Je suis infecté par le virus Bagle pouvez vous m'aider ?

[didier89]

Bonjour,

 

Je suis sous windows xp pro sp3

Mon antivirus et divers utilitaires de sécurité ne fonctionnent plus et j'ai le message suivant lorsque j'essaye de les lancer :

 

"C:\Program Files\Alwil Software\Avast4\ashavast.exe n'est pas une application win32 valide"

 

Je pense être victime du virus Bagle

 

Je vous joint à ce message les rapportes de différents utilitaires qui ont été demandés dans des postes concernant ce probléme espèrant que cela vous sera utile pour m'aider.

 

En vous remerciant beaucoup par avance pour votre aide

 

Cordialement

 

Didier

 

Rapport de ComboFix:

 

ComboFix 09-03-29.04 - DIDIER 2009-03-30 23:20:58.3 - NTFSx86

Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3199.2732 [GMT 2:00]

Lancé depuis: c:\documents and settings\DIDIER\Bureau\Combo-Fix.exe

AV: avast! antivirus 4.8.1335 [VPS 090328-0] *On-access scanning disabled* (Updated)

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Exécution préalable -------

.

c:\documents and settings\DIDIER\Application Data\cisvc.exe

c:\documents and settings\DIDIER\Application Data\comrepl.exe

c:\documents and settings\DIDIER\Application Data\dllhst3g.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld

c:\documents and settings\DIDIER\Application Data\drivers\downld\100187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\102109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\102140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\103593.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\112796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\114453.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\114828.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\115859.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\117375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\117484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\117781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\121437.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\121484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\130187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\132375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\133031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\134390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\135156.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\136531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\136640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\137046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\137187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\139203.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\141015.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\141062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14896515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14896781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14896796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14913265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14917515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14917937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14933968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14937000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\14939937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15040531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15040765.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15040781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15046296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15046625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15057062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15059578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15059968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15075609.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15078125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15078921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15106062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15108218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15110296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15110609.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15158921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15159687.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15159890.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15166515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15167796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15231531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15232828.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15232859.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\152343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15240140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15241921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15242562.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15266296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15266562.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15270875.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15271359.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15271546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15271984.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15272265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15272796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\152812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15301218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15302078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15302375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15305546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15306234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15364000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15367515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15368171.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15370125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15371593.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15386265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15388671.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15389390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\154078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15423109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15423343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15428437.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15429062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15429203.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15429578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15430296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15430781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\154515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15455968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15456218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\154890.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15492484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15494921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15495140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15525390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15526031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15526265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15536140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15537078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15537171.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15538000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15539406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\155640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15570812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15571687.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15571781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15572296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\15573171.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1582312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1585906.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1585937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1586031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1586062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1597000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1597078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1602281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1602328.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1602703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1620546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1622828.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1623343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1623656.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1624046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\170078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\171968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\172937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1823109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1825906.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1825921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1846765.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1846812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1846875.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1896781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1899437.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1899640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1900187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1900531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1900765.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1917312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1917750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1918109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1918984.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1921921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1926625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1980750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1981218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1981421.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1987453.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1992359.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1992609.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1996296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1996687.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\1996875.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2000187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2000281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2000312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2062234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2062937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2070687.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2071171.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2071781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2084328.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2087875.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2091953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\210375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\210671.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2128015.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2132265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\2132812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\214218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\215640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\215843.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\216296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\216703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\217015.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\244421.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\245734.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\246093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\249312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\250046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\250093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\285562.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\285843.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29474703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29476500.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29487406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29489171.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29489578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29505984.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29508093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29508828.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29616421.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29616703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29616718.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29685515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29686562.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29687140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29687546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29688703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29726656.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29728421.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29728625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29738781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29740546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29804390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29808625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29822484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29824578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29825359.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29921781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29922546.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29923109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29950125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29950781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29974015.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29974359.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\29974375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30002078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30004843.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30005640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30019343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30020312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30020531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30022625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30025625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30026312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30047281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30047781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30047859.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30048218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30050000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\300859.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\301140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30205953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30206234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30346218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30348578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30349046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30350000.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30350718.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30356031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30415421.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30416796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30417046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30421578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30422625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30486531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30488218.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30511328.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30517765.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30518453.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30568750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30569953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30570062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30573437.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30574843.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30578750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30606062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30606390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30606406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30675953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30676984.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30677406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30729515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30730453.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30730531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30731593.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30732468.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\30732640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\308078.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\308671.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\309125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\310109.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\310343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\314140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\314890.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\314921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\323484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\325203.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\325750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\332156.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\332406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\335703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\336906.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\337093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\337531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\338390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\338640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\338687.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\339281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\339484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\342734.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\343515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\355625.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\356734.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\358031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\358781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\367093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\368062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\368281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\371984.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\372750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\372765.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\404906.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\405750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\405953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\407343.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\409281.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\409312.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\409640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\410953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\410968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\419921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\422234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\423531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\423843.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\425187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\425937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\437718.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\438890.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\455500.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\455781.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\455968.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\460640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\461125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\464593.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\465140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\465250.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\465609.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\466234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\466718.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\471703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\472812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\473062.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\475234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\477593.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\491953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\492406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\492703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\493796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\494234.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\494515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\495046.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\495125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\495437.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\496187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\496203.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\505093.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\506531.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\506640.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\507140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\507906.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\508484.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\533718.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\534031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\563796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\564937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\565187.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\603515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\605015.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\605296.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\610703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\617812.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\617921.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\619140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\621265.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\643468.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\644125.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\644203.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\644828.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\645937.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\645953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\666390.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\667406.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\668140.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\700500.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\700796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\773750.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\775796.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\776031.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\811375.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\813515.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\813578.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\813953.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\814703.exe

c:\documents and settings\DIDIER\Application Data\drivers\downld\97109.exe

c:\documents and settings\DIDIER\Application Data\drivers\wfsintwq.sys

c:\documents and settings\DIDIER\Application Data\drivers\winupgro.exe

c:\documents and settings\DIDIER\Application Data\esentutl.exe

c:\documents and settings\DIDIER\Application Data\ieudinit.exe

c:\documents and settings\DIDIER\Application Data\logman.exe

c:\documents and settings\DIDIER\Application Data\m

c:\documents and settings\DIDIER\Application Data\m\flec006.exe

c:\documents and settings\DIDIER\Application Data\m\shared\[sophos.AntiVirus.Enterprise.Solutions.3.92].Sophos.Antivirus.Enterprise.So

lutions.v3.92.part1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\1D Barcode Encode SDK Dynamic Library 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\ActivePager 1.2 (KeyGen).zip

c:\documents and settings\DIDIER\Application Data\m\shared\AIV Startup Protector 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Andrew's Vector Plugins Volume 23 'Zoomlines' 1.0.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Anydvd 6.1.3.0 Clonecd 5.3.0.1 Clonedvd 2.9.0.3 Cloedvd Mobile 1.1.4.0 Patch.zip

c:\documents and settings\DIDIER\Application Data\m\shared\AnyDWG DWG to JPG Converter 2007.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Avoirdupois Weight Measure Converter 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\BackRex Outlook Backup 2.7.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Barcode Generator for Crystal Reports 2006.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Blaze Audio Overdub! 1.0.21.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\BMI-BSA-Dose-X 2.4.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Boxen 2 1.01.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Brochures Bernese Oberland March 2005.zip

c:\documents and settings\DIDIER\Application Data\m\shared\CD Bank Cataloguer Network 2.7.8.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Chronograph 5.5.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Colasoft Capsa Enterprise 6.7 Build 1130.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Conde SEO Tool 7.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Count Down Timer 1.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\CPU.ie Toolbar 4.5.132.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Cute CD DVD Burner 5.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DB Mail Director 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DBOne 2005 Professional build 2005.6.17.2945.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Democracy 1.2b.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Digg News 2.0 2.5.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DigitalNotes Toolbar 1.3.0.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DirectInstall 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DriveSwap32 1.3.7567.zip

c:\documents and settings\DIDIER\Application Data\m\shared\drweb.4.32b.reallll.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DS Pixelate 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\DVD2oneX 1.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Dyna-Editor 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\eBay Keyword Secrets 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Email Address Collector 5.082.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Email Password Recovery Wizard 1.1.1 (With Crack).zip

c:\documents and settings\DIDIER\Application Data\m\shared\eMule Xtreme 6.1 Final.zip

c:\documents and settings\DIDIER\Application Data\m\shared\FabFilter Twin 1.20 Serial.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Flora Antiqa Screensaver 1.0 [Cracked].zip

c:\documents and settings\DIDIER\Application Data\m\shared\FlyTreeXPro 3.0.5 (Key+Serial).zip

c:\documents and settings\DIDIER\Application Data\m\shared\Folder Encryption Dog 2.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Forest Lake 3D Screensaver 1.01.zip

c:\documents and settings\DIDIER\Application Data\m\shared\FortKnox 3.56 (Patch).zip

c:\documents and settings\DIDIER\Application Data\m\shared\Framy Basketball 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Free Mp3 Wma Converter 1.5.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Full Convert Standard SQL Server Edition 1.3 [serial].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Fx Video Capture.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Gastown C# Command Line Parser 1.0.0 (Key).zip

c:\documents and settings\DIDIER\Application Data\m\shared\GdPicture Pro Image OCX 3.9.2 [Key+Serial].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Geisha Screensaver 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Gogame Hamete and Overplay for PocketPC (MIPS) 1.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Hangman 3.6.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Help Explorer Server 1.0 Beta.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Holly Dolly Video Xcoder Max 2.9.2.20.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Huelix Audio Recorder 1.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Icon Central Glass Office Set 1.0 [Cracked].zip

c:\documents and settings\DIDIER\Application Data\m\shared\ID3 Tags Editor ActiveX 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Internet Explorer 4.01 SP2 Scriptlet Rendering Vulnerability Patch.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Juke Box Google Gadget 1.0.0.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Kaspersky.Anti-Virus.6.0.0.303.Deutsch.Key.Bis.25.07.2007.zip

c:\documents and settings\DIDIER\Application Data\m\shared\KeyLaunch 2.1.7 [serial].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Konan Kaps 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Learn To Speak Chinese 3.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 English - Ukrainian 4.1.29.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Link Popularity TV 1.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Lizard Protector 1.1.89.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Lobby Track 3.1.0 [Key+Serial].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Logo Cre8or 0.7.zip

c:\documents and settings\DIDIER\Application Data\m\shared\LookWAYup Sidebar 1.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\LS-CRM 1.53.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Lukup 0.3.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Macromedia Pack.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Maple Reader 7.02.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Mark Twain's Quotes 2.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Massage Tips 1.4.zip

c:\documents and settings\DIDIER\Application Data\m\shared\MB Free Janam Kundali 1.85.zip

c:\documents and settings\DIDIER\Application Data\m\shared\McAfee Rootkit Detective 1.1 Beta.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Mechanical Clock 3D Screensaver 1.0 build 5 Crack.zip

c:\documents and settings\DIDIER\Application Data\m\shared\MemoTicker 3.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Microsoft Digital Image Starter Edition 2006 [Key].zip

c:\documents and settings\DIDIER\Application Data\m\shared\mjBugTracker 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\MMVARI 0.42 Beta.zip

c:\documents and settings\DIDIER\Application Data\m\shared\MsiDiff 08.0.233.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Multi-Media Screensaver 1.1.587.zip

c:\documents and settings\DIDIER\Application Data\m\shared\MusicEase 8.2 (With Crack).zip

c:\documents and settings\DIDIER\Application Data\m\shared\NetJaxer 2.0.6.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Outline3D Offline Version 4.5.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Panda.Antivirus.Platinum.v6.07.00.Incl.Keygen.zip

c:\documents and settings\DIDIER\Application Data\m\shared\PDF Archiver 2006.8.9.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Perfect System Info 1.0 KeyGen.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Plone 3.0 Build 7416.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Princess Tools toolbar for IE 4.5.132.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Quick Memory Editor 4.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Readerware 2.983 (Cracked).zip

c:\documents and settings\DIDIER\Application Data\m\shared\Registry Care 6.2.4.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Reliable E-Mail Alerter 1.1 [Key+Serial].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Request Tracker 3.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\RVBPro 2007 (Key+Serial).zip

c:\documents and settings\DIDIER\Application Data\m\shared\SAFES 1.0 (KeyGen).zip

c:\documents and settings\DIDIER\Application Data\m\shared\SeeBubbles Virtual Aquarium! 1.0.0.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Sentry-go Quick File & Print Monitor 4.6.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Serial Port Redirector 1.3.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Sexy Lucy Pinder Screensaver 1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Shareaholic 1.4.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\ShutDownPlus 1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Software Icons - Professional XP icons for software and web 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Spanish Touch Typing Course 1.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\SplineTech JavaScript HTML Debugger 6.39 Cracked.zip

c:\documents and settings\DIDIER\Application Data\m\shared\SportsBook Patrol Widget 1.2c.zip

c:\documents and settings\DIDIER\Application Data\m\shared\SpyShield 1.6.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Stamp Organizer Deluxe 2.9.zip

c:\documents and settings\DIDIER\Application Data\m\shared\StartupMonitor 1.0.50807.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\sweNyM 1.05f.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Symantec.Norton.Internet.Security.2006.(Italiano).+.Istruzioni.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Text-to-Speech Master 2.3.2.zip

c:\documents and settings\DIDIER\Application Data\m\shared\TexTally Word Line and Character Counter 1.05 [With Crack].zip

c:\documents and settings\DIDIER\Application Data\m\shared\Tigra Menu 2.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\UltimateMenu 1.0 KeyGen.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Unreal Tournament 2003 - Emerald skin.zip

c:\documents and settings\DIDIER\Application Data\m\shared\VB DocuMentor 1.4 KeyGen.zip

c:\documents and settings\DIDIER\Application Data\m\shared\VBrecent 1.13.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Website Monitor Gadget 1.2.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\WinNc.Net 4.5.zip

c:\documents and settings\DIDIER\Application Data\m\shared\WinXp Style Menu 1.0.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Wondershare PPT2Flash Professional 4.2.6.zip

c:\documents and settings\DIDIER\Application Data\m\shared\Word Tetris 1.1.zip

c:\documents and settings\DIDIER\Application Data\m\shared\X-Fonter 6.2 (Patch).zip

c:\documents and settings\DIDIER\Application Data\m\shared\XMP IFilter 2.0 (Patch).zip

c:\documents and settings\DIDIER\Application Data\m\shared\ZipTools 1.2.zip

c:\documents and settings\DIDIER\Application Data\Microsoft\ieudinit.exe

c:\documents divers\Blagues\blagues1\Claude\Desktop_.ini

c:\documents divers\Blagues\blagues1\Desktop_.ini

c:\documents divers\Blagues\blagues1\Françoise\Desktop_.ini

c:\documents divers\Blagues\blagues1\Gilou\Desktop_.ini

c:\documents divers\Blagues\blagues1\Jean\Desktop_.ini

c:\documents divers\Blagues\blagues1\Lydie\Desktop_.ini

c:\documents divers\Blagues\blagues1\pierrot\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Claude et pierrot\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Jean\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Laurent\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Lydie\Desktop_.ini

c:\documents divers\Blagues\Blagues2\Patricia\Desktop_.ini

C:\InfoSat.txt

C:\Muestras

c:\muestras\WINUPGRO.EXE.Muestra EliBagle v12.39

c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

c:\windows\patch.exe

c:\windows\system\mqtgsvc.exe

c:\windows\system\rsvp.exe

c:\windows\system\sessmgr.exe

c:\windows\system32\dumphive.exe

c:\windows\system32\mdelk.exe

c:\windows\system32\Process.exe

c:\windows\system32\SrchSTS.exe

c:\windows\system32\tmp.reg

c:\windows\system32\VCCLSID.exe

c:\windows\system32\wintems.exe

c:\windows\system32\WS2Fix.exe

 

.

((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

-------\Service_SROSA

-------\Legacy_SROSA

-------\Legacy_BOONTY_GAMES

-------\Legacy_SK9OU0S

-------\Service_Boonty Games

-------\Service_sK9Ou0s

 

 

((((((((((((((((((((((((((((( Fichiers créés du 2009-02-28 au 2009-03-30 ))))))))))))))))))))))))))))))))))))

.

 

2009-03-30 22:33 . 2009-03-30 22:33 <REP> d-------- c:\windows\AU_Temp

2009-03-30 22:33 . 2009-03-30 22:33 <REP> d-------- c:\windows\AU_Log

2009-03-30 22:32 . 2009-03-30 22:32 507,904 --a------ c:\windows\TMUPDATE.DLL

2009-03-30 22:32 . 2009-03-30 22:32 69,689 --a------ c:\windows\UNZIP.DLL

2009-03-30 21:39 . 2009-03-30 21:39 <REP> d-------- c:\program files\Common Files

2009-03-29 19:29 . 2008-04-10 11:52 5,174 --a------ c:\windows\system32\nppt9x.vxd

2009-03-29 19:29 . 2008-04-10 11:52 4,682 --a------ c:\windows\system32\npptNT2.sys

2009-03-29 19:21 . 2009-03-30 21:36 <REP> d-------- c:\program files\Lineage II

2009-03-29 19:00 . 2009-03-29 19:00 1,594 --a------ c:\windows\ST6UNST.003

2009-03-29 19:00 . 2009-03-29 19:00 303 --a------ c:\windows\ST6UNST.002

2009-03-29 10:53 . 2009-03-30 22:58 <REP> d--h----- c:\documents and settings\DIDIER\Application Data\drivers

2009-03-28 12:57 . 2009-03-28 12:57 <REP> d-------- c:\program files\MessengerDiscovery 2

2009-03-28 12:57 . 2009-03-28 12:57 <REP> d-------- c:\documents and settings\DIDIER\Application Data\MessengerDiscovery 2

2009-03-22 22:28 . 2009-03-22 22:28 457 --a------ c:\windows\system32\1237753733.(null)

2009-03-21 17:07 . 2009-02-18 15:44 212,711 --a------ c:\windows\system32\nvapps.nvb

2009-03-21 00:25 . 2009-03-21 00:25 41,808 --a--c--- c:\windows\system32\xfcodec.dll

2009-03-19 14:18 . 2009-03-19 14:18 <REP> d-------- c:\program files\BitTorrent Fastest Tool

2009-03-19 14:18 . 2008-10-22 14:01 724,568 --a------ c:\program files\BitTorrent Fastest Toolvlnet3.com_Installer.exe

2009-03-19 12:33 . 2009-03-19 12:33 <REP> d-------- c:\documents and settings\DIDIER\systextures

2009-03-19 12:33 . 2009-03-19 12:33 <REP> d-------- c:\documents and settings\DIDIER\animations

2009-03-19 09:06 . 2009-03-29 10:56 <REP> d-------- c:\program files\PeerGuardian2

2009-03-15 11:44 . 2009-03-15 11:44 56,556 --ah----- c:\windows\system32\mlfcache.dat

2009-03-15 11:33 . 2009-03-15 11:33 <REP> d-------- c:\program files\Safari

2009-03-15 11:00 . 2009-03-15 11:00 <REP> d-------- c:\program files\iTunes

2009-03-15 11:00 . 2009-03-15 11:00 <REP> d-------- c:\program files\iPod

2009-03-15 11:00 . 2009-03-15 11:01 <REP> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

2009-03-07 21:20 . 2009-03-07 21:20 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!

2009-03-06 22:58 . 2009-03-30 20:42 <REP> d-------- c:\documents and settings\DIDIER\.homeplayer

2009-03-06 22:57 . 2009-03-06 22:58 <REP> d-------- c:\program files\HomePlayer

2009-03-06 00:20 . 2009-03-06 00:20 <REP> d-------- c:\program files\FpTest

2009-03-05 16:30 . 2009-02-21 20:05 201,728 --a------ C:\english CV.doc

2009-03-02 20:15 . 2009-03-02 20:15 10,107 --a------ C:\Oui c.docx

2009-02-23 19:58 . 2009-02-23 19:58 53,312 --a------ c:\windows\system32\drivers\pssdklbf.sys

2009-02-23 19:58 . 2009-02-23 19:58 36,928 --a------ c:\windows\system32\drivers\pssdk41.sys

2009-02-23 18:24 . 2009-02-23 18:24 <REP> d-------- c:\program files\Multi_Media_France

2009-02-23 17:02 . 2009-02-25 12:13 57,856 --a------ C:\Tableau anglais.doc

2009-02-22 18:14 . 2009-03-21 17:11 <REP> d-------- c:\windows\nview

2009-02-22 18:14 . 2009-03-21 17:06 <REP> d-------- C:\NVIDIA

2009-02-22 18:14 . 2009-02-17 00:17 453,152 --a------ c:\windows\system32\NVUNINST.EXE

2009-02-22 18:14 . 2009-02-18 15:44 453,152 --a------ c:\windows\system32\nvudisp.exe

2009-02-22 18:14 . 2009-03-30 23:19 207,318 --a------ c:\windows\system32\nvapps.xml

2009-02-22 18:14 . 2009-02-18 15:44 19,021 --a------ c:\windows\system32\nvdisp.nvu

2009-02-22 16:49 . 2009-02-22 16:49 <REP> d-------- c:\documents and settings\DIDIER\Application Data\Uniblue

2009-02-20 16:24 . 2009-02-20 16:24 <REP> d-------- c:\program files\LEA

2009-02-20 16:24 . 2009-02-20 16:45 <REP> d-------- c:\documents and settings\DIDIER\Application Data\SoftPlug

2009-02-20 16:24 . 2009-02-20 16:24 <REP> d-------- c:\documents and settings\DIDIER\Application Data\LEA

2009-02-20 16:23 . 2009-02-20 16:23 <REP> d-------- c:\program files\WinPcap

2009-02-18 19:45 . 2009-02-18 19:45 <REP> d-------- c:\documents and settings\DIDIER\Application Data\Ubisoft

2009-02-18 19:45 . 2009-02-18 19:45 <REP> d-------- c:\documents and settings\All Users\Application Data\Ubisoft

2009-02-18 15:44 . 2009-02-18 15:44 1,253,376 --a------ c:\windows\system32\NvPVEnc.ax

2009-02-18 15:44 . 2009-02-18 15:44 401,408 --a------ c:\windows\system32\nvcuvid.dll

2009-02-14 14:54 . 1999-01-25 13:00 143,872 --------- c:\windows\system32\iacenc.dll

2009-02-14 14:54 . 1999-01-25 13:00 56,832 --------- c:\windows\system32\iyvu9_32.dll

2009-02-14 14:53 . 2009-02-14 14:53 <REP> d-------- c:\program files\Microsoft Games

2009-02-10 13:58 . 2009-02-10 13:58 <REP> d-------- c:\documents and settings\DIDIER\Application Data\ubi.com

2009-02-10 13:57 . 2009-02-10 13:59 <REP> d-------- c:\program files\ubi.com

2009-02-10 13:57 . 2009-02-10 13:57 <REP> d-------- c:\program files\Fichiers communs\PocketSoft

2009-02-10 13:57 . 2001-04-12 19:00 182,272 --a------ c:\windows\patchw32.dll

2009-02-10 13:46 . 2009-02-10 14:06 <REP> d-------- c:\program files\Red Storm Entertainment

2009-02-04 16:46 . 2009-02-01 15:14 4,728,847 --a------ C:\Montage danse Gackt+Naruto.mp3

2009-02-01 14:15 . 2009-03-29 21:02 <REP> d-------- C:\ComboFix

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-03-30 21:18 0 -c--a-w c:\windows\system32\drivers\lvuvc.hs

2009-03-30 20:27 --------- d-----w c:\documents and settings\DIDIER\Application Data\MailWasherPro

2009-03-30 18:10 --------- d-----w c:\program files\Diablo II

2009-03-30 09:28 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater

2009-03-29 17:21 --------- d--h--w c:\program files\InstallShield Installation Information

2009-03-29 17:00 73,216 ----a-w c:\windows\ST6UNST.EXE

2009-03-29 17:00 249,856 ------w c:\windows\Setup1.exe

2009-03-29 08:58 --------- d-----w c:\program files\Xfire

2009-03-29 08:51 --------- d-----w c:\documents and settings\DIDIER\Application Data\Azureus

2009-03-28 18:59 --------- d-----w c:\documents and settings\DIDIER\Application Data\Xfire

2009-03-28 11:03 --------- d-----w c:\program files\MessengerDiscovery

2009-03-27 08:03 --------- d-----w c:\program files\ma-config.com

2009-03-27 08:03 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com

2009-03-21 12:49 --------- d-----w c:\program files\Electronic Arts

2009-03-21 11:48 4,102 -c--a-w c:\windows\system32\ealregsnapshot1.reg

2009-03-20 17:49 --------- d-----w c:\program files\Tomtomax Maxi-Box

2009-03-19 12:40 --------- d-----w c:\program files\CCleaner

2009-03-15 12:23 --------- d-----w c:\documents and settings\DIDIER\Application Data\Canon

2009-03-15 09:00 --------- d-----w c:\program files\Fichiers communs\Apple

2009-03-14 11:59 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment

2009-03-13 11:16 --------- d-----w c:\program files\PhotoFiltre Studio

2009-03-11 18:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-07 19:15 --------- d-----w c:\program files\Messenger Plus! Live

2009-03-05 16:06 --------- d-----w c:\program files\Bonjour

2009-03-02 19:14 138,512 -c--a-w c:\windows\system32\drivers\PnkBstrK.sys

2009-03-02 19:13 201,440 -c--a-w c:\windows\system32\PnkBstrB.exe

2009-03-02 17:41 --------- d-----w c:\program files\StuffPlug3

2009-02-28 23:29 --------- d-----w c:\program files\eMule

2009-02-28 19:56 --------- d-----w c:\program files\Microsoft Silverlight

2009-02-28 08:56 --------- d-----w c:\program files\Azureus

2009-02-18 19:35 --------- d-----w c:\program files\Windows Live Safety Center

2009-02-09 14:05 1,846,912 ----a-w c:\windows\system32\win32k.sys

2009-02-08 15:09 --------- d-----w c:\program files\QuickTime

2009-01-17 08:22 812,344 ----a-w C:\HJTInstall.exe

2009-01-16 09:30 15,755 ----a-w c:\windows\system32\LSHPRN.EXE

2008-12-20 22:47 826,368 ----a-w c:\windows\system32\wininet.dll

2008-12-12 10:18 87,336 ----a-w c:\windows\system32\dns-sd.exe

2008-12-12 10:11 61,440 ----a-w c:\windows\system32\dnssd.dll

2008-12-10 06:33 410,984 ----a-w c:\windows\system32\deploytk.dll

2008-12-08 11:53 57,344 ----a-w c:\windows\system32\ff_vfw.dll

2008-12-05 06:57 144,896 ----a-w c:\windows\system32\schannel.dll

2008-12-01 11:24 107,888 -c--a-w c:\windows\system32\CmdLineExt.dll

2008-12-01 11:12 66,872 ----a-w c:\windows\system32\PnkBstrA.exe

2008-12-01 11:12 22,328 ----a-w c:\documents and settings\DIDIER\Application Data\PnkBstrK.sys

2008-12-01 11:12 2,250,024 ----a-w c:\windows\system32\pbsvc.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\sessmgr.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\rsvp.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mstsc.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mstinit.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mqtgsvc.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\cmstp.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\clipsrv.exe

2008-11-16 12:44 2,951 ----a-w c:\documents and settings\DIDIER\settings.bin

2008-06-24 17:00 5,250,856 -c--a-w c:\program files\vnc-P4_4_2-x86_x64_win32.exe

2002-07-26 16:02 153,088 -c--a-w c:\program files\UNWISE.EXE

2007-12-25 23:35 56 -csh--r c:\windows\system32\BB5F9E300F.sys

2007-10-04 09:32 5 -csha-w c:\windows\system32\cbaa7_s.dll

2007-12-25 23:35 1,890 -csha-w c:\windows\system32\KGyGaAvL.sys

2008-10-15 10:31 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101520081016\index.dat

.

 

((((((((((((((((((((((((((((( SnapShot_2009-03-30_23.03.47.54 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-03-30 20:58:05 72,288 ----a-w c:\windows\system32\perfc009.dat

+ 2009-03-30 21:23:46 72,288 ----a-w c:\windows\system32\perfc009.dat

- 2009-03-30 20:58:05 85,936 ----a-w c:\windows\system32\perfc00C.dat

+ 2009-03-30 21:23:47 85,936 ----a-w c:\windows\system32\perfc00C.dat

- 2009-03-30 20:58:05 444,664 ----a-w c:\windows\system32\perfh009.dat

+ 2009-03-30 21:23:47 444,664 ----a-w c:\windows\system32\perfh009.dat

- 2009-03-30 20:58:05 513,910 ----a-w c:\windows\system32\perfh00C.dat

+ 2009-03-30 21:23:47 513,910 ----a-w c:\windows\system32\perfh00C.dat

+ 2009-03-30 21:19:13 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_740.dat

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}"= "c:\program files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]

 

[HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]

2008-03-13 11:30 1524248 --a------ c:\program files\blueshirtstudio\tbblue.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}"= "c:\program files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]

 

[HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{BFCDCEBE-E1FB-40F9-B4E2-7BB1138EF76C}"= "c:\program files\blueshirtstudio\tbblue.dll" [2008-03-13 1524248]

 

[HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [bU]

"Eraser"="c:\progra~1\Eraser\eraser.exe" [2007-07-28 277328]

"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-02-06 3325952]

"RayV"="c:\program files\SPECIAL INTERNET TV\RayV\RayV.exe" [2008-09-07 3708200]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 222080]

"TViXNetShare"="c:\program files\DVICO\TViXNetShare\TViXNetShare.exe" [2008-06-25 883200]

"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [bU]

"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2009-03-30 1432064]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Auto EPSON Stylus Photo R240 Series sur DIDIER-P0NCSG1Z"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]

"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]

"SW24"="c:\windows\system32\sw24.exe" [2005-07-04 69632]

"SW20"="c:\windows\system32\sw20.exe" [2005-06-29 212992]

"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]

"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]

"AsusStartupHelp"="c:\program files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 363008]

"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-02-06 177472]

"Ai Quicker Help"="c:\program files\ASUS\ASUS DH Remote\AsRc.exe" [2006-11-09 3165696]

"36X Raid Configurer"="c:\windows\System32\JMRaidSetup.exe" [2006-11-16 1953792]

"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]

"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2004-09-13 1450096]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-03-30 81000]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 c:\windows\RTHDCPL.exe]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-03-10 c:\windows\KHALMNPR.Exe]

"nwiz"="nwiz.exe" [2009-02-18 c:\windows\system32\nwiz.exe]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Hawking Wireless Utility.lnk - c:\program files\Hawking\Common\RaUI.exe [2008-05-17 651264]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"MemCheckBoxInRunDlg"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

"NoWelcomeScreen"= 1 (0x1)

"NoStrCmpLogical"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.HFYU"= huffyuv.dll

"vidc.DIV3"= DivXc32.dll

"vidc.DIV4"= DivXc32f.dll

"msacm.divxa32"= DivXa32.acm

"VIDC.PIM1"= pclepim1.dll

"VIDC.XFR1"= xfcodec.dll

"VIDC.MJPX"= PICVideo MJPEG Codec

"VIDC.MJPG"= Pvmjpg30.dll

"VIDC.I420"= vdrcodec.dll

"msacm.ac3filter"= ac3filter.acm

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0lsdelete

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

--a------ 2009-03-30 22:23 81000 c:\progra~1\ALWILS~1\Avast4\ashDisp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

"DisablePagingExecutive"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Documents and Settings\\DIDIER\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=

"c:\\WINDOWS\\system32\\dxdiag.exe"=

"c:\\Program Files\\ASUS\\ASUSUpdate\\Update.exe"=

"c:\\Program Files\\Mumble\\murmur.exe"=

"c:\\Program Files\\Soulseek-Test\\slsk.exe"=

"c:\\Program Files\\Xfire\\xfire.exe"=

"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

"c:\\Program Files\\SPECIAL INTERNET TV\\RayV\\RayV.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\DVICO\\TViXNetShare\\TViXNetShare.exe"=

"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=

"c:\\Program Files\\Diablo II\\Diablo II.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=

"c:\\Program Files\\LEA\\SoftPlug\\V3.1\\SoftPlug.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=

"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"4662:TCP"= 4662:TCP:eMule

"4672:UDP"= 4672:UDP:Emule

"5900:TCP"= 5900:TCP:vnc

"5800:TCP"= 5800:TCP:VNC

"6112:TCP"= 6112:TCPiablo

"8080:TCP"= 8080:TCP:8080

"8080:UDP"= 8080:UDP:8080

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 OODrvled;OODrvled;c:\windows\system32\drivers\OODrvled.sys [2005-02-28 15488]

S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys --> c:\windows\system32\drivers\pavboot.sys [?]

S1 aswSP;avast! Self Protection; [x]

S1 M9207;LifeView M9207 USB Digital TV BOX;c:\windows\system32\drivers\M9207BDA.sys [2007-10-03 36096]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]

S2 Netiris;Netiris Agent;c:\program files\Captel\Netiris\agent.exe [2003-03-04 176128]

S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [2003-12-31 18848]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512]

S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2009-02-23 36928]

S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.sys [2009-02-23 53312]

S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\D

---------------------------------------------------------------------------------------------------------------------------------------------------------------

 

 

 

 

Maintenant voici le rapport d'un scan en ligne avec Kaspresky :

 

-------------------------------------------------------------------------------

KASPERSKY ON-LINE SCANNER REPORT

Tuesday, March 31, 2009 9:40:01 PM

Système d'exploitation : Microsoft Windows XP Professional, Service Pack 3 (Build 2600)

Kaspersky On-line Scanner version : 5.0.84.2

Dernière mise à jour de la base antivirus Kaspersky : 31/03/2009

Enregistrements dans la base antivirus Kaspersky : 1989750

-------------------------------------------------------------------------------

 

Paramètres d'analyse:

Analyser avec la base antivirus suivante: étendue

Analyser les archives: vrai

Analyser les bases de messagerie: vrai

 

Cible de l'analyse - Poste de travail:

A:\

C:\

D:\

E:\

F:\

I:\

J:\

K:\

L:\

 

Statistiques de l'analyse:

Total d'objets analysés: 213310

Nombre de virus trouvés: 26

Nombre d'objets infectés: 378 / 0

Nombre d'objets suspects: 0

Durée de l'analyse: 02:34:27

 

Nom de l'objet infecté / Nom du virus / Dernière action

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

C:\Documents and Settings\All Users\Application Data\Nero\Nero BackItUp 4\Cache\BIU1.txt L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Cookies\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi/_AB18C1B2C08CDE35AFB57346A4551D9A/_255311685EC0439E9B51F19CA2877AB9 Infecté : Trojan-Downloader.Win32.Zlob.meq ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi/_AB18C1B2C08CDE35AFB57346A4551D9A Infecté : Trojan-Downloader.Win32.Zlob.meq ignoré

C:\Documents and Settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi Embedded: infecté - 2 ignoré

C:\Documents and Settings\DIDIER\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Historique\History.IE5\MSHist012009033120090401\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier\Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier\Controler 1.33.plsc ZIP: infecté - 1 ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier\ProjectFloodV3.exe Infecté : HackTool.Win32.Flooder.j ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier\wizz.plsc/huhu_ctrl.js Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier\wizz.plsc ZIP: infecté - 1 ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\Controler.RAR/Controler 1.33.plsc/Huhu Ctrler 1.33.js Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\Controler.RAR/Controler 1.33.plsc Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\Controler.RAR RAR: infecté - 2 ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\ProjectFlood(www.MsnTrucAstuce.fr).zip/ProjectFloodV3.exe Infecté : HackTool.Win32.Flooder.j ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\ProjectFlood(www.MsnTrucAstuce.fr).zip ZIP: infecté - 1 ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\ScriptPirateContact.RAR/Dégradé.plsc/huhu_ctrl.js Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\ScriptPirateContact.RAR/Dégradé.plsc Infecté : Backdoor.JS.Agent.a ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\ScriptPirateContact.RAR RAR: infecté - 2 ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\Universal1337_account_ste3.rar/Universal1337_account stealerV3.exe Infecté : Trojan-Dropper.Win32.VB.afv ignoré

C:\Documents and Settings\DIDIER\Mes documents\Mes images\image maxence\Nouveau dossier 2(2)\Universal1337_account_ste3.rar RAR: infecté - 1 ignoré

C:\Documents and Settings\DIDIER\ntuser.dat L'objet est verrouillé ignoré

C:\Documents and Settings\DIDIER\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

C:\Documents Divers\Programmes téléchargé\VNC\vnc-4_1_1-x86_win32.exe/file1 Infecté : not-a-virus:RemoteAdmin.Win32.WinVNC.4110 ignoré

C:\Documents Divers\Programmes téléchargé\VNC\vnc-4_1_1-x86_win32.exe/file3 Infecté : not-a-virus:RemoteAdmin.Win32.WinVNC.4 ignoré

C:\Documents Divers\Programmes téléchargé\VNC\vnc-4_1_1-x86_win32.exe Inno: infecté - 2 ignoré

C:\Films\Jeux\Free Billiards 2008.zip/Free Billiards 2008/Unreg.exe Infecté : not-a-virusSWTool.Win32.FirePass.dp ignoré

C:\Films\Jeux\Free Billiards 2008.zip ZIP: infecté - 1 ignoré

C:\Films\Logiciels\Avid Liquid 7 (multilanguages)+crack+SP1+SP2.rar/Avid Liquid 7 (multilanguages)+crack+SP1+SP2/Avid Liquid 7 (multilanguages)+crack+SP1+SP2/4 Crack_Title Deko/TitleDekoPro.v2.0/keygen.exe Infecté : Packed.Win32.Krap.b ignoré

C:\Films\Logiciels\Avid Liquid 7 (multilanguages)+crack+SP1+SP2.rar/Avid Liquid 7 (multilanguages)+crack+SP1+SP2/Avid Liquid 7 (multilanguages)+crack+SP1+SP2/Avid Partie 2/4 Crack_Title Deko/TitleDekoPro.v2.0/keygen.exe Infecté : Packed.Win32.Krap.b ignoré

C:\Films\Logiciels\Avid Liquid 7 (multilanguages)+crack+SP1+SP2.rar RAR: infecté - 2 ignoré

C:\Films\Logiciels\RockXP4.rar/RockXP4.exe/pwdump2/pwdump2.exe Infecté : not-a-virusSWTool.Win32.PWDump.2 ignoré

C:\Films\Logiciels\RockXP4.rar/RockXP4.exe/pwdump2/samdump.dll Infecté : not-a-virusSWTool.Win32.PWDump.2 ignoré

C:\Films\Logiciels\RockXP4.rar/RockXP4.exe/RockXP4_.exe Infecté : not-a-virusSWTool.Win32.RAS.k ignoré

C:\Films\Logiciels\RockXP4.rar/RockXP4.exe Infecté : not-a-virusSWTool.Win32.RAS.k ignoré

C:\Films\Logiciels\RockXP4.rar RAR: infecté - 4 ignoré

C:\Films\Logiciels\xp-logger.rar/xp-snifer/installer.exe/script.au3 Infecté : Worm.Win32.AutoIt.jo ignoré

C:\Films\Logiciels\xp-logger.rar/xp-snifer/installer.exe/log.exe Infecté : Trojan-Dropper.Win32.Agent.afpc ignoré

C:\Films\Logiciels\xp-logger.rar/xp-snifer/installer.exe Infecté : Trojan-Dropper.Win32.Agent.afpc ignoré

C:\Films\Logiciels\xp-logger.rar RAR: infecté - 3 ignoré

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\sw_ae-20090330-231917.log L'objet est verrouillé ignoré

C:\Program Files\BitTorrent Fastest Tool\dw.exe/MsgUpdate.dll Infecté : not-a-virus:AdWare.Win32.Agent.lzd ignoré

C:\Program Files\BitTorrent Fastest Tool\dw.exe RAR: infecté - 1 ignoré

C:\Program Files\CEDP Stealer 6.0 for Messenger\CEDP.Stealer.exe Infecté : Trojan-Spy.Win32.BJCG.f ignoré

C:\Program Files\mIRC\backup\mirc.exe Infecté : not-a-virus:Client-IRC.Win32.mIRC.621 ignoré

C:\Program Files\mIRC\mirc.exe Infecté : not-a-virus:Client-IRC.Win32.mIRC.621 ignoré

C:\Program Files\RealVNC\VNC4\vncconfig.exe Infecté : not-a-virus:RemoteAdmin.Win32.WinVNC.ad ignoré

C:\Program Files\RealVNC\VNC4\winvnc4.exe Infecté : not-a-virus:RemoteAdmin.Win32.WinVNC.ad ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\drivers\winupgro.exe.vir Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\drivers\_wfsintwq_.sys.zip/wfsintwq.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\drivers\_wfsintwq_.sys.zip ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\flec006.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\1D Barcode Encode SDK Dynamic Library 1.0.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\1D Barcode Encode SDK Dynamic Library 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ActivePager 1.2 (KeyGen).zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ActivePager 1.2 (KeyGen).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\AIV Startup Protector 1.0.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\AIV Startup Protector 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Andrew's Vector Plugins Volume 23 'Zoomlines' 1.0.0.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Andrew's Vector Plugins Volume 23 'Zoomlines' 1.0.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Anydvd 6.1.3.0 Clonecd 5.3.0.1 Clonedvd 2.9.0.3 Cloedvd Mobile 1.1.4.0 Patch.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Anydvd 6.1.3.0 Clonecd 5.3.0.1 Clonedvd 2.9.0.3 Cloedvd Mobile 1.1.4.0 Patch.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\AnyDWG DWG to JPG Converter 2007.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\AnyDWG DWG to JPG Converter 2007.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Avoirdupois Weight Measure Converter 1.0.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Avoirdupois Weight Measure Converter 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\BackRex Outlook Backup 2.7.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\BackRex Outlook Backup 2.7.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Barcode Generator for Crystal Reports 2006.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Barcode Generator for Crystal Reports 2006.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Blaze Audio Overdub! 1.0.21.0.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Blaze Audio Overdub! 1.0.21.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\BMI-BSA-Dose-X 2.4.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\BMI-BSA-Dose-X 2.4.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Boxen 2 1.01.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Boxen 2 1.01.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Brochures Bernese Oberland March 2005.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Brochures Bernese Oberland March 2005.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\CD Bank Cataloguer Network 2.7.8.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\CD Bank Cataloguer Network 2.7.8.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Chronograph 5.5.zip.vir/patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Chronograph 5.5.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Colasoft Capsa Enterprise 6.7 Build 1130.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Colasoft Capsa Enterprise 6.7 Build 1130.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Conde SEO Tool 7.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Conde SEO Tool 7.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Count Down Timer 1.1.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Count Down Timer 1.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\CPU.ie Toolbar 4.5.132.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\CPU.ie Toolbar 4.5.132.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Cute CD DVD Burner 5.3.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Cute CD DVD Burner 5.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DB Mail Director 1.0.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DB Mail Director 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DBOne 2005 Professional build 2005.6.17.2945.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DBOne 2005 Professional build 2005.6.17.2945.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Democracy 1.2b.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Democracy 1.2b.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Digg News 2.0 2.5.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Digg News 2.0 2.5.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DigitalNotes Toolbar 1.3.0.0.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DigitalNotes Toolbar 1.3.0.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DirectInstall 1.0.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DirectInstall 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DriveSwap32 1.3.7567.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DriveSwap32 1.3.7567.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\drweb.4.32b.reallll.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\drweb.4.32b.reallll.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DS Pixelate 1.0.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DS Pixelate 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DVD2oneX 1.3.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\DVD2oneX 1.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Dyna-Editor 1.0.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Dyna-Editor 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\eBay Keyword Secrets 1.0.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\eBay Keyword Secrets 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Email Address Collector 5.082.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Email Address Collector 5.082.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Email Password Recovery Wizard 1.1.1 (With Crack).zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Email Password Recovery Wizard 1.1.1 (With Crack).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\eMule Xtreme 6.1 Final.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\eMule Xtreme 6.1 Final.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FabFilter Twin 1.20 Serial.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FabFilter Twin 1.20 Serial.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Flora Antiqa Screensaver 1.0 [Cracked].zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Flora Antiqa Screensaver 1.0 [Cracked].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FlyTreeXPro 3.0.5 (Key+Serial).zip.vir/patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FlyTreeXPro 3.0.5 (Key+Serial).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Folder Encryption Dog 2.2.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Folder Encryption Dog 2.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Forest Lake 3D Screensaver 1.01.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Forest Lake 3D Screensaver 1.01.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FortKnox 3.56 (Patch).zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\FortKnox 3.56 (Patch).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Framy Basketball 1.0.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Framy Basketball 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Free Mp3 Wma Converter 1.5.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Free Mp3 Wma Converter 1.5.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Full Convert Standard SQL Server Edition 1.3 [serial].zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Full Convert Standard SQL Server Edition 1.3 [serial].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Fx Video Capture.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Fx Video Capture.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Gastown C# Command Line Parser 1.0.0 (Key).zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Gastown C# Command Line Parser 1.0.0 (Key).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\GdPicture Pro Image OCX 3.9.2 [Key+Serial].zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\GdPicture Pro Image OCX 3.9.2 [Key+Serial].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Geisha Screensaver 1.0.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Geisha Screensaver 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Gogame Hamete and Overplay for PocketPC (MIPS) 1.1.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Gogame Hamete and Overplay for PocketPC (MIPS) 1.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Hangman 3.6.2.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Hangman 3.6.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Help Explorer Server 1.0 Beta.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Help Explorer Server 1.0 Beta.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Holly Dolly Video Xcoder Max 2.9.2.20.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Holly Dolly Video Xcoder Max 2.9.2.20.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Huelix Audio Recorder 1.2.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Huelix Audio Recorder 1.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Icon Central Glass Office Set 1.0 [Cracked].zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Icon Central Glass Office Set 1.0 [Cracked].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ID3 Tags Editor ActiveX 1.0.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ID3 Tags Editor ActiveX 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Internet Explorer 4.01 SP2 Scriptlet Rendering Vulnerability Patch.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Internet Explorer 4.01 SP2 Scriptlet Rendering Vulnerability Patch.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Juke Box Google Gadget 1.0.0.0.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Juke Box Google Gadget 1.0.0.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Kaspersky.Anti-Virus.6.0.0.303.Deutsch.Key.Bis.25.07.2007.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Kaspersky.Anti-Virus.6.0.0.303.Deutsch.Key.Bis.25.07.2007.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\KeyLaunch 2.1.7 [serial].zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\KeyLaunch 2.1.7 [serial].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Konan Kaps 1.0.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Konan Kaps 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Learn To Speak Chinese 3.3.zip.vir/patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Learn To Speak Chinese 3.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 English - Ukrainian 4.1.29.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LingvoSoft Talking Dictionary 2008 English - Ukrainian 4.1.29.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Link Popularity TV 1.3.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Link Popularity TV 1.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lizard Protector 1.1.89.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lizard Protector 1.1.89.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lobby Track 3.1.0 [Key+Serial].zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lobby Track 3.1.0 [Key+Serial].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Logo Cre8or 0.7.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Logo Cre8or 0.7.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LookWAYup Sidebar 1.2.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LookWAYup Sidebar 1.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LS-CRM 1.53.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\LS-CRM 1.53.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lukup 0.3.0.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Lukup 0.3.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Macromedia Pack.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Macromedia Pack.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Maple Reader 7.02.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Maple Reader 7.02.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Mark Twain's Quotes 2.1.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Mark Twain's Quotes 2.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Massage Tips 1.4.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Massage Tips 1.4.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MB Free Janam Kundali 1.85.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MB Free Janam Kundali 1.85.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\McAfee Rootkit Detective 1.1 Beta.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\McAfee Rootkit Detective 1.1 Beta.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Mechanical Clock 3D Screensaver 1.0 build 5 Crack.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Mechanical Clock 3D Screensaver 1.0 build 5 Crack.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MemoTicker 3.0.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MemoTicker 3.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Microsoft Digital Image Starter Edition 2006 [Key].zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Microsoft Digital Image Starter Edition 2006 [Key].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\mjBugTracker 1.0.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\mjBugTracker 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MMVARI 0.42 Beta.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MMVARI 0.42 Beta.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MsiDiff 08.0.233.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MsiDiff 08.0.233.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Multi-Media Screensaver 1.1.587.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Multi-Media Screensaver 1.1.587.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MusicEase 8.2 (With Crack).zip.vir/patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\MusicEase 8.2 (With Crack).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\NetJaxer 2.0.6.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\NetJaxer 2.0.6.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Outline3D Offline Version 4.5.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Outline3D Offline Version 4.5.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Panda.Antivirus.Platinum.v6.07.00.Incl.Keygen.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Panda.Antivirus.Platinum.v6.07.00.Incl.Keygen.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\PDF Archiver 2006.8.9.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\PDF Archiver 2006.8.9.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Perfect System Info 1.0 KeyGen.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Perfect System Info 1.0 KeyGen.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Plone 3.0 Build 7416.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Plone 3.0 Build 7416.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Princess Tools toolbar for IE 4.5.132.0.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Princess Tools toolbar for IE 4.5.132.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Quick Memory Editor 4.2.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Quick Memory Editor 4.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Readerware 2.983 (Cracked).zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Readerware 2.983 (Cracked).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Registry Care 6.2.4.3.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Registry Care 6.2.4.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Reliable E-Mail Alerter 1.1 [Key+Serial].zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Reliable E-Mail Alerter 1.1 [Key+Serial].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Request Tracker 3.1.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Request Tracker 3.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\RVBPro 2007 (Key+Serial).zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\RVBPro 2007 (Key+Serial).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SAFES 1.0 (KeyGen).zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SAFES 1.0 (KeyGen).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SeeBubbles Virtual Aquarium! 1.0.0.0.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SeeBubbles Virtual Aquarium! 1.0.0.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Sentry-go Quick File & Print Monitor 4.6.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Sentry-go Quick File & Print Monitor 4.6.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Serial Port Redirector 1.3.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Serial Port Redirector 1.3.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Sexy Lucy Pinder Screensaver 1.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Sexy Lucy Pinder Screensaver 1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Shareaholic 1.4.1.zip.vir/install.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Shareaholic 1.4.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ShutDownPlus 1.zip.vir/patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ShutDownPlus 1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Software Icons - Professional XP icons for software and web 1.0.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Software Icons - Professional XP icons for software and web 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Spanish Touch Typing Course 1.1.zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Spanish Touch Typing Course 1.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SplineTech JavaScript HTML Debugger 6.39 Cracked.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SplineTech JavaScript HTML Debugger 6.39 Cracked.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SportsBook Patrol Widget 1.2c.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SportsBook Patrol Widget 1.2c.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SpyShield 1.6.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\SpyShield 1.6.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Stamp Organizer Deluxe 2.9.zip.vir/install_patch.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Stamp Organizer Deluxe 2.9.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\StartupMonitor 1.0.50807.0.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\StartupMonitor 1.0.50807.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\sweNyM 1.05f.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\sweNyM 1.05f.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Symantec.Norton.Internet.Security.2006.(Italiano).+.Istruzioni.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Symantec.Norton.Internet.Security.2006.(Italiano).+.Istruzioni.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Text-to-Speech Master 2.3.2.zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Text-to-Speech Master 2.3.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\TexTally Word Line and Character Counter 1.05 [With Crack].zip.vir/install_crack.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\TexTally Word Line and Character Counter 1.05 [With Crack].zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Tigra Menu 2.0.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Tigra Menu 2.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\UltimateMenu 1.0 KeyGen.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\UltimateMenu 1.0 KeyGen.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Unreal Tournament 2003 - Emerald skin.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Unreal Tournament 2003 - Emerald skin.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\VB DocuMentor 1.4 KeyGen.zip.vir/key_gen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\VB DocuMentor 1.4 KeyGen.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\VBrecent 1.13.zip.vir/keygen.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\VBrecent 1.13.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Website Monitor Gadget 1.2.0.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Website Monitor Gadget 1.2.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\WinNc.Net 4.5.zip.vir/run.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\WinNc.Net 4.5.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\WinXp Style Menu 1.0.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\WinXp Style Menu 1.0.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Wondershare PPT2Flash Professional 4.2.6.zip.vir/crac.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Wondershare PPT2Flash Professional 4.2.6.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Word Tetris 1.1.zip.vir/serial.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\Word Tetris 1.1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\X-Fonter 6.2 (Patch).zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\X-Fonter 6.2 (Patch).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\XMP IFilter 2.0 (Patch).zip.vir/setup.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\XMP IFilter 2.0 (Patch).zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ZipTools 1.2.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\ZipTools 1.2.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\[sophos.AntiVirus.Enterprise.Solutions.3.92].Sophos.Antivirus.Enterprise.So

lutions.v3.92.part1.zip.vir/key_generator.exe Infecté : Trojan-Downloader.Win32.Bagle.apx ignoré

C:\QooBox\Quarantine\C\Documents and Settings\DIDIER\Application Data\m\shared\[sophos.AntiVirus.Enterprise.Solutions.3.92].Sophos.Antivirus.Enterprise.So

lutions.v3.92.part1.zip.vir ZIP: infecté - 1 ignoré

C:\QooBox\Quarantine\C\Muestras\WINUPGRO.EXE.Muestra EliBagle v12.39.vir Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\QooBox\Quarantine\C\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe.vir Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP379\A0095479.exe Infecté : Trojan-Downloader.Win32.Agent.te ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP433\A0108854.exe Infecté : Trojan-Dropper.Win32.VB.se ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP434\A0108873.EXE Infecté : Hoax.Win32.BadJoke.Stript ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP434\A0108875.exe Infecté : Hoax.Win32.BadJoke.JepRuss ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP467\A0115385.exe Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP468\A0115429.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP468\A0115430.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0117448.exe/sapfile.exe Infecté : Hoax.Win32.BadJoke.JepRuss ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0117448.exe RAR: infecté - 1 ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0117457.exe/MONEY.EXE Infecté : Hoax.Win32.BadJoke.Stript ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0117457.exe RAR: infecté - 1 ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0119616.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0119623.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0119636.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0119637.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119661.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119671.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119691.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119708.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119717.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119736.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119757.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119769.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119770.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119771.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119810.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119811.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119827.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120091.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120399.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120429.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120453.exe Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120458.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120459.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120462.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120471.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120472.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121483.sys Infecté : Trojan-Downloader.Win32.Bagle.apn ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121487.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121488.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121489.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121492.exe Infecté : Trojan.Win32.Agent.bptr ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121493.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121494.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121495.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121496.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121497.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121498.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121499.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121500.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121501.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121502.exe Infecté : Email-Worm.Win32.Bagle.majc ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121503.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121504.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121505.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121506.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121507.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121508.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121509.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121510.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121511.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121512.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121513.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121514.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121515.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121516.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121517.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\A0121613.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\A0121618.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\A0122015.exe Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\A0122019.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\A0122024.exe Infecté : Trojan-Downloader.Win32.Bagle.apv ignoré

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP471\change.log L'objet est verrouillé ignoré

C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\DEFAULT.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\sam L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\security L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SOFTWARE.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

C:\WINDOWS\system32\config\SYSTEM.LOG L'objet est verrouillé ignoré

C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

C:\WINDOWS\Temp\GoogleToolbarInstaller2.log L'objet est verrouillé ignoré

C:\WINDOWS\Temp\Perflib_Perfdata_740.dat L'objet est verrouillé ignoré

C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

 

Analyse terminée.

 

-------------------------------------------------------------------------------------------------------------------------------------------------------------

 

et enfin voici le rapport de HijackThis v2.0.2

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 21:48 , on 31/03/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Logitech\QuickCam\Quickcam.exe

C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe

C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe

C:\Program Files\Ahead\InCD\InCD.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MagicTune Premium\MagicTuneEngine.exe

C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\DOCUME~1\DIDIER\LOCALS~1\Temp\Google Toolbar\gtbA76E.tmp.exe

C:\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

R3 - URLSearchHook: blueshirtstudio Toolbar - {bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c} - C:\Program Files\blueshirtstudio\tbblue.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: blueshirtstudio Toolbar - {bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c} - C:\Program Files\blueshirtstudio\tbblue.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: blueshirtstudio Toolbar - {bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c} - C:\Program Files\blueshirtstudio\tbblue.dll

O4 - HKLM\..\Run: [Auto EPSON Stylus Photo R240 Series sur DIDIER-P0NCSG1Z] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE /P55 "Auto EPSON Stylus Photo R240 Series sur DIDIER-P0NCSG1Z" /O29 "\\DIDIER-P0NCSG1Z\Imprimante2" /M "Stylus Photo R240"

O4 - HKLM\..\Run: [uSBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"

O4 - HKLM\..\Run: [sW24] C:\WINDOWS\system32\sw24.exe

O4 - HKLM\..\Run: [sW20] C:\WINDOWS\system32\sw20.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.17\AsRunHelp.exe

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Ai Quicker Help] "C:\Program Files\ASUS\ASUS DH Remote\AsRc.exe"

O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe boot

O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [Eraser] C:\PROGRA~1\Eraser\eraser.exe -hide

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [RayV] C:\Program Files\SPECIAL INTERNET TV\RayV\RayV.exe /background

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount

O4 - HKCU\..\Run: [TViXNetShare] C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV4\maxtv.exe

O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Hawking Wireless Utility.lnk = C:\Program Files\Hawking\Common\RaUI.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O4 - Global Startup: MioSync.lnk = C:\Program Files\Mio Technology\MioSync\mioSync.exe

O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: &Messenger Backup - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/Driv [...] eqlab3.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab

O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/ [...] anager.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _1_2_0.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{10798AE5-9FC6-4B7D-9573-7B12EF0BD2AA}: NameServer = 212.27.54.252,212.27.53.252

O17 - HKLM\System\CS1\Services\Tcpip\..\{10798AE5-9FC6-4B7D-9573-7B12EF0BD2AA}: NameServer = 212.27.54.252,212.27.53.252

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe

O23 - Service: MagicTuneEngine - Unknown owner - C:\Program Files\MagicTune Premium\MagicTuneEngine.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Netiris Agent (Netiris) - Captel - C:\Program Files\Captel\Netiris\agent.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\WINDOWS\system32\drivers\pclepci.sys

O23 - Service: PLFlash DeviceIoControl Service - Unknown owner - C:\WINDOWS\system32\IoctlSvc.exe (file missing)

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

 

--

End of file - 13381 bytes

[pear]

Bonjour,

 

La première chose à faire est de vous débarrasser des cracks et autres saletés que vous signale Kaspersky,

faute de quoi toute désinfection serait vaine.

 

 

Combo, Nettoyage

Déconnectez-vous du net et désactivez l'antivirus (juste le temps de la procédure !)

Connecter tous les disques amovibles (disque dur externe, clé USB…).

Dans certaines circonstances , le Mode sans échec peut être nécessaire

Ouvrez Combofix

# Dans le bloc-note ,copiez-collez ces lignes :

 

KillAll::

Folder::

C:\DOCUME~1\DIDIER\LOCALS~1\Temp

c:\program files\Bonjour

File::

c:\windows\AU_Temp

c:\windows\AU_Log

c:\windows\system32\nppt9x.vxd

c:\windows\system32\npptNT2.sys

c:\windows\system32\drivers\lvuvc.hs

C:\DOCUME~1\DIDIER\LOCALS~1\Temp\Google Toolbar\gtbA76E.tmp.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\program files\blueshirtstudio\tbblue.dll

c:\program files\Messenger\msmsgs.exe

C:\Documents and Settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi

Driver::

mDNSResponder

Rootkit::

 

Registry::

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}"= -

[-HKEY_CLASSES_ROOT\clsid\{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"=-

"ctfmon.exe"=-

"QuickTime Task"=-

"DAEMON Tools-1033"=-

"iTunesHelper"=-

"Adobe Reader Speed Launcher"=-

"NvMediaCenter"=-

"RTHDCPL"=-

"Logitech Hardware Abstraction Layer"=-

"nwiz"=-

 

* Attention, ce code a été rédigé spécialement pour cet utilisateur, il serait dangereux de le réutiliser dans d'autres cas !

Enregistrez-le en lui donnant le nom CFScript.txt

* Faire un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe

 

* Au message qui apparait dans une fenêtre bleue ( Type 1 to continue, or 2 to abort) , taper 1 puis valider.

* Patienter le temps du scan.Le bureau va disparaitre à plusieurs reprises: c'est normal!

Ne toucher à rien tant que le scan n'est pas terminé.

* Une fois le scan achevé, un rapport va s'afficher: poster son contenu.

* Si le fichier n'apparait pas, il se trouve ici > C:\ComboFix.txt

 

Ensuite,

 

Téléchargez Malwarebytes' Anti-Malware (MBAM)

[branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Si vous utilisez Spybot

Pour désactiver TeaTimer qui ne set à rien et peut faire échouer une désinfection:!

Afficher d'abord le Mode Avancé dans SpyBot

->Options Avancées :

- >menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- >cliquer sur Outils,

- >cliquer sur Résident,

Dans Résident :

- >décocher Résident "TeaTimer" pour le désactiver.

* Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées

MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Si la mise à jour automatique échouait pour une raison quelconque,par exemple une installation de Mbam sur clé usb,

Téléchargez la mise à jour ici

double-cliquer sur le fichier mbam-rules.exe pour installer la mise à jour

 

* Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation à MBAM de se connecter, acceptez.

* Une fois la mise à jour terminée, allez dans l'onglet Recherche.

* Sélectionnez "Exécuter un examen complet"

* Cliquez sur "Rechercher"

* .L' analyse prendra un certain temps, soyez patient !

* A la fin , un message affichera :

L'examen s'est terminé normalement.

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

[didier89]

merci pour votre aide voici donc les rapports des deux programmes que vous m'avez dit d'utiliser. J'ai exécuté ceux-ci en mode sans échèc.

 

ComboFix 09-04-01.01 - DIDIER 2009-04-03 0:44:23.5 - NTFSx86 MINIMAL

Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3199.2892 [GMT 2:00]

Lancé depuis: c:\documents and settings\DIDIER\Bureau\Combo-Fix.exe

Commutateurs utilisés :: c:\documents and settings\DIDIER\Bureau\CFScript.txt

AV: avast! antivirus 4.8.1335 [VPS 090328-0] *On-access scanning disabled* (Updated)

 

FILE ::

c:\docume~1\DIDIER\LOCALS~1\Temp\Google Toolbar\gtbA76E.tmp.exe

c:\documents and settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi

c:\program files\blueshirtstudio\tbblue.dll

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Messenger\msmsgs.exe

c:\windows\AU_Log

c:\windows\AU_Temp

c:\windows\system32\drivers\lvuvc.hs

c:\windows\system32\nppt9x.vxd

c:\windows\system32\npptNT2.sys

.

 

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\docume~1\DIDIER\LOCALS~1\Temp

c:\docume~1\DIDIER\LOCALS~1\Temp\Av-test.txt

c:\docume~1\DIDIER\LOCALS~1\Temp\BITA924.tmp

c:\docume~1\DIDIER\LOCALS~1\Temp\jna41400.tmp

c:\documents and settings\DIDIER\Local Settings\Application DataKiweeToolbar1.3.118.msi

c:\program files\blueshirtstudio\tbblue.dll

c:\program files\Bonjour

c:\program files\Bonjour\About Bonjour.rtf

c:\program files\Bonjour\mdnsNSP.dll

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Messenger\msmsgs.exe

c:\windows\system32\drivers\lvuvc.hs

c:\windows\system32\nppt9x.vxd

c:\windows\system32\npptNT2.sys

 

.

((((((((((((((((((((((((((((( Fichiers créés du 2009-03-02 au 2009-04-02 ))))))))))))))))))))))))))))))))))))

.

 

2009-04-02 07:25 . 2009-04-02 17:32 <REP> d-------- c:\program files\Gameforge4D

2009-03-31 21:48 . 2009-03-31 21:48 396,288 --a------ C:\HijackThis.exe

2009-03-31 17:53 . 2009-03-31 17:53 <REP> d-------- c:\windows\system32\Kaspersky Lab

2009-03-31 17:53 . 2009-03-31 17:53 <REP> d-------- c:\windows\LastGood

2009-03-30 22:33 . 2009-03-30 22:33 <REP> d-------- c:\windows\AU_Temp

2009-03-30 22:33 . 2009-03-30 22:33 <REP> d-------- c:\windows\AU_Log

2009-03-30 22:32 . 2009-03-30 22:32 507,904 --a------ c:\windows\TMUPDATE.DLL

2009-03-30 22:32 . 2009-03-30 22:32 69,689 --a------ c:\windows\UNZIP.DLL

2009-03-30 21:39 . 2009-03-30 21:39 <REP> d-------- c:\program files\Common Files

2009-03-29 19:21 . 2009-03-30 21:36 <REP> d-------- c:\program files\Lineage II

2009-03-29 19:00 . 2009-03-29 19:00 1,594 --a------ c:\windows\ST6UNST.003

2009-03-29 19:00 . 2009-03-29 19:00 303 --a------ c:\windows\ST6UNST.002

2009-03-29 10:53 . 2009-03-30 22:58 <REP> d--h----- c:\documents and settings\DIDIER\Application Data\drivers

2009-03-28 12:57 . 2009-03-28 12:57 <REP> d-------- c:\program files\MessengerDiscovery 2

2009-03-28 12:57 . 2009-03-28 12:57 <REP> d-------- c:\documents and settings\DIDIER\Application Data\MessengerDiscovery 2

2009-03-22 22:28 . 2009-03-22 22:28 457 --a------ c:\windows\system32\1237753733.(null)

2009-03-21 17:07 . 2009-02-18 15:44 212,711 --a------ c:\windows\system32\nvapps.nvb

2009-03-21 00:25 . 2009-03-21 00:25 41,808 --a--c--- c:\windows\system32\xfcodec.dll

2009-03-19 14:18 . 2009-03-19 14:18 <REP> d-------- c:\program files\BitTorrent Fastest Tool

2009-03-19 14:18 . 2008-10-22 14:01 724,568 --a------ c:\program files\BitTorrent Fastest Toolvlnet3.com_Installer.exe

2009-03-19 12:33 . 2009-03-19 12:33 <REP> d-------- c:\documents and settings\DIDIER\systextures

2009-03-19 12:33 . 2009-03-19 12:33 <REP> d-------- c:\documents and settings\DIDIER\animations

2009-03-19 09:06 . 2009-03-29 10:56 <REP> d-------- c:\program files\PeerGuardian2

2009-03-15 11:44 . 2009-03-15 11:44 56,556 --ah----- c:\windows\system32\mlfcache.dat

2009-03-15 11:33 . 2009-03-15 11:33 <REP> d-------- c:\program files\Safari

2009-03-15 11:00 . 2009-03-15 11:00 <REP> d-------- c:\program files\iTunes

2009-03-15 11:00 . 2009-03-15 11:00 <REP> d-------- c:\program files\iPod

2009-03-15 11:00 . 2009-03-15 11:01 <REP> d-------- c:\documents and settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}

2009-03-07 21:20 . 2009-03-07 21:20 <REP> d-------- c:\documents and settings\All Users\Application Data\Messenger Plus!

2009-03-06 22:58 . 2009-04-02 20:25 <REP> d-------- c:\documents and settings\DIDIER\.homeplayer

2009-03-06 22:57 . 2009-03-06 22:58 <REP> d-------- c:\program files\HomePlayer

2009-03-06 00:20 . 2009-03-06 00:20 <REP> d-------- c:\program files\FpTest

2009-03-05 16:30 . 2009-02-21 20:05 201,728 --a------ C:\english CV.doc

2009-03-02 20:15 . 2009-03-02 20:15 10,107 --a------ C:\Oui c.docx

 

.

(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))

.

2009-04-02 22:44 --------- d-----w c:\program files\blueshirtstudio

2009-04-02 22:06 --------- d-----w c:\documents and settings\DIDIER\Application Data\MailWasherPro

2009-04-02 12:31 --------- d-----w c:\documents and settings\All Users\Application Data\Google Updater

2009-04-02 09:33 --------- d-----w c:\program files\Diablo II

2009-03-31 05:36 --------- d-----w c:\documents and settings\DIDIER\Application Data\Azureus

2009-03-29 17:21 --------- d--h--w c:\program files\InstallShield Installation Information

2009-03-29 17:00 73,216 ----a-w c:\windows\ST6UNST.EXE

2009-03-29 17:00 249,856 ------w c:\windows\Setup1.exe

2009-03-29 08:58 --------- d-----w c:\program files\Xfire

2009-03-28 18:59 --------- d-----w c:\documents and settings\DIDIER\Application Data\Xfire

2009-03-28 11:03 --------- d-----w c:\program files\MessengerDiscovery

2009-03-27 08:03 --------- d-----w c:\program files\ma-config.com

2009-03-27 08:03 --------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com

2009-03-21 12:49 --------- d-----w c:\program files\Electronic Arts

2009-03-20 17:49 --------- d-----w c:\program files\Tomtomax Maxi-Box

2009-03-19 12:40 --------- d-----w c:\program files\CCleaner

2009-03-15 12:23 --------- d-----w c:\documents and settings\DIDIER\Application Data\Canon

2009-03-15 09:00 --------- d-----w c:\program files\Fichiers communs\Apple

2009-03-14 11:59 --------- d-----w c:\program files\Fichiers communs\Blizzard Entertainment

2009-03-13 11:16 --------- d-----w c:\program files\PhotoFiltre Studio

2009-03-11 18:00 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help

2009-03-07 19:15 --------- d-----w c:\program files\Messenger Plus! Live

2009-03-02 19:14 138,512 -c--a-w c:\windows\system32\drivers\PnkBstrK.sys

2009-03-02 17:41 --------- d-----w c:\program files\StuffPlug3

2009-02-28 23:29 --------- d-----w c:\program files\eMule

2009-02-28 19:56 --------- d-----w c:\program files\Microsoft Silverlight

2009-02-28 08:56 --------- d-----w c:\program files\Azureus

2009-02-23 17:58 53,312 ----a-w c:\windows\system32\drivers\pssdklbf.sys

2009-02-23 17:58 36,928 ----a-w c:\windows\system32\drivers\pssdk41.sys

2009-02-23 16:24 --------- d-----w c:\program files\Multi_Media_France

2009-02-22 14:49 --------- d-----w c:\documents and settings\DIDIER\Application Data\Uniblue

2009-02-20 14:45 --------- d-----w c:\documents and settings\DIDIER\Application Data\SoftPlug

2009-02-20 14:24 --------- d-----w c:\program files\LEA

2009-02-20 14:24 --------- d-----w c:\documents and settings\DIDIER\Application Data\LEA

2009-02-20 14:23 --------- d-----w c:\program files\WinPcap

2009-02-18 19:35 --------- d-----w c:\program files\Windows Live Safety Center

2009-02-18 17:45 --------- d-----w c:\documents and settings\DIDIER\Application Data\Ubisoft

2009-02-18 17:45 --------- d-----w c:\documents and settings\All Users\Application Data\Ubisoft

2009-02-18 13:44 6,308,224 ----a-w c:\windows\system32\drivers\nv4_mini.sys

2009-02-14 12:53 --------- d-----w c:\program files\Microsoft Games

2009-02-10 12:06 --------- d-----w c:\program files\Red Storm Entertainment

2009-02-10 11:59 --------- d-----w c:\program files\ubi.com

2009-02-10 11:58 --------- d-----w c:\documents and settings\DIDIER\Application Data\ubi.com

2009-02-10 11:57 --------- d-----w c:\program files\Fichiers communs\PocketSoft

2009-02-08 15:09 --------- d-----w c:\program files\QuickTime

2009-01-17 08:22 812,344 ----a-w C:\HJTInstall.exe

2008-12-01 11:12 22,328 ----a-w c:\documents and settings\DIDIER\Application Data\PnkBstrK.sys

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\sessmgr.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\rsvp.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mstsc.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mstinit.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\mqtgsvc.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\cmstp.exe

2008-11-16 14:42 81,920 ----a-w c:\documents and settings\DIDIER\Application Data\clipsrv.exe

2008-11-16 12:44 2,951 ----a-w c:\documents and settings\DIDIER\settings.bin

2008-06-24 17:00 5,250,856 -c--a-w c:\program files\vnc-P4_4_2-x86_x64_win32.exe

2002-07-26 16:02 153,088 -c--a-w c:\program files\UNWISE.EXE

2007-12-25 23:35 56 -csh--r c:\windows\system32\BB5F9E300F.sys

2007-10-04 09:32 5 -csha-w c:\windows\system32\cbaa7_s.dll

2007-12-25 23:35 1,890 -csha-w c:\windows\system32\KGyGaAvL.sys

2008-10-15 10:31 32,768 -csha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008101520081016\index.dat

.

 

((((((((((((((((((((((((((((( SnapShot_2009-03-30_23.03.47.54 )))))))))))))))))))))))))))))))))))))))))

.

+ 2005-05-16 17:34:48 213,048 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll

+ 2008-08-13 13:03:26 65,536 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe

+ 2008-08-13 13:03:26 798,720 ----a-w c:\windows\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll

- 2009-03-30 20:58:05 72,288 ----a-w c:\windows\system32\perfc009.dat

+ 2009-04-02 22:46:21 72,152 ----a-w c:\windows\system32\perfc009.dat

- 2009-03-30 20:58:05 85,936 ----a-w c:\windows\system32\perfc00C.dat

+ 2009-04-02 22:46:21 85,696 ----a-w c:\windows\system32\perfc00C.dat

- 2009-03-30 20:58:05 444,664 ----a-w c:\windows\system32\perfh009.dat

+ 2009-04-02 22:46:21 444,528 ----a-w c:\windows\system32\perfh009.dat

- 2009-03-30 20:58:05 513,910 ----a-w c:\windows\system32\perfh00C.dat

+ 2009-04-02 22:46:22 513,492 ----a-w c:\windows\system32\perfh00C.dat

.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [bU]

"Eraser"="c:\progra~1\Eraser\eraser.exe" [2007-07-28 277328]

"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-02-06 3325952]

"RayV"="c:\program files\SPECIAL INTERNET TV\RayV\RayV.exe" [2008-09-07 3708200]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 222080]

"TViXNetShare"="c:\program files\DVICO\TViXNetShare\TViXNetShare.exe" [2008-06-25 883200]

"Uniblue RegistryBooster 2009"="c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe" [bU]

"PeerGuardian"="c:\program files\PeerGuardian2\pg2.exe" [2009-03-30 1432064]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Auto EPSON Stylus Photo R240 Series sur DIDIER-P0NCSG1Z"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIAHE.EXE" [2005-04-25 98304]

"USBToolTip"="c:\program files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe" [2004-04-23 192512]

"SW24"="c:\windows\system32\sw24.exe" [2005-07-04 69632]

"SW20"="c:\windows\system32\sw20.exe" [2005-06-29 212992]

"PinnacleDriverCheck"="c:\windows\system32\PSDrvCheck.exe" [2004-03-10 406016]

"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 2027792]

"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 563984]

"AsusStartupHelp"="c:\program files\ASUS\AASP\1.00.17\AsRunHelp.exe" [2006-11-14 363008]

"AppleSyncNotifier"="c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2009-02-06 177472]

"Ai Quicker Help"="c:\program files\ASUS\ASUS DH Remote\AsRc.exe" [2006-11-09 3165696]

"36X Raid Configurer"="c:\windows\System32\JMRaidSetup.exe" [2006-11-16 1953792]

"!AVG Anti-Spyware"="c:\program files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 6731312]

"InCD"="c:\program files\Ahead\InCD\InCD.exe" [2004-09-13 1450096]

"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-03-30 81000]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-01-05 413696]

"DAEMON Tools-1033"="c:\program files\D-Tools\daemon.exe" [2004-08-22 81920]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016]

"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 c:\windows\RTHDCPL.exe]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-03-10 c:\windows\KHALMNPR.Exe]

"nwiz"="nwiz.exe" [2009-02-18 c:\windows\system32\nwiz.exe]

 

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\

Hawking Wireless Utility.lnk - c:\program files\Hawking\Common\RaUI.exe [2008-05-17 651264]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"MemCheckBoxInRunDlg"= 1 (0x1)

"NoSMBalloonTip"= 1 (0x1)

"NoWelcomeScreen"= 1 (0x1)

"NoStrCmpLogical"= 0 (0x0)

 

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "c:\program files\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 49152]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"VIDC.HFYU"= huffyuv.dll

"vidc.DIV3"= DivXc32.dll

"vidc.DIV4"= DivXc32f.dll

"msacm.divxa32"= DivXa32.acm

"VIDC.PIM1"= pclepim1.dll

"VIDC.XFR1"= xfcodec.dll

"VIDC.MJPX"= PICVideo MJPEG Codec

"VIDC.MJPG"= Pvmjpg30.dll

"VIDC.I420"= vdrcodec.dll

"msacm.ac3filter"= ac3filter.acm

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0sprestrt\0lsdelete

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast!]

--a------ 2009-03-30 22:23 81000 c:\progra~1\ALWILS~1\Avast4\ashDisp.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusDisableNotify"=dword:00000001

"UpdatesDisableNotify"=dword:00000001

"DisablePagingExecutive"=dword:00000001

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Azureus\\Azureus.exe"=

"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Documents and Settings\\DIDIER\\Application Data\\PowerChallenge\\PowerSoccer\\PowerSoccer.exe"=

"c:\\WINDOWS\\system32\\dxdiag.exe"=

"c:\\Program Files\\ASUS\\ASUSUpdate\\Update.exe"=

"c:\\Program Files\\Mumble\\murmur.exe"=

"c:\\Program Files\\Soulseek-Test\\slsk.exe"=

"c:\\Program Files\\Xfire\\xfire.exe"=

"c:\\Program Files\\Electronic Arts\\EADM\\Core.exe"=

"c:\\Program Files\\SPECIAL INTERNET TV\\RayV\\RayV.exe"=

"c:\\WINDOWS\\system32\\PnkBstrA.exe"=

"c:\\WINDOWS\\system32\\PnkBstrB.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

"c:\\Program Files\\DVICO\\TViXNetShare\\TViXNetShare.exe"=

"c:\\Program Files\\MessengerDiscovery\\MessengerDiscovery Live.exe"=

"c:\\Program Files\\Diablo II\\Diablo II.exe"=

"c:\\Program Files\\ubi.com\\Core\\GS4.exe"=

"c:\\Program Files\\LEA\\SoftPlug\\V3.1\\SoftPlug.exe"=

"c:\\Program Files\\eMule\\emule.exe"=

"c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=

"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=

"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=

"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Electronic Arts\\Dead Space\\Dead Space.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"4662:TCP"= 4662:TCP:eMule

"4672:UDP"= 4672:UDP:Emule

"5900:TCP"= 5900:TCP:vnc

"5800:TCP"= 5800:TCP:VNC

"6112:TCP"= 6112:TCP:diablo

"8080:TCP"= 8080:TCP:8080

"8080:UDP"= 8080:UDP:8080

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R0 OODrvled;OODrvled;c:\windows\system32\drivers\OODrvled.sys [2005-02-28 15488]

S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys --> c:\windows\system32\drivers\pavboot.sys [?]

S1 aswSP;avast! Self Protection; [x]

S1 M9207;LifeView M9207 USB Digital TV BOX;c:\windows\system32\drivers\M9207BDA.sys [2007-10-03 36096]

S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]

S2 Netiris;Netiris Agent;c:\program files\Captel\Netiris\agent.exe [2003-03-04 176128]

S3 fbxusb;FreeBox USB Network Adapter;c:\windows\system32\drivers\fbxusb.sys [2003-12-31 18848]

S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-06-29 42512]

S3 PsSdk41;PsSdk41;c:\windows\system32\drivers\pssdk41.sys [2009-02-23 36928]

S3 PsSdkLBF;PsSdkLBF;c:\windows\system32\drivers\pssdklbf.sys [2009-02-23 53312]

S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys --> c:\windows\system32\DRIVERS\wg111v3.sys [?]

S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?]

S3 SetupNTGLM7X;SetupNTGLM7X;\??\d:\ntglm7x.sys --> d:\NTGLM7X.sys [?]

S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?]

.

Contenu du dossier 'Tâches planifiées'

 

2009-03-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

 

2009-04-02 c:\windows\Tasks\Google Software Updater.job

- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-25 04:09]

.

- - - - ORPHELINS SUPPRIMES - - - -

 

BHO-{bfcdcebe-e1fb-40f9-b4e2-7bb1138ef76c} - (no file)

 

 

.

------- Examen supplémentaire -------

.

uStart Page = hxxp://www.free.fr/

uInternet Connection Wizard,ShellNext = iexplore

uInternet Settings,ProxyOverride = *.local

uSearchURL,(Default) = hxxp://www.google.com/keyword/%s

IE: {{ECC5777A-6E88-BFCE-13CE-81F134789E7B}

TCP: {10798AE5-9FC6-4B7D-9573-7B12EF0BD2AA} = 212.27.54.252,212.27.53.252

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

DPF: Microsoft XML Parser for Java

FF - ProfilePath - c:\documents and settings\DIDIER\Application Data\Mozilla\Firefox\Profiles\tbkonjx2.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr:official

.

 

**************************************************************************

 

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2009-04-03 00:50:14

Windows 5.1.2600 Service Pack 3 NTFS

 

Recherche de processus cachés ...

 

Recherche d'éléments en démarrage automatique cachés ...

 

Recherche de fichiers cachés ...

 

Scan terminé avec succès

Fichiers cachés: 0

 

**************************************************************************

.

--------------------- CLES DE REGISTRE BLOQUEES ---------------------

 

[HKEY_USERS\S-1-5-21-484763869-362288127-839522115-1003\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]

"??"=hex:92,04,0f,ed,b4,70,c1,11,24,9a,d6,80,3d,72,a2,62,30,ad,61,c9,6f,61,a5,

42,b2,bd,13,f7,b2,4f,a0,01,0b,3a,8b,4d,ad,c4,56,00,54,fc,3a,ad,fb,eb,b5,59,\

"??"=hex:2a,84,a5,25,b1,d8,32,22,05,34,55,5a,c0,1e,89,25

 

[HKEY_USERS\S-1-5-21-484763869-362288127-839522115-1003\Software\SecuROM\License information*]

"datasecu"=hex:91,02,16,4c,a8,31,e1,e4,b7,f0,47,e5,df,59,16,7a,2e,bf,95,83,d5,

fe,14,bd,5e,4d,71,9a,96,ba,a2,71,d8,1b,10,4e,b6,b1,70,fc,e6,43,e5,ff,02,6f,\

"rkeysecu"=hex:68,5f,c7,57,3e,f5,fc,14,30,e5,19,2f,c7,a3,9a,c4

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,24,48,8c,0c,f6,

f0,39,d7,c8,28,51,af,b0,29,a3,98,73,ad,c4,e7,bb,ab,6e,f4,e2,63,26,f1,3f,c8,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"bca643cdc5c2726b20d2ecedcc62c59b"=hex:71,3b,04,66,8b,46,0d,96,ad,05,7d,db,85,

63,12,f1,71,3b,04,66,8b,46,0d,96,5b,9b,2c,2a,2b,37,06,1f,6a,9c,d6,61,af,45,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2c81e34222e8052573023a60d06dd016"=hex:ff,7c,85,e0,43,d4,0e,fe,86,3c,40,8f,e6,

fd,59,96,25,da,ec,7e,55,20,c9,26,f9,f7,d4,1f,3b,2b,b9,5e,ff,7c,85,e0,43,d4,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,27,a2,20,dc,5d,

94,58,0d,3e,1e,9e,e0,57,5a,93,61,30,96,10,52,58,3c,8a,5e,86,8c,21,01,be,91,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"caaeda5fd7a9ed7697d9686d4b818472"=hex:f5,1d,4d,73,a8,13,5c,05,47,1f,f4,b2,22,

95,69,a1,cd,44,cd,b9,a6,33,6c,cd,b4,ca,50,fa,b4,9b,d3,40,f5,1d,4d,73,a8,13,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:50,93,e5,ab,ec,6a,4e,ab,bf,df,f5,be,ab,

e9,ae,31,b0,18,ed,a7,3f,8d,37,a4,9e,75,af,ee,99,0f,20,c2,df,20,58,62,78,6b,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,cb,3b,cf,1d,e2,

fc,f4,79,31,77,e1,ba,b1,f8,68,02,ff,b1,a3,b8,0f,9b,0a,12,fb,a7,78,e6,12,2f,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,b2,9a,8a,48,74,

bc,f6,23,83,6c,56,8b,a0,85,96,ab,d9,4a,b2,ac,db,91,58,07,01,3a,48,fc,e8,04,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,57,7c,13,35,4c,

3d,d2,f0,51,fa,6e,91,28,9e,14,cc,01,9a,53,68,99,83,59,a0,f6,0f,4e,58,98,5b,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,10,f7,31,cc,1d,

ab,99,77,b1,cd,45,5a,a8,c4,f8,b9,67,85,5a,dc,62,64,d3,55,3d,ce,ea,26,2d,45,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,1d,58,f3,22,37,

bd,5a,b8,e3,0e,66,d5,eb,bc,2f,6b,b6,93,f0,bb,1a,96,1e,b3,2a,b7,cc,b5,b9,7f,\

 

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*]

"ThreadingModel"="Apartment"

@="c:\\WINDOWS\\system32\\OLE32.DLL"

"8a8aec57dd6508a385616fbc86791ec2"=hex:05,73,21,dd,54,d8,4a,c5,85,d4,6b,15,4e,

d0,4d,fa,fa,ea,66,7f,d4,3b,6b,70,45,67,3f,b7,d9,3d,4a,89,6c,43,2d,1e,aa,22,\

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]

"OODLED02.00.00.02WSSV"="912EBBB99AB952C6190D3F4EE8510994924535E827E7EC29DAFB7BFCCF0C4D2F2BD4478594B

C72F32A2E7228F811B32A9CAB4F248429958592139D93FB748122B2FA787CB4C6043F10466BAEF13D

A4C3906E0678CFEFBF1AE0248921C7F681D580B7A4C0BA43E4B153D83ADA8FBE434E4821BDD1E6C1F

C5713FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BEC

C74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A9C6AECB7A5D14078EDD5E5BE2F6E

66703CC842CE687433FE0155A9AC297681D7E36AD924BCDDBDBE8A92A3531E60D3652CBF014632A62

559F2C895D8A874E93C481221AC94FB6386F9F1F0153722ED50980FD4F4C5500ABF9E382BD8633039

DD1723BF67D8C463DA8014DACB0AF09DA625399B342C8FE333AFAA8B2F201EF9E1DC0706062B59A5C

589E6152A0396EE8924CC45998A498E09FD4F2F6C2BC527C14475052A55F9410376E1CCC308B0AA8B

F98179ED872D9315C786C879816BC221587788A2A026CD2F28854BB1D09D548028C3AA34019A21E18

90B5A752A094FDF4249E0D86F92CA32D2AF105DB76A0F5699C6DCDBCE9A9AC6D6B00DBF8D21403FAE

50AA08587B308F9B3F250937C906876E202C5759675DF6CFC92EF510949A8E4389851A550B485E3AB

E888A0AA1BD6A01DDD79C1B464C296DC4BF14F039468E0AA396C195A35A8E4B8775F91F00DFE512DF

C1AAE3FA6E2654318339C622D4115F1F10747939102F1A85A48ABA485A1E519EB1C7C1440D140117B

C897311CB59765D876494DF7A4ECED5C7BE37FF902300BCD391FF50CA409C98D90D0D73E4CF4011AD

8EE396B27B09AE075679E306978D1D76E3F8B35761312F8240E28C7102DE5780A3AF2C2A509E9DB75

1504452676DCD6FCBADEBCE2A2B6FDE949533D10B4D5C5AEE174A7C0B737560001942885D843266A2

1DE778DF4A66E043073775D73BAEC2ECF9F1B1CF0056F5D729A1EDF4240B9FE37DC0F1A3872B360A2

022591441E67B2A3B66DDD5FF6D69A65C13C0A482F97C77511FD3490D3C62AB75F48C379B247AC2FE

4C6331F56D186879CF1E47415D9968714970914A4B8D439CDB694D5492F4F783521CAC010BA363E21

7BCD46952F01CEE400C84DE3AB96A4F5992790DC59103A97CCD8C9347E02A127EE2AAEF9D85F60E62

F2BBCB3D66AA962EEA0570811AA64616A9433F89C83FAED33E313B22E4F835F71E753DB078C308288

2D4989361F18CA723A6A38AC9ECB9403E6CECF19323578E93E7AC61A80CF2A0CFAF9473EB0ACEF2F8

9CEEB58754723F0A2AE08182CA5410BEE8B83838CD690F3BBF148B0652CD1BF45B8B65A70D2815E0E

76B43DA6BAAC9EBF56454BB847D08D26AD382A8955D396366DDC053B0DFC839F5AD32E4F0D0F41F91

DE20B5656EBF9F59CE6D92C99BE79"

.

Heure de fin: 2009-04-03 0:54:48 - La machine a redémarré [DIDIER]

ComboFix-quarantined-files.txt 2009-04-02 22:54:46

ComboFix2.txt 2009-04-02 20:27:17

ComboFix3.txt 2009-03-30 21:29:01

 

Avant-CF: 117,774,835,712 octets libres

Après-CF: 117,745,139,712 octets libres

 

386 --- E O F --- 2009-03-17 18:03:50

 

-------------------------------------------------------------------------------------------------

Malwarebytes' Anti-Malware 1.35

Version de la base de données: 1904

Windows 5.1.2600 Service Pack 3

 

03/04/2009 07:19:15

mbam-log-2009-04-03 (07-19-06).txt

 

Type de recherche: Examen complet (C:\|G:\|)

Eléments examinés: 298382

Temps écoulé: 1 hour(s), 57 minute(s), 15 second(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 1

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 2

Dossier(s) infecté(s): 3

Fichier(s) infecté(s): 14

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\luckytender (Adware.LuckyTender) -> No action taken.

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

 

Dossier(s) infecté(s):

C:\Program Files\LuckyTender (Adware.LuckyTender) -> No action taken.

C:\Program Files\LuckyTender\1.3.0 (Adware.LuckyTender) -> No action taken.

C:\Program Files\LuckyTender\1.3.1 (Adware.LuckyTender) -> No action taken.

 

Fichier(s) infecté(s):

C:\Documents and Settings\DIDIER\Bureau\GenProc\outil\curl.exe (Trojan.Agent) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP469\A0119615.sys (Rootkit.Bagle) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0119828.sys (Rootkit.Bagle) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120456.sys (Rootkit.Bagle) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0120457.sys (Rootkit.Bagle) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121482.sys (Rootkit.Bagle) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121491.exe (Rootkit.Dropper) -> No action taken.

C:\System Volume Information\_restore{337E02CC-05A0-44FA-8A90-F7BD86AB0413}\RP470\A0121492.exe (Trojan.Packed) -> No action taken.

C:\Program Files\LuckyTender\uninst.exe (Adware.LuckyTender) -> No action taken.

C:\Documents and Settings\DIDIER\Application Data\Microsoft\mstinit.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\DIDIER\Application Data\Microsoft\sessmgr.exe (Trojan.Agent) -> No action taken.

C:\Documents and Settings\DIDIER\Application Data\mstsc.exe (Trojan.Agent) -> No action taken.

C:\WINDOWS\system32\LSHPRN.EXE (Trojan.Agent) -> No action taken.

C:\WINDOWS\cisvc.exe (Backdoor.Agent) -> No action taken.

[pear]

Bonjour,

 

Relancez Mbam en mode normal, svp.

 

et n'oubliez pas le plus important:

 

*Si MBAM n'a rien trouvé, il le dira aussi.

Cliquez sur "Ok" pour poursuivre.

*Fermez les navigateurs.

Cliquez sur Afficher les résultats .

 

*Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

* Copiez-collez ce rapport dans la prochaine réponse.

 

 

Ensuite:

 

Scan en ligne

NOTE: Le scan en ligne sera à faire avec Internet Explorer.

Désactiver l'antivirus actuel

Kaspersky

Sous Vista,il faut désactiver l'UAC, et cliquer droit sur Internet Explorer / Exécuter en tant qu'administrateur et coller l'URL de Kaspersky

http://www.kaspersky.com/kos/eng/partner/d...kavwebscan.html

Vider la corbeille.

* Cliquer sur Accept

* Une barre jaune va demander d'accepter l'installation de Kavwebscan_Unicode.cab, installer l'Active X.

* cliquer une nouvelle fois sur "Accept"

* Les bases de mises à jour vont s'installer, patienter un moment

* Cliquer sur Next.

* Cliquer sur My Computer, le scan se met en route;

attendre la fin du scan sans fermer la fenêtre sinon il s'arrêtera.

A la fin du scan, si des objets infectés sont découverts, cliquer sur Save report as... Choisirr bureau et nommer le rapport "rapport Kaspersky" et dans le champ d'enregistrement, choisir "fichiers texte" enregistrer le rapport.

Copier/coller l'entièreté du fichier texte ouvert, par clic droit dessus, sélectionner tout/copier.

Coller ce rapport dans la réponse sur le forum.

Aide en cas de problème

Cybersécurité