008-04-20 20:49 --------- d-----w C:\Program Files\pspvideo9 2008-04-20 20:41 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-04-20 20:41 --------- d-----w C:\Program Files\Realtek 2008-04-14 20:11 --------- d-----w C:\Program Files\AviSynth 2.5 2008-04-03 23:00 --------- d--h--r C:\Users\GaWeL\AppData\Roaming\SecuROM 2008-04-03 22:44 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Sports Interactive 2008-04-03 22:39 --------- d--h--w C:\Program Files\Zero G Registry 2008-04-03 22:33 --------- d-----w C:\Program Files\Sports Interactive 2008-04-03 16:04 --------- d-----w C:\Program Files\iTunes 2008-04-03 16:04 --------- d-----w C:\Program Files\iPod 2008-04-03 16:03 --------- d-----w C:\Program Files\QuickTime 2008-03-21 18:43 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Apple Computer 2008-03-20 17:53 --------- d-----w C:\Program Files\Safari 2008-03-16 18:15 --------- d-----w C:\ProgramData\NVIDIA 2008-03-16 04:57 --------- d-----w C:\Users\GaWeL\AppData\Roaming\WinBatch 2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll 2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll 2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll 2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe 2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe 2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll 2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll 2008-02-29 04:14 2,028,544 ----a-w C:\Windows\System32\win32k.sys 2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll 2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll 2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll 2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll 2008-02-04 19:26 82 ----a-w C:\Users\GaWeL\AppData\Roaming\wklnhst.dat 2008-02-04 19:25 47,360 ----a-w C:\Users\GaWeL\AppData\Roaming\pcouffin.sys 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\qoobox\windows\system32 ---- C:\qoobox\windows\system32\ ------- Sigcheck ------- . ((((((((((((((((((((((((((((( snapshot@2008-05-15_ 0.38.07.85 ))))))))))))))))))))))))))))))))))))))))) . - 2008-05-14 22:31:38 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-05-15 21:22:48 67,584 --s-a-w C:\Windows\bootstat.dat + 2006-10-27 14:04:08 497,504 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MORPH9.DLL + 2006-10-27 14:04:10 9,581,360 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSPUB.EXE + 2006-10-26 19:09:36 136,008 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PRTF9.DLL + 2006-10-27 14:04:06 624,456 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PTXT9.DLL + 2006-10-26 19:09:44 590,144 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PUBCONV.DLL + 2006-10-27 13:23:04 347,432 ----a-r C:\Windows\Installer\$PatchCache$\Managed\00002119F20000000000000000F01FEC\12.0.4518\WINWORD.EXE - 2008-04-10 06:44:46 1,165,584 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe + 2008-05-15 06:50:22 1,165,584 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe - 2008-04-10 06:44:46 20,240 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe + 2008-05-15 06:50:22 20,240 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe - 2008-04-10 06:44:46 159,504 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe + 2008-05-15 06:50:22 159,504 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe - 2008-04-10 06:44:46 217,864 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe + 2008-05-15 06:50:22 217,864 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe - 2008-04-10 06:44:46 18,704 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe + 2008-05-15 06:50:22 18,704 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe - 2008-04-10 06:44:46 35,088 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe + 2008-05-15 06:50:22 35,088 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe - 2008-04-10 06:44:46 845,584 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe + 2008-05-15 06:50:22 845,584 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - 2008-04-10 06:44:46 922,384 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe + 2008-05-15 06:50:22 922,384 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - 2008-04-10 06:44:46 272,648 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe + 2008-05-15 06:50:22 272,648 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe - 2008-04-10 06:44:46 888,080 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe + 2008-05-15 06:50:22 888,080 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - 2008-04-10 06:44:46 1,172,240 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe + 2008-05-15 06:50:22 1,172,240 ----a-r C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - 2008-04-10 06:44:26 20,240 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe + 2008-05-15 06:49:59 20,240 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\cagicon.exe - 2008-04-10 06:44:26 184,080 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe + 2008-05-15 06:49:59 184,080 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\joticon.exe - 2008-04-10 06:44:26 217,864 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe + 2008-05-15 06:49:59 217,864 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\misc.exe - 2008-04-10 06:44:26 18,704 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe + 2008-05-15 06:49:59 18,704 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\mspicons.exe - 2008-04-10 06:44:26 35,088 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe + 2008-05-15 06:49:59 35,088 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\oisicon.exe - 2008-04-10 06:44:26 922,384 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe + 2008-05-15 06:49:59 922,384 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\pptico.exe - 2008-04-10 06:44:26 888,080 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe + 2008-05-15 06:49:59 888,080 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - 2008-04-10 06:44:26 1,172,240 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe + 2008-05-15 06:49:59 1,172,240 ----a-r C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\xlicons.exe - 2008-05-14 22:31:39 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2008-05-15 21:22:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2008-05-14 22:31:39 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2008-05-15 21:22:48 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2008-05-14 22:32:04 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-15 21:25:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT + 2008-05-15 21:25:48 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1 - 2008-05-14 22:32:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-15 21:25:43 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT + 2008-05-15 21:25:43 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1 - 2008-05-14 22:14:21 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-05-15 21:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-05-14 22:14:21 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-05-15 21:35:55 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-05-14 22:14:21 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-05-15 21:35:55 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2008-05-14 16:48:32 11,874 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3072763064-2446227072-4167713054-1000_UserData.bin + 2008-05-15 21:26:35 12,214 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3072763064-2446227072-4167713054-1000_UserData.bin - 2008-05-14 16:48:31 57,520 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin + 2008-05-15 21:26:34 57,692 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2008-05-14 16:48:30 43,860 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2008-05-15 21:26:33 43,892 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-14 00:01 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-19 00:28 1006264] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2004-08-02 02:10 688128] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 12:59 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "VX6000"="C:\Windows\vVX6000.exe" [2007-04-10 14:46 996712] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "HPAIO_PrintFolderMgr"="C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe" [ ] "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 09:23 132624] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 18:59 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 18:59 8473120] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 18:59 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ] C:\Users\GaWeL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 17:51 192512] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3072763064-2446227072-4167713054-1000] "EnableNotificationsRef"=dword:00000003 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6D627958-CCBC-4F0D-86EA-814307131E64}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{540C4478-A48C-4271-81C8-B312B78F5CD9}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{48ED27BD-4D5C-4483-A8AD-C9C463E81AF8}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{F941FE5E-E53C-412C-A2D8-0339ACB9EB76}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "{73E54759-DADF-4B25-9ADE-FC0CEC637531}"= Disabled:UDP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{89C5A30E-BA8B-4A1F-A260-6172F1C8EE2C}"= Disabled:TCP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{23BF2E3B-7760-4D96-B3F8-59E6955F4804}"= Disabled:UDP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{D66CA116-176E-453F-B9FD-F1F41B96189D}"= Disabled:TCP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{98DE3049-F1BB-4828-8A84-6411E529D14B}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{8FBFFE59-6FDE-4598-A05F-1E5CEC5E7443}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{2C10C3AB-CE1C-4515-96FA-A57BCED63DF5}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{94C8C4C4-8632-4B6C-998D-C1ECFBC63523}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "TCP Query User{932CA54F-49E3-4D4A-A864-CCAA54BD20CA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{F4F8E69B-40BA-405C-BD82-2237C2AE3463}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{77DF3217-5272-47CC-8DBA-1101B32A5D27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{1F84B188-BFE2-4FD0-9250-88F6BEC8BBEF}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{6E30E2E8-F8F9-4295-BF15-28B63DFEDC74}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{C9581EA9-5CE7-419C-9E74-8C62834DE3D6}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C9A552AD-84B9-42F6-AC47-437E898F82B6}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4D69BB7C-0995-4A56-B788-EDE78F5EDEAF}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B4A249E-4B06-4E73-9D04-B9D0E9E48B68}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{0C8D9FB4-BE31-4A0D-832A-D2E570934E1A}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{1FC82F46-9F77-4191-A7E5-D4B98ACA6646}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{B9622CB5-EB26-4DEF-9F3E-150EB96C78E1}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{61D1E7E4-CE5A-427A-8F94-CC1A104C87B7}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C269D18D-2E5C-4592-8C30-358FEED71359}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4B1F9833-512C-4D7E-8F61-50B975A705E0}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B64E45C-5802-40D1-95D5-1F539FB9137E}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{D6DD97F8-43B4-43CF-AE3C-A8D541181EA1}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{48307B80-3264-46FB-B078-3366468C8810}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{3B963C37-3149-41CC-8450-F84F0D87B63F}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{38B24799-AD50-4759-ACDA-A799790B7EA3}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{78BF92EF-58C0-475F-B36A-C5CB0B0A5E1D}C:\\users\\gawel\\desktop\\viviplay.exe"= UDP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "UDP Query User{DB60AA64-5A66-4A56-9503-278736AB17F1}C:\\users\\gawel\\desktop\\viviplay.exe"= TCP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "{85107586-3806-4B67-BBC3-C0F9C52DD8A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{BF23537A-2CAB-4E9F-AA99-698848A1CDB3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{D266B7DB-B012-4802-8B20-F9145C464865}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{0595A42E-1164-4B80-A380-1DCD8B3FA3B4}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\Windows\system32\plcndis5.sys [2004-05-17 11:21] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] S3 VX6000;Microsoft LifeCam VX-6000;C:\Windows\system32\DRIVERS\VX6000Xp.sys [2007-04-10 14:46] S4 usbprint;Microsoft USB PRINTER Class;C:\Windows\system32\drivers\usbprint.sys [2006-11-02 11:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-15 23:39:19 Windows 6.0.6000 NTFS Balayage processus cachés ... Balayage caché autostart entries ... Balayage des fichiers cachés ... Scan terminé avec succès Les fichiers cachés: 0 ************************************************************************** . Temps d'accomplissement: 2008-05-15 23:40:27 ComboFix-quarantined-files.txt 2008-05-15 21:40:18 ComboFix2.txt 2008-05-14 22:38:55 Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. 266 --- E O F --- 2008-05-15 06:50:23

Ok, donc bonne nouvelle! Je te remerci de ton aide, a demain.

Voila: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:58:26, on 15/05/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\vVX6000.exe C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\hp\kbd\kbd.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\conime.exe C:\Windows\Explorer.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\GaWeL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1VH28G7S\HiJackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fiberfib.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [VX6000] C:\Windows\vVX6000.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10320 bytes

Bonsoir et merci pour la réponse, donc voici le rapport. En vous remerciant d'avance. ComboFix 08-05-12.1 - GaWeL 2008-05-15 0:25:04.1 - NTFSx86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1234 [GMT 2:00] Endroit: C:\Users\GaWeL\Desktop\combo-fix.exe * Création d'un nouveau point de restauration . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Users\GaWeL\AppData\Roaming\inst.exe C:\Users\GaWeL\AppData\Roaming\m C:\Users\GaWeL\AppData\Roaming\m\data.oct C:\Users\GaWeL\AppData\Roaming\m\list.oct C:\Users\GaWeL\AppData\Roaming\m\shared C:\Users\GaWeL\AppData\Roaming\m\shared\ABBYY_FineReader_OCR_Professional_8.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Access_Password_Recovery_Helper_1.62.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Advanced_PDF_Password_Recovery_Pro_2.21.zip C:\Users\GaWeL\AppData\Roaming\m\shared\AGDL_5_Bhoomika_Chawla_Wallpapers_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Ankrie_ImageCutter_1.0_Serial.zip C:\Users\GaWeL\AppData\Roaming\m\shared\AntiHook_3.0.0.23.zip C:\Users\GaWeL\AppData\Roaming\m\shared\AppAway_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Asp.Net_Shopping_Cart_Lite_Edition_2.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Auto_Shutdown_1.2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Autumn_XP_Falls_Screensaver_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Avast!.Antivirus.4.1.357.Spanish.Professional.Edition.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Avast.Antivirus.HomeEdition.zip C:\Users\GaWeL\AppData\Roaming\m\shared\AVI_Frame_Rate_Changer_1.10.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Big_Mountain_4.39_(Patch).zip C:\Users\GaWeL\AppData\Roaming\m\shared\Bitdefender.v9.Pro.Plus.FR.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Blue_Byte_File_Editor_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Budget_Sheet_Manager_4.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\BudgetKel_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Calodiet_2007_07.03.30.zip C:\Users\GaWeL\AppData\Roaming\m\shared\CD_FrontEnd_Lite_3.0_[KeyGen].zip C:\Users\GaWeL\AppData\Roaming\m\shared\Colorado_Web_Cams_1.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Command_&_Conquer_Renegade_-_map_pack_4.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Completely_Gone_1.12_Key.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Crypt_Keeper_WP_0.001.zip C:\Users\GaWeL\AppData\Roaming\m\shared\daER_3.5.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Data_Doctor_Recovery_Removable_Media_2.0.1.5.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Deal_or_No_Deal_-_Beat_The_Broker_1.11_-_USA.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Doom_3_Church_of_Ruins_map.zip C:\Users\GaWeL\AppData\Roaming\m\shared\DotNetPanel_2.1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\drweb_432b_key.zip C:\Users\GaWeL\AppData\Roaming\m\shared\DUNDUP_1.20_beta_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\DVDPizza_1.0.15_Patch.zip C:\Users\GaWeL\AppData\Roaming\m\shared\DynamicMagic_4.0_[Patch].zip C:\Users\GaWeL\AppData\Roaming\m\shared\E-Diary_Gold_2004.07.03.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Easysoft_ODBC-Firebird_Driver_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Enterprise_Manager_PassView_1.00.zip C:\Users\GaWeL\AppData\Roaming\m\shared\eRanch_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Experience_WWII_mod_(Battlefield_1942)_2.4_beta.zip C:\Users\GaWeL\AppData\Roaming\m\shared\FantasyCodec_2.9_Build_1018.zip C:\Users\GaWeL\AppData\Roaming\m\shared\File-Ease_1.05.00_[Cracked].zip C:\Users\GaWeL\AppData\Roaming\m\shared\Flip_Screensaver_1.1.6.zip C:\Users\GaWeL\AppData\Roaming\m\shared\FlowChartX_control_4.1.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\GUIz_1.12.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Harmony-Complete_Home_Automation_5_Lite_5.0_build_156.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Heatsoft_Automatic_Synchronizer_1.08.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Hours_and_Minutes_1.6_build_2314.zip C:\Users\GaWeL\AppData\Roaming\m\shared\HTTP-Tunnel_Client_4.0.3065.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Hunter_Dictionary_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\i.Vista_Panorama_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\iBreeder_2.0.9.zip C:\Users\GaWeL\AppData\Roaming\m\shared\ICQ_Password_Spy_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\IE_Contacts_Spy_1.50_(Key).zip C:\Users\GaWeL\AppData\Roaming\m\shared\Invoice_Sheet_Manager_5.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\IPD_LAN_Manager_and_Tools_3.3_Key.zip C:\Users\GaWeL\AppData\Roaming\m\shared\IQ_Backup_1.4.zip C:\Users\GaWeL\AppData\Roaming\m\shared\JeRM_Image_To_ASCII_Art_1.0.0.2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Anti.Virus.Personal.5.0.522.WinAll-TWK.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Kaspersky.Avp.Blacklist.Removal.Tool.v1.8.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Kernel_Palm_PDB_4.03.zip C:\Users\GaWeL\AppData\Roaming\m\shared\KozMos_AutoTableX_3.5.61231_[With_Crack].zip C:\Users\GaWeL\AppData\Roaming\m\shared\KyoSoft_Earth_Screensaver_1.1.26.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Lyrics_Search_1.6.zip C:\Users\GaWeL\AppData\Roaming\m\shared\ManageEngine_WiFi_Manager_5.6.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Matrox_G200_OpenGL_ICD_Drivers_beta_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Mekashron_Publisher_-_Standard_Edition_2.32_(Cracked).zip C:\Users\GaWeL\AppData\Roaming\m\shared\Microsoft_CD-ROM_Changer_Drivers_4.00.950.zip C:\Users\GaWeL\AppData\Roaming\m\shared\MindSoft_Pocket_CleanUp_2.0.2003.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Miro_0.9.8.1_Public_Preview_1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\MultiPing_1.01.2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\My_Reminder_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\MyVideoSoft_6.08.zip C:\Users\GaWeL\AppData\Roaming\m\shared\NaPalm_Runner_1.04.01.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Net232_1.04_[Cracked].zip C:\Users\GaWeL\AppData\Roaming\m\shared\NewsInjector_1.2.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\NOD32.2.51.26.ITA.zip C:\Users\GaWeL\AppData\Roaming\m\shared\NOD32.win9598ME.crack.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Numerology_Master_Program_5.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Object_Dropper_3D_2.0_Key.zip C:\Users\GaWeL\AppData\Roaming\m\shared\OCTeam_RSS_feed_2.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\OEWakeUp_1.0.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Oscillator_Timing_Calculator_1.0_(KeyGen).zip C:\Users\GaWeL\AppData\Roaming\m\shared\PAL_Keylogger_1.01.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Part_It_3.02.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Passion_Clock_ScreenSaver_2.3.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Password_Retriever_5.3.4.zip C:\Users\GaWeL\AppData\Roaming\m\shared\PC_Guard_for_Win32_5.01.0590.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Pixbyte_Burning_SDK_1.5.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Pixel_1.0_Beta6_bld_560.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Pixel_Grease_-_Easy_Image_Editor_2.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Purge_(Confidential_Files_Eraser)_1.06.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Quicken_Password_Recovery_Key_8.0_build_2514.zip C:\Users\GaWeL\AppData\Roaming\m\shared\ReTreeval_1.00a_With_Crack.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Save_Message_Action_for_InboxRULES_2.10_Cracked.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Scrabble_Rack_Attack.zip C:\Users\GaWeL\AppData\Roaming\m\shared\SCWebCam_3.5.14.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Sinope_Summarizer_PE_Trial_1.2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Snap_Font_1.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\SonicClick_1.0.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\SQL_Server_Critical_Update_Tools_8.00.0194.zip C:\Users\GaWeL\AppData\Roaming\m\shared\StepUp_3.0.5.zip C:\Users\GaWeL\AppData\Roaming\m\shared\SubTool_2.6.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Supreme_Auction_2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\SyncTime_Deluxe_1.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\System_Tray_Icons_ActiveX_Control_1.06.zip C:\Users\GaWeL\AppData\Roaming\m\shared\TableTools_0.20.zip C:\Users\GaWeL\AppData\Roaming\m\shared\The_Bible_Collection.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Tiny_Watcher_1.5.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Touch_It_1.2.7.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\TrayDay_7.02.zip C:\Users\GaWeL\AppData\Roaming\m\shared\TribalWeb_2.40.zip C:\Users\GaWeL\AppData\Roaming\m\shared\TurboFTP_SDK_1.2.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Uninstaller_for_Total_Commander_1.7.3d.zip C:\Users\GaWeL\AppData\Roaming\m\shared\UninstallKing2005_2.18_Cracked.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2003_-_Bulldog_Support_mod.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Unreal_Tournament_2004_AS_HMStormWitch_map.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Update_To_Pixel_Penguins_4.06.18.zip C:\Users\GaWeL\AppData\Roaming\m\shared\UPX_Tool+_1.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\urlStart_1.0.2.1.zip C:\Users\GaWeL\AppData\Roaming\m\shared\WAV_Joiner_3.0.0.zip C:\Users\GaWeL\AppData\Roaming\m\shared\WinX_Burner_Master_3.2.20.152_Build_0610.zip C:\Users\GaWeL\AppData\Roaming\m\shared\World_of_Warcraft_v1.6.1_to_v1.7.0_patch_(France).zip C:\Users\GaWeL\AppData\Roaming\m\shared\Xilisoft_DVD_to_iPhone_Suite_4.0.83.0718.zip C:\Users\GaWeL\AppData\Roaming\m\shared\Xtreme_Importer_1.0_[Cracked].zip C:\Users\GaWeL\AppData\Roaming\m\srvlist.oct C:\Windows\system32\1.exe C:\Windows\system32\ban_list.txt C:\Windows\system32\drivers\downld C:\Windows\system32\drivers\downld\100027.exe C:\Windows\system32\drivers\downld\1006128.exe C:\Windows\system32\drivers\downld\1017906.exe C:\Windows\system32\drivers\downld\104676.exe C:\Windows\system32\drivers\downld\106486.exe C:\Windows\system32\drivers\downld\108857.exe C:\Windows\system32\drivers\downld\109434.exe C:\Windows\system32\drivers\downld\1105142.exe C:\Windows\system32\drivers\downld\1118059.exe C:\Windows\system32\drivers\downld\113038.exe C:\Windows\system32\drivers\downld\113147.exe C:\Windows\system32\drivers\downld\1136108.exe C:\Windows\system32\drivers\downld\113865.exe C:\Windows\system32\drivers\downld\117624.exe C:\Windows\system32\drivers\downld\122055.exe C:\Windows\system32\drivers\downld\122866.exe C:\Windows\system32\drivers\downld\123615.exe C:\Windows\system32\drivers\downld\1257648.exe C:\Windows\system32\drivers\downld\125892.exe C:\Windows\system32\drivers\downld\1265230.exe C:\Windows\system32\drivers\downld\1291438.exe C:\Windows\system32\drivers\downld\1300049.exe C:\Windows\system32\drivers\downld\130214.exe C:\Windows\system32\drivers\downld\1322950.exe C:\Windows\system32\drivers\downld\133396.exe C:\Windows\system32\drivers\downld\137140.exe C:\Windows\system32\drivers\downld\139620.exe C:\Windows\system32\drivers\downld\14695855.exe C:\Windows\system32\drivers\downld\14715309.exe C:\Windows\system32\drivers\downld\14725433.exe C:\Windows\system32\drivers\downld\14736852.exe C:\Windows\system32\drivers\downld\14742656.exe C:\Windows\system32\drivers\downld\1474724.exe C:\Windows\system32\drivers\downld\147561.exe C:\Windows\system32\drivers\downld\14759972.exe C:\Windows\system32\drivers\downld\14771453.exe C:\Windows\system32\drivers\downld\14777007.exe C:\Windows\system32\drivers\downld\14784979.exe C:\Windows\system32\drivers\downld\14802482.exe C:\Windows\system32\drivers\downld\14815820.exe C:\Windows\system32\drivers\downld\1482103.exe C:\Windows\system32\drivers\downld\14824634.exe C:\Windows\system32\drivers\downld\14840671.exe C:\Windows\system32\drivers\downld\14869968.exe C:\Windows\system32\drivers\downld\148700.exe C:\Windows\system32\drivers\downld\14872667.exe C:\Windows\system32\drivers\downld\14873821.exe C:\Windows\system32\drivers\downld\14877331.exe C:\Windows\system32\drivers\downld\14880810.exe C:\Windows\system32\drivers\downld\14881465.exe C:\Windows\system32\drivers\downld\14886317.exe C:\Windows\system32\drivers\downld\14886707.exe C:\Windows\system32\drivers\downld\14886910.exe C:\Windows\system32\drivers\downld\14900778.exe C:\Windows\system32\drivers\downld\14903976.exe C:\Windows\system32\drivers\downld\14909046.exe C:\Windows\system32\drivers\downld\14930013.exe C:\Windows\system32\drivers\downld\14948000.exe C:\Windows\system32\drivers\downld\14960339.exe C:\Windows\system32\drivers\downld\14967515.exe C:\Windows\system32\drivers\downld\14990557.exe C:\Windows\system32\drivers\downld\14999792.exe C:\Windows\system32\drivers\downld\15016500.exe C:\Windows\system32\drivers\downld\1506813.exe C:\Windows\system32\drivers\downld\15096544.exe C:\Windows\system32\drivers\downld\150993.exe C:\Windows\system32\drivers\downld\15104640.exe C:\Windows\system32\drivers\downld\15123594.exe C:\Windows\system32\drivers\downld\1515019.exe C:\Windows\system32\drivers\downld\1538466.exe C:\Windows\system32\drivers\downld\15544282.exe C:\Windows\system32\drivers\downld\15550179.exe C:\Windows\system32\drivers\downld\15565327.exe C:\Windows\system32\drivers\downld\15574016.exe C:\Windows\system32\drivers\downld\15585716.exe C:\Windows\system32\drivers\downld\15830763.exe C:\Windows\system32\drivers\downld\15844631.exe C:\Windows\system32\drivers\downld\15861432.exe C:\Windows\system32\drivers\downld\16150237.exe C:\Windows\system32\drivers\downld\16160190.exe C:\Windows\system32\drivers\downld\16169441.exe C:\Windows\system32\drivers\downld\16178270.exe C:\Windows\system32\drivers\downld\161788.exe C:\Windows\system32\drivers\downld\16183730.exe C:\Windows\system32\drivers\downld\16194042.exe C:\Windows\system32\drivers\downld\16195789.exe C:\Windows\system32\drivers\downld\16226178.exe C:\Windows\system32\drivers\downld\16235741.exe C:\Windows\system32\drivers\downld\16249173.exe C:\Windows\system32\drivers\downld\16258065.exe C:\Windows\system32\drivers\downld\16277378.exe C:\Windows\system32\drivers\downld\16283633.exe C:\Windows\system32\drivers\downld\16328250.exe C:\Windows\system32\drivers\downld\16355098.exe C:\Windows\system32\drivers\downld\16379824.exe C:\Windows\system32\drivers\downld\1670177.exe C:\Windows\system32\drivers\downld\167201.exe C:\Windows\system32\drivers\downld\167482.exe C:\Windows\system32\drivers\downld\1689272.exe C:\Windows\system32\drivers\downld\1703640.exe C:\Windows\system32\drivers\downld\1711237.exe C:\Windows\system32\drivers\downld\1728662.exe C:\Windows\system32\drivers\downld\1728943.exe C:\Windows\system32\drivers\downld\1737960.exe C:\Windows\system32\drivers\downld\1764230.exe C:\Windows\system32\drivers\downld\177872.exe C:\Windows\system32\drivers\downld\185375.exe C:\Windows\system32\drivers\downld\189634.exe C:\Windows\system32\drivers\downld\189650.exe C:\Windows\system32\drivers\downld\191413.exe C:\Windows\system32\drivers\downld\208214.exe C:\Windows\system32\drivers\downld\209150.exe C:\Windows\system32\drivers\downld\217059.exe C:\Windows\system32\drivers\downld\221505.exe C:\Windows\system32\drivers\downld\224906.exe C:\Windows\system32\drivers\downld\231661.exe C:\Windows\system32\drivers\downld\236637.exe C:\Windows\system32\drivers\downld\238026.exe C:\Windows\system32\drivers\downld\239695.exe C:\Windows\system32\drivers\downld\240288.exe C:\Windows\system32\drivers\downld\250646.exe C:\Windows\system32\drivers\downld\250724.exe C:\Windows\system32\drivers\downld\254515.exe C:\Windows\system32\drivers\downld\260459.exe C:\Windows\system32\drivers\downld\260506.exe C:\Windows\system32\drivers\downld\267557.exe C:\Windows\system32\drivers\downld\271597.exe C:\Windows\system32\drivers\downld\273610.exe C:\Windows\system32\drivers\downld\278383.exe C:\Windows\system32\drivers\downld\281659.exe C:\Windows\system32\drivers\downld\283921.exe C:\Windows\system32\drivers\downld\289475.exe C:\Windows\system32\drivers\downld\29420181.exe C:\Windows\system32\drivers\downld\29429245.exe C:\Windows\system32\drivers\downld\29442146.exe C:\Windows\system32\drivers\downld\29458948.exe C:\Windows\system32\drivers\downld\29528945.exe C:\Windows\system32\drivers\downld\29540536.exe C:\Windows\system32\drivers\downld\29544202.exe C:\Windows\system32\drivers\downld\29557057.exe C:\Windows\system32\drivers\downld\29570083.exe C:\Windows\system32\drivers\downld\29572142.exe C:\Windows\system32\drivers\downld\29591408.exe C:\Windows\system32\drivers\downld\29604450.exe C:\Windows\system32\drivers\downld\296121.exe C:\Windows\system32\drivers\downld\29705335.exe C:\Windows\system32\drivers\downld\29718330.exe C:\Windows\system32\drivers\downld\29741029.exe C:\Windows\system32\drivers\downld\306495.exe C:\Windows\system32\drivers\downld\30793895.exe C:\Windows\system32\drivers\downld\308008.exe C:\Windows\system32\drivers\downld\30808793.exe C:\Windows\system32\drivers\downld\308226.exe C:\Windows\system32\drivers\downld\30831553.exe C:\Windows\system32\drivers\downld\30875749.exe C:\Windows\system32\drivers\downld\30890584.exe C:\Windows\system32\drivers\downld\30945450.exe C:\Windows\system32\drivers\downld\30992188.exe C:\Windows\system32\drivers\downld\31028177.exe C:\Windows\system32\drivers\downld\31049331.exe C:\Windows\system32\drivers\downld\313655.exe C:\Windows\system32\drivers\downld\314154.exe C:\Windows\system32\drivers\downld\315231.exe C:\Windows\system32\drivers\downld\318366.exe C:\Windows\system32\drivers\downld\321393.exe C:\Windows\system32\drivers\downld\321705.exe C:\Windows\system32\drivers\downld\329817.exe C:\Windows\system32\drivers\downld\331221.exe C:\Windows\system32\drivers\downld\331299.exe C:\Windows\system32\drivers\downld\335214.exe C:\Windows\system32\drivers\downld\339426.exe C:\Windows\system32\drivers\downld\346618.exe C:\Windows\system32\drivers\downld\348428.exe C:\Windows\system32\drivers\downld\352983.exe C:\Windows\system32\drivers\downld\358942.exe C:\Windows\system32\drivers\downld\360643.exe C:\Windows\system32\drivers\downld\376087.exe C:\Windows\system32\drivers\downld\384355.exe C:\Windows\system32\drivers\downld\398020.exe C:\Windows\system32\drivers\downld\404728.exe C:\Windows\system32\drivers\downld\425024.exe C:\Windows\system32\drivers\downld\428753.exe C:\Windows\system32\drivers\downld\429845.exe C:\Windows\system32\drivers\downld\433105.exe C:\Windows\system32\drivers\downld\43998397.exe C:\Windows\system32\drivers\downld\44010315.exe C:\Windows\system32\drivers\downld\44025759.exe C:\Windows\system32\drivers\downld\44049035.exe C:\Windows\system32\drivers\downld\440562.exe C:\Windows\system32\drivers\downld\44149452.exe C:\Windows\system32\drivers\downld\44154569.exe C:\Windows\system32\drivers\downld\44171620.exe C:\Windows\system32\drivers\downld\44232492.exe C:\Windows\system32\drivers\downld\44268793.exe C:\Windows\system32\drivers\downld\442777.exe C:\Windows\system32\drivers\downld\44304814.exe C:\Windows\system32\drivers\downld\44306077.exe C:\Windows\system32\drivers\downld\44323534.exe C:\Windows\system32\drivers\downld\44424903.exe C:\Windows\system32\drivers\downld\44435387.exe C:\Windows\system32\drivers\downld\44455074.exe C:\Windows\system32\drivers\downld\448081.exe C:\Windows\system32\drivers\downld\450874.exe C:\Windows\system32\drivers\downld\45457833.exe C:\Windows\system32\drivers\downld\45466366.exe C:\Windows\system32\drivers\downld\45483479.exe C:\Windows\system32\drivers\downld\45508346.exe C:\Windows\system32\drivers\downld\45561683.exe C:\Windows\system32\drivers\downld\45594474.exe C:\Windows\system32\drivers\downld\45624504.exe C:\Windows\system32\drivers\downld\45642912.exe C:\Windows\system32\drivers\downld\462823.exe C:\Windows\system32\drivers\downld\467503.exe C:\Windows\system32\drivers\downld\467644.exe C:\Windows\system32\drivers\downld\467784.exe C:\Windows\system32\drivers\downld\472121.exe C:\Windows\system32\drivers\downld\480358.exe C:\Windows\system32\drivers\downld\486270.exe C:\Windows\system32\drivers\downld\495942.exe C:\Windows\system32\drivers\downld\498251.exe C:\Windows\system32\drivers\downld\511074.exe C:\Windows\system32\drivers\downld\514709.exe C:\Windows\system32\drivers\downld\530091.exe C:\Windows\system32\drivers\downld\60668.exe C:\Windows\system32\drivers\downld\61448.exe C:\Windows\system32\drivers\downld\69451.exe C:\Windows\system32\drivers\downld\69748.exe C:\Windows\system32\drivers\downld\72041.exe C:\Windows\system32\drivers\downld\72275.exe C:\Windows\system32\drivers\downld\75457.exe C:\Windows\system32\drivers\downld\79591.exe C:\Windows\system32\drivers\downld\83039.exe C:\Windows\system32\drivers\downld\86362.exe C:\Windows\system32\drivers\downld\89466.exe C:\Windows\system32\drivers\downld\89731.exe C:\Windows\system32\drivers\downld\90433.exe C:\Windows\system32\drivers\downld\93725.exe C:\Windows\system32\drivers\downld\95566.exe C:\Windows\system32\drivers\downld\979265.exe C:\Windows\system32\drivers\downld\984303.exe C:\Windows\system32\drivers\hldrrr.exe C:\Windows\system32\drivers\mdelk.exe C:\Windows\system32\drivers\srosa.sys C:\Windows\system32\mdelk.exe C:\Windows\system32\wintems.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SROSA ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-14 to 2008-05-14 )))))))))))))))))))))))))))))))))))) . Pas de nouveau fichier cr‚‚ dans cet espace de temps . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-13 22:51 --------- d-----w C:\Program Files\Alwil Software 2008-05-13 22:01 --------- d-----w C:\ProgramData\Spybot - Search & Destroy 2008-05-13 22:01 --------- d-----w C:\Program Files\Spybot - Search & Destroy 2008-05-13 21:27 --------- d-----w C:\Program Files\CCleaner 2008-05-11 20:05 --------- d-----w C:\ProgramData\pixelStorm 2008-05-11 14:27 --------- d-----w C:\Program Files\PpStream Fr 2008-05-11 14:25 --------- d-----w C:\Users\GaWeL\AppData\Roaming\ppStream 2008-05-05 17:20 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys 2008-05-05 17:20 22,328 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrK.sys 2008-05-05 17:20 103,736 ----a-w C:\Users\GaWeL\AppData\Roaming\PnkBstrB.exe 2008-05-05 17:18 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-05 16:59 --------- d-----w C:\Program Files\Activision 2008-05-01 13:25 --------- d-----w C:\ProgramData\Kaspersky Lab Setup Files 2008-05-01 10:42 --------- d-----w C:\Program Files\Apple Software Update 2008-04-20 20:49 --------- d-----w C:\Program Files\pspvideo9 2008-04-20 20:41 319,456 ----a-w C:\Windows\DIFxAPI.dll 2008-04-20 20:41 --------- d-----w C:\Program Files\Realtek 2008-04-14 20:11 --------- d-----w C:\Program Files\AviSynth 2.5 2008-04-10 06:44 --------- d-----w C:\ProgramData\Microsoft Help 2008-04-03 23:00 --------- d--h--r C:\Users\GaWeL\AppData\Roaming\SecuROM 2008-04-03 22:44 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Sports Interactive 2008-04-03 22:39 --------- d--h--w C:\Program Files\Zero G Registry 2008-04-03 22:33 --------- d-----w C:\Program Files\Sports Interactive 2008-04-03 16:04 --------- d-----w C:\Program Files\iTunes 2008-04-03 16:04 --------- d-----w C:\Program Files\iPod 2008-04-03 16:03 --------- d-----w C:\Program Files\QuickTime 2008-03-21 18:43 --------- d-----w C:\Users\GaWeL\AppData\Roaming\Apple Computer 2008-03-20 17:53 --------- d-----w C:\Program Files\Safari 2008-03-16 18:15 --------- d-----w C:\ProgramData\NVIDIA 2008-03-16 04:57 --------- d-----w C:\Users\GaWeL\AppData\Roaming\WinBatch 2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2008-02-04 19:26 82 ----a-w C:\Users\GaWeL\AppData\Roaming\wklnhst.dat 2008-02-04 19:25 47,360 ----a-w C:\Users\GaWeL\AppData\Roaming\pcouffin.sys 2006-11-02 12:50 174 --sha-w C:\Program Files\desktop.ini . ------- Sigcheck ------- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-10 04:01 1232896] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35 125440] "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-05-14 00:01 2097488] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-06-19 00:28 1006264] "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2004-08-02 02:10 688128] "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536] "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 12:59 118784] "RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 11:26 4874240 C:\Windows\RtHDVCpl.exe] "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "VX6000"="C:\Windows\vVX6000.exe" [2007-04-10 14:46 996712] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "HPAIO_PrintFolderMgr"="C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe" [ ] "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 09:23 132624] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 18:59 86016] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 18:59 8473120] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 18:59 81920] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Launcher"="%WINDIR%\SMINST\launcher.exe" [ ] C:\Users\GaWeL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ OneNote 2007 - Capture d'‚cran et lancement.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54 98632] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 17:51 192512] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3072763064-2446227072-4167713054-1000] "EnableNotificationsRef"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{6D627958-CCBC-4F0D-86EA-814307131E64}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{540C4478-A48C-4271-81C8-B312B78F5CD9}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{48ED27BD-4D5C-4483-A8AD-C9C463E81AF8}C:\\program files\\azureus\\azureus.exe"= UDP:C:\program files\azureus\azureus.exe:Azureus "UDP Query User{F941FE5E-E53C-412C-A2D8-0339ACB9EB76}C:\\program files\\azureus\\azureus.exe"= TCP:C:\program files\azureus\azureus.exe:Azureus "{73E54759-DADF-4B25-9ADE-FC0CEC637531}"= Disabled:UDP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{89C5A30E-BA8B-4A1F-A260-6172F1C8EE2C}"= Disabled:TCP:C:\Program Files\devolo\informer\devinf.exe:devolo Informer "{23BF2E3B-7760-4D96-B3F8-59E6955F4804}"= Disabled:UDP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{D66CA116-176E-453F-B9FD-F1F41B96189D}"= Disabled:TCP:C:\Program Files\devolo\easyshare\easyshare.exe:devolo EasyShare "{98DE3049-F1BB-4828-8A84-6411E529D14B}"= UDP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{8FBFFE59-6FDE-4598-A05F-1E5CEC5E7443}"= TCP:C:\Program Files\Microsoft LifeCam\LifeCam.exe:LifeCam.exe "{2C10C3AB-CE1C-4515-96FA-A57BCED63DF5}"= UDP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "{94C8C4C4-8632-4B6C-998D-C1ECFBC63523}"= TCP:C:\Program Files\Microsoft LifeCam\LifeExp.exe:LifeExp.exe "TCP Query User{932CA54F-49E3-4D4A-A864-CCAA54BD20CA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule "UDP Query User{F4F8E69B-40BA-405C-BD82-2237C2AE3463}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule "{77DF3217-5272-47CC-8DBA-1101B32A5D27}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone) "{1F84B188-BFE2-4FD0-9250-88F6BEC8BBEF}"= UDP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{6E30E2E8-F8F9-4295-BF15-28B63DFEDC74}"= TCP:C:\Windows\System32\muzapp.exe:MUZ AOD APP player "{C9581EA9-5CE7-419C-9E74-8C62834DE3D6}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C9A552AD-84B9-42F6-AC47-437E898F82B6}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4D69BB7C-0995-4A56-B788-EDE78F5EDEAF}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B4A249E-4B06-4E73-9D04-B9D0E9E48B68}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{0C8D9FB4-BE31-4A0D-832A-D2E570934E1A}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{1FC82F46-9F77-4191-A7E5-D4B98ACA6646}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{B9622CB5-EB26-4DEF-9F3E-150EB96C78E1}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{61D1E7E4-CE5A-427A-8F94-CC1A104C87B7}"= UDP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{C269D18D-2E5C-4592-8C30-358FEED71359}"= TCP:C:\Program Files\Microsoft ActiveSync\rapimgr.exe:ActiveSync RAPI Manager "{4B1F9833-512C-4D7E-8F61-50B975A705E0}"= UDP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{4B64E45C-5802-40D1-95D5-1F539FB9137E}"= TCP:C:\Program Files\Microsoft ActiveSync\wcescomm.exe:ActiveSync Connection Manager "{D6DD97F8-43B4-43CF-AE3C-A8D541181EA1}"= UDP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{48307B80-3264-46FB-B078-3366468C8810}"= TCP:C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:ActiveSync Application "{3B963C37-3149-41CC-8450-F84F0D87B63F}"= UDP:26675:169.254.2.0/255.255.255.0:ActiveSync Service "{38B24799-AD50-4759-ACDA-A799790B7EA3}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "TCP Query User{78BF92EF-58C0-475F-B36A-C5CB0B0A5E1D}C:\\users\\gawel\\desktop\\viviplay.exe"= UDP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "UDP Query User{DB60AA64-5A66-4A56-9503-278736AB17F1}C:\\users\\gawel\\desktop\\viviplay.exe"= TCP:C:\users\gawel\desktop\viviplay.exe:viviplay.exe "{85107586-3806-4B67-BBC3-C0F9C52DD8A0}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes "{BF23537A-2CAB-4E9F-AA99-698848A1CDB3}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes "{D266B7DB-B012-4802-8B20-F9145C464865}"= UDP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 "{0595A42E-1164-4B80-A380-1DCD8B3FA3B4}"= TCP:C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe:Football Manager 2008 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| R2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;C:\Windows\system32\plcndis5.sys [2004-05-17 11:21] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 11:45] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43] S3 VX6000;Microsoft LifeCam VX-6000;C:\Windows\system32\DRIVERS\VX6000Xp.sys [2007-04-10 14:46] S4 usbprint;Microsoft USB PRINTER Class;C:\Windows\system32\drivers\usbprint.sys [2006-11-02 11:14] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a99a04e-24f8-11dc-80ec-806e6f6e6963}] \shell\AutoRun\command - E:\TOP_QCM.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{533552f4-121f-11dd-94f2-001bb982436e}] \shell\AutoRun\command - H:\nideiect.com \shell\explore\Command - H:\nideiect.com \shell\open\Command - H:\nideiect.com [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{873325f9-71be-11dc-95f5-001bb982436e}] \shell\AutoRun\command - ie.exe \shell\explore\Command - ie.exe \shell\open\Command - ie.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-15 00:32:30 Windows 6.0.6000 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Windows\System32\audiodg.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Windows\System32\PnkBstrA.exe C:\Windows\System32\PnkBstrB.exe C:\Windows\System32\WUDFHost.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Windows\System32\wbem\unsecapp.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\hp\KBD\kbd.exe C:\Windows\System32\conime.exe C:\Windows\System32\dllhost.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-15 0:38:54 - machine was rebooted ComboFix-quarantined-files.txt 2008-05-14 22:38:45 Le texte du message associé au numéro 0x2379 est introuvable dans le fichier de messages pour Application. Le texte du message associ‚ au num‚ro 0x2379 est introuvable dans le fichier de messages pour Application. 582 --- E O F --- 2008-04-16 11:31:58

Quand je clique pour telecharger le logiciel et que je veux enregistrer sur le bureaux ce message apparait: "Vous n'avez pas l'autorisation de modifier les fichiers contenus dans cet amplacement reseau. Contactez l'administrateur pour l'autorisation d'effectuer ces modifications." Donc, étant tres nul, que faire...?

Bonsoir a tous, Je pense etre infecter par un virus car quand j'ouvre certains programme le msg suivant apparait "... pas une application win32 valide", j'avais l'antivirus Avast que je n'arrive plus a ouvrir meme apres l'avoir re installer. Donc j'ai essayer Antivir mais impossible de l'installer. Donc voici mon rapport en espérant qu'on m'aide, petite précision je suis nul en infos !! Merci d'avance. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 01:02:44, on 14/05/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Windows\system32\DllHost.exe C:\Windows\vVX6000.exe C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Windows\ehome\ehtray.exe C:\Windows\System32\mobsync.exe C:\Users\GaWeL\AppData\Roaming\m\flec006.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\hp\kbd\kbd.exe C:\Users\GaWeL\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9QMB2OL2\HiJackThis[1].exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fiberfib.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [VX6000] C:\Windows\vVX6000.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [HPAIO_PrintFolderMgr] C:\Windows\system32\spool\DRIVERS\W32X86\hpoopm07.exe O4 - HKLM\..\Run: [sMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU') O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eB...l_v1-0-3-48.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 10780 bytes