> Tous les forumsSécurité

 virus?Sujet résolu
Statut du sujet : RESOLU Imprimer
 poupinette63
  Posté le 27/08/2008 @ 22:08  
 Petite astucienne

15 Messages

bonsoir,

voila de puis quelque jours mon pc est bizarre, y a plus de son (une fois ca a remarché mais ca n'a pas tenu longtemps, quand j'ai redémarré l'ordi plu rien)quand je vais dans les périphériques gamesurround fonctionne correctement mais n'est pas démarré je sais pas comment faire pour le démarrer de plus plu aucun logiciel antivirus veut analyser l'ordi (ccleaner,hijack...),c'est un virus? qu'est-ce que je peux faire?
 Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 
 
Publicité
 Fill  Posté le 27/08/2008 à 22:11  
  Groupe Sécurité


11718 Messages

Salut,

Quel genre de message apparait quand HijackThis ne fonctionne pas ? N'aurais-tu pas téléchargé un crack ?

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 27/08/2008 à 22:12  
Petite astucienne

15 Messages

pour hijack ca met que l'application win32 n'est pas valide un truc du genre, si dernierement j'ai voulu installer un logiciel et il y avait un crack avec d'ailleur le logiciel voulait pas marcher je l'ai supprimé de suite mais du coup ca m'a parut bizarr

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 27/08/2008 à 22:15  
  Groupe Sécurité


11718 Messages

Re,

C'est bien un crack...

1/

  • Télécharge Elibagla en bas de cette page sur ton Bureau. Pour cela, clique sur "Descargar Elibagla",
  • Lance-le de préférence en mode sans échec, ou en mode normal si le mode sans échec ne fonctionne pas.
  • Bagle peut bloquer le mode sans échec, donc il ne faut absolument pas forcer le mode sans échec en passant par MSconfig. Cela peut provoquer un redémarrage en boucles du PC.
  • Patiente pendant la durée du Scan.
  • Copie-colle le contenu du rapport qui doit se trouver ici : C:\Infosat.txt

Exécute-le plusieurs fois.

2/ Suis ensuite cette procédure : http://forum.pcastuces.com/pre_nettoyage_un_pc_infecte-f25s17490.htm

3/ Edite les rapports (si tu y parviens) :

  • Elibagla,
  • Malwarebyte's (après suppression des éléments),
  • Hijackthis.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 27/08/2008 à 22:19  
Petite astucienne

15 Messages

ah oui ca aussi j'ai essayé ca n'a pas marché j'ai pas compris.je vais retenter je verrais

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 27/08/2008 à 22:21  
  Groupe Sécurité


11718 Messages

Re,

Retente parès avoir passé Elibagla. Si ça marche, il me faut le rapport malwarebyte's après suppression des éléments détectés.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 27/08/2008 à 22:22  
Petite astucienne

15 Messages

ca me dit "por favoir envienos una muestra del fichero c:\muestra\hldrrr.exe.muestra elibagla v 11.66 a "virus@satinfo.es".gracias"

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 27/08/2008 à 22:23  
  Groupe Sécurité


11718 Messages

Re,

Il faut envoyer ce fichier par mail à l'adresse indiquée.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 27/08/2008 à 22:29  
Petite astucienne

15 Messages

ok merci c'est parti,ca va mettre longtemps?

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 27/08/2008 à 22:37  
  Groupe Sécurité


11718 Messages
poupinette63 a écrit :

ok merci c'est parti,ca va mettre longtemps?

Malwarebyte's peut durer assez longtemps. Je regarderai demain si ça s'éternise.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 10:41  
Petite astucienne

15 Messages

bon mon problème à l'air d'être réglé,le périphérique mélangeur est revenu,le son est "démarré",ccleaner remarche,elibagla a fait un scan quand j'ai redémarré l'ordi,tout ca après l'installation de malwarebyte logiciel .merci pour l'aide

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 28/08/2008 à 10:42  
  Groupe Sécurité


11718 Messages

Re,

Il faut que tu édites les rapports. L'infection est vicieuse et je n'aime pas nettoyer à moitié.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 10:47  
Petite astucienne

15 Messages

Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1090
Windows 5.1.2600 Service Pack 2

10:16:32 28/08/2008
mbam-log-08-28-2008 (10-16-31).txt

Type de recherche: Examen rapide
Eléments examinés: 41400
Temps écoulé: 9 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 285

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Admin\Application Data\m (Trojan.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld\103759.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\107254.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\109116.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\109627.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\112411.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\113222.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\113683.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\115876.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\117218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\118149.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1198142.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\119962.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\123066.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\126922.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\128875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\129846.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\131078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\134353.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\137237.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\137487.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\138649.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\139090.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\140331.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\141553.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\142414.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\144127.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\144607.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\144688.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\145288.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14679277.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14683013.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14685666.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14687409.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14688621.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\146921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14694369.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14696712.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14704453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14707858.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14708920.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14712265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14714548.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14721147.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14728658.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14755096.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14769307.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14788695.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14797537.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14797988.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\14810806.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\148313.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\148823.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\149895.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\153020.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\153430.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\154802.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\155243.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\155253.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\156374.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\156575.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\157836.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\159699.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\160320.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\162073.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\162603.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\162643.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\163465.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\165858.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\166028.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\166579.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\167681.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\168452.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\168482.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\171696.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\175432.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\179037.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1791195.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1805546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1806928.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\183373.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1835459.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1838373.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1847226.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1855287.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\185666.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1897879.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\192066.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\192636.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\193338.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1937435.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\193958.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1956323.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\203011.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\203051.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\205976.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\207147.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\209280.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\210823.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\210913.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\212725.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\213637.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\214848.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\216701.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\218223.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\221758.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\222319.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\223311.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\224633.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\225384.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\227116.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\229249.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\229339.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\229770.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\231753.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\232604.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\235468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\237221.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\240215.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\240866.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\240966.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\243640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\243810.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\244331.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\244441.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\245432.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\246033.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\247856.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\247946.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\248046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\250329.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\253033.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\254295.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\255086.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\256558.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\257880.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\258041.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\259913.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\260464.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\262227.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\262938.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\265151.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\266322.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\272712.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\276447.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\277178.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\278740.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\282506.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\286101.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\291579.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29204624.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29223340.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29224542.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29230761.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29258371.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29265651.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29304097.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29324035.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29333108.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29942575.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29948623.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29949795.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29955513.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29958548.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29964737.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\29985937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\30028598.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\30048697.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\30058381.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\303055.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\303205.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\306650.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\307522.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\316204.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\321492.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\326259.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\329684.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\335512.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\337855.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\338837.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\355411.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\355761.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\358094.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\364654.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\367198.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\368970.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\412062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\413534.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\414265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\414335.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\420975.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\422217.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\426152.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\428566.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\428616.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\432652.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43739474.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43761736.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43762887.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43769276.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43776357.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43782455.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43823625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43847008.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\43856221.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\439732.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\440713.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\444038.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44467871.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44490614.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44492116.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44500237.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44501780.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44508620.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44517292.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44566623.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44598118.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\44608593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\447122.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\447954.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\450167.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\457708.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\462154.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\463386.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\465419.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\466981.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\472449.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\479819.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\482493.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\482633.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\485908.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\487731.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\487781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\488812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\491777.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\492568.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\496243.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\498987.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\500389.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\506157.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\511084.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\515761.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\521489.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\522291.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\544222.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\555709.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\560055.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\566484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\575437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58266572.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58268075.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58277658.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58285460.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58293391.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58335982.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58356362.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\58365495.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\600884.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\625709.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\636324.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\658667.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\690873.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\692025.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\694538.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\697522.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\700407.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\710301.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\715779.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\717691.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\720115.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\722799.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\737540.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\749918.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\757779.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\759021.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\777938.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\787131.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\800180.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\842080.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\869039.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\878132.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
C:\Documents and Settings\Admin\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> Delete on reboot.

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 10:59  
Petite astucienne

15 Messages

là je fais une analyse complète c'est beaucoup mieux mais bopn ca a déjà réglé une partie du problème

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 28/08/2008 à 11:04  
  Groupe Sécurité


11718 Messages

Re,

Il me faut aussi le rapport Elibagla et un rapport HijackThis.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 11:33  
Petite astucienne

15 Messages

voici pour élibagla


Wed Aug 27 22:00:58 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:01:09 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.

Wed Aug 27 22:19:28 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:19:52 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:20:06 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:20:19 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:20:34 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Wed Aug 27 22:39:08 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\ADMIN\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.

Thu Aug 28 10:24:07 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
Restaurada Clave: "SafeBoot\Minimal y Network"

Thu Aug 28 10:25:47 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 3272
Nº Total de Ficheros: 35047
Nº de Ficheros Analizados: 7206
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Thu Aug 28 10:31:33 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad F:\

Nº Total de Directorios: 860
Nº Total de Ficheros: 11030
Nº de Ficheros Analizados: 4253
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Thu Aug 28 11:27:14 2008
EliBagle v11.66 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 1 de Agosto del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

je vais m'occuper de hijack

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 11:37  
Petite astucienne

15 Messages

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:52, on 28/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Admin\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F3 - REG:win.ini: run=
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.simpsonsmovie.com/content/downloads/fr/wallpaper/images/Simp_Wall800.jpg
O24 - Desktop Component 1: (no name) - http://www.simpsonsmovie.com/content/downloads/fr/images/wallpaper1.jpg
O24 - Desktop Component 2: (no name) - http://www.simpsonsmovie.com/content/downloads/fr/wallpaper/images/Simp_Wall3_1280.jpg
O24 - Desktop Component 3: (no name) - http://www.simpsonsmovie.com/content/downloads/fr/wallpaper/images/Simp_Wall3_1024.jpg

--
End of file - 4988 bytes

Afficher le profil de poupinette63Envoyer un message privé à poupinette63
 Revenir en haut de la page
 Fill  Posté le 28/08/2008 à 11:40  
  Groupe Sécurité


11718 Messages

Re,

1/ Ouvre HijackThis>"Do a scan only" et coche ceci :

F3 - REG:win.ini: run=
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Clique sur fix/réparer.

2/ Fais un scan en ligne en suivant ce lien : http://forum.pcastuces.com/kaspersky_online_scanner___tutoriel-f31s10.htm

Utilise celui-là si ça ne marche pas : http://forum.pcastuces.com/bitdefender_online_scanner___tutoriel-f31s2.htm

Edite le rapport.

Fill

Afficher le profil de Fill Voir la configuration de FillEnvoyer un message privé à Fill
 Revenir en haut de la page
 poupinette63  Posté le 28/08/2008 à 18:55  
Petite astucienne

15 Messages

Thursday, August 28, 2008 6:52:11 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 28/08/2008
Enregistrements dans la base antivirus Kaspersky : 1029312
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
Statistiques de l'analyse
Total d'objets analysés 61542
Nombre de virus trouvés 4
Nombre d'objets infectés 104 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:39:14

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\mfdou00v.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Identities\{48230A1A-99D8-4C0D-A4B0-E45645FD11BB}\Microsoft\Outlook Express\Éléments envoyés.dbx/[From "priscillia hervier" ][Date Wed, 27 Aug 2008 22:29:08 +0200]/HLDRRR.EXE.Muestra Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Identities\{48230A1A-99D8-4C0D-A4B0-E45645FD11BB}\Microsoft\Outlook Express\Éléments envoyés.dbx MailMSOutlook5: infecté - 1 ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\lanaine001@hotmail.com\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\lanaine001@hotmail.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\lanaine001@hotmail.com\SharingMetadata\Working\database_9840_1FBE_401F_A1D4\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\lanaine001@hotmail.com\SharingMetadata\Working\database_9840_1FBE_401F_A1D4\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Messenger\lanaine001@hotmail.com\SharingMetadata\Working\database_9840_1FBE_401F_A1D4\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows Live Contacts\lanaine001@hotmail.com\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Windows Live Contacts\lanaine001@hotmail.com\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Historique\History.IE5\MSHist012008082820080829\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temp\~DFD783.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temp\~DFD794.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temp\~DFE2B8.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temp\~DFE6F2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temp\~DFE75A.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Admin\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v11.66 Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0050888.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0050889.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0050893.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0050956.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0050967.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0051002.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0051044.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0051060.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP306\A0051076.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051505.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051512.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051513.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051539.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051540.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP307\A0051541.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP308\A0051626.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP308\A0051627.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP308\A0051628.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP308\A0051629.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051638.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051640.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051641.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051642.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051643.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051648.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051763.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051764.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051790.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051818.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP309\A0051834.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051882.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051884.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051885.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051886.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051887.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0051892.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052003.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052004.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052029.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052030.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052058.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052074.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052110.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052111.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052112.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052113.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP310\A0052114.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP311\A0052115.exe Infecté : Email-Worm.Win32.Bagle.vr ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052142.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052145.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052149.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052150.exe Infecté : Trojan-Downloader.Win32.Bagle.yu ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052156.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052157.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052158.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052162.sys Infecté : Trojan-Downloader.Win32.Bagle.ys ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052173.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052175.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052176.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052288.exe Infecté : Email-Worm.Win32.Bagle.of ignoré
C:\System Volume Information\_restore{D4A5991C-0647-4FCE-9F8B-C8C88DDC74FF}\RP312\A0052289.exe Infecté : Email-Worm.Win32.Bagle.of ignoré