Bagle et autres virus (?)

Fermé
lilibiscuit - 3 janv. 2009 à 15:44
 Utilisateur anonyme - 5 janv. 2009 à 19:35
Bonjour,

Hier, j'avais posté pour que l'on m'aide a enlever le virus Bagle qui etait sur mon PC.
Il est maintenant Nickel, mais un autre ordi du reseau est infecté et a mon avis pas que par Bagle !
J'ai fait Elibagla, et j'ai un rapport. Je suis en train de faire un examen rapide Malwarebytes' Anti-Malware, et je viens de finir le scan Hijackthis. Seulement, je ne sais pas trop dechiffrer les rapports, et je ne sais plus trop ce que je dois faire, s'il reste encore une infection ou non. Donc, si quelqu'un pouvait m'aider ...

Ci dessous, rapport Elibagla :


Sat Jan 03 13:31:02 2009
EliBagle v12.07 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Diciembre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\MDELK.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle

Sat Jan 03 13:31:39 2009
EliBagle v12.07 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Diciembre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\MDELK.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.

Sat Jan 03 14:18:56 2009
EliBagle v12.07 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Diciembre del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\MDELK.EXE --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle(rootkit)
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Eliminado Bagle.dldr
C:\DOCUMENTS AND SETTINGS\ADMINISTRATEUR\APPLICATION DATA\M\FLEC006.EXE --> Eliminado Bagle.dldr
Eliminada Carpeta "%AppData%\Hidires"
Restaurada Clave: "SafeBoot\Minimal y Network"

Sat Jan 03 14:19:51 2009
EliBagle v12.07 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Diciembre del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"
C:\WINDOWS\system32\drivers\MDELK.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1025750.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\102734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\10286281.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1039421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\104531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1046343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1068359.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\111859.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\1139640.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1154765.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\115734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\115781.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1159828.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\120468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\120984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1211578.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\121843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\123109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\124796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\128625.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\129031.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\129390.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\130406.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\131187.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\133921.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\135578.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\137000.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\138109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\138890.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\138984.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\140437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\141093.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\141687.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\143203.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1436687.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\1448437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1456593.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1460796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14628984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14676234.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\146828.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14718531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14723921.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\147343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14766468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14878984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14880359.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14886109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14916921.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\14922609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1492656.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\14967156.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\14978187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\14999203.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15002890.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\150250.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\15069250.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\150734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15074468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15077171.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\152140.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15580890.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15592156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15601390.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\15642500.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\156765.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\15973781.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\15978968.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\160531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1648484.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\16602234.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\16606546.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\16642531.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\167765.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\16781953.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1698046.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1756031.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\175703.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1763812.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\17658781.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\1766468.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1771156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\178234.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\18073046.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\1815265.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\190093.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\19070500.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\19082656.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\19126500.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\192859.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\194796.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\196781.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2021437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\202812.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2050843.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\205984.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2065843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2088578.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\211078.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2130328.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\21443296.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\21455750.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\21494000.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2178156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\218171.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2193359.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\223562.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\228031.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\228640.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\234109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\243421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\244046.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\24598203.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\24601921.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\246187.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\24630812.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\24690687.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\24690921.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\247625.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2476531.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2480265.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2482109.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\248609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2490328.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2490484.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\250625.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2517468.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\253734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\255156.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\255750.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\256343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\256781.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2567906.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\258250.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\259343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\263968.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\264187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\268671.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\269000.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\270968.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\273984.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\275625.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\277531.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\280703.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\282187.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\290234.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\2933109.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2945109.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\29518375.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\29524406.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\29544031.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\29615359.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\29681218.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\29684546.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\29685453.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\29894453.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\2991640.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\299781.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\300468.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\30155093.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\30166531.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3017265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\30225062.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3026734.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3031750.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3031921.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\303937.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\306453.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\30871875.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3089078.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\312015.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3128328.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\313046.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\313515.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3164031.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\317078.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\317640.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\319656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\325609.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\327859.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\328546.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\333234.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3391843.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\340343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\343703.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\349468.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\350031.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\353156.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3547484.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\3555937.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\357875.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\36050390.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\3606578.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\376218.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\378343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\378390.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\382937.EXE --> Eliminado Bagle.VR
C:\WINDOWS\system32\drivers\downld\386953.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\388265.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\390750.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\39266687.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\39273562.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\393234.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\39330656.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\39334234.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\399859.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4044375.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\4151687.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4158656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\416296.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4165109.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\4174375.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\417515.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\4202484.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\422218.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\425796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\427531.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\431156.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\437328.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\442812.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\44298875.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\44301156.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\44306078.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\44339265.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\44374593.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\44427468.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\44470281.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\4486750.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4488968.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\45402500.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4543812.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\469343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\484906.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\4955640.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\4967281.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5017265.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\50715656.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\50769250.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\513796.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\516375.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\539343.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5532781.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\5540953.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\5582281.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\605015.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\616484.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\619765.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\635390.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\643734.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\6811390.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\6838312.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\6877140.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\7064203.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\7068375.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\7078437.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\723421.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\762281.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\798890.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\905953.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\9459156.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\9464484.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\9466843.EXE --> Eliminado Bagle.dldr
C:\WINDOWS\system32\drivers\downld\965218.EXE --> Eliminado Bagle
C:\WINDOWS\system32\drivers\downld\98578.EXE --> Eliminado Bagle.VR

Nº Total de Directorios: 20752
Nº Total de Ficheros: 379109
Nº de Ficheros Analizados: 17417
Nº de Ficheros Infectados: 265
Nº de Ficheros Limpiados: 265

Sat Jan 03 14:43:38 2009
EliBagle v12.07 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 30 de Diciembre del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando "C:\"

Nº Total de Directorios: 20835
Nº Total de Ficheros: 379111
Nº de Ficheros Analizados: 17259
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:54, on 03/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\71fa8e4b1f1c72b0e3a5d30a0a049f55\update\update.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F3 - REG:win.ini: load=C:\WINDOWS\system32\svchost.exe
open=C:\WINDOWS\system32\C:\WINDOWS\system32\pkguard32.exe"
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {E4A0165A-AE85-4B16-9E62-C973313407A5} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunServices: [System Updates] ipyrs.exe
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [System Updates] ipyrs.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
O4 - HKCU\..\RunServices: [System Updates] ipyrs.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: FMZilla.lnk = C:\Program Files\Free Music Zilla\FMZilla.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe
O4 - Global Startup: ProfileReminder.lnk = C:\Program Files\GretagMacbeth\i1\Eye-One Match 3\ProfileReminder.exe
O4 - Global Startup: Suitcase Startup.lnk = ?
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~4\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://photosgalerie.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - https://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - https://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/l2/bin/cortvrml.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586-jc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D3166EE4-3E00-46CA-8F62-8E01D2314A7F} - http://www.cig.canon-europe.com/ph/fr_FR/st/download/ddup/CNIMGUP_01_210102F.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.agelia.com/consulter/XUpload.ocx
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (Contrôleur de DownloadManager) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O20 - Winlogon Notify: MacDrive-iTunes compatibility - C:\Program Files\Fichiers communs\Mediafour\MacDriveiTunesPatch.dll
O20 - Winlogon Notify: pmnNedBT - pmnNedBT.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDFCreatorMessages - Global Graphics Software Ltd - C:\WINDOWS\system32\PDFCreatorMessages.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShow\ScsiAccess.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
A voir également:

67 réponses

Utilisateur anonyme
3 janv. 2009 à 15:51
Salut,

vire ellibagla de ton PC et fait ce qui suit:

FindyKill de Chiquitine29

▶ Fais un clique droit sur le lien et choisis ( "enregistrer la cible sous ...." )( , destination le bureau .

( Note importante : si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

▶ Laisse toi guider pour l'installer.

▶ Double clic sur " FindyKill." pour lancer l'outil .

▶ Choisis La langue:F pour français

▶ Choisis l'option 1 . Puis laisses travailler ...

▶ Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

Les-risques-securitaires-du-peer-to-peer

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
1
Utilisateur anonyme
3 janv. 2009 à 16:55
Re,

... Juste pour suivre, aussi comme Chiquitine, mais grave erreur dès le départ avec X-V ( remontez les posts ) ( cela reste que mon avis perso ) 


Je procède comme sa a chaque fois et la sa merdouille un peu........

Mais bon lorsque l'on ce penche sur les rapports de MBAM,il a de quoi ce poser des questions sur ma méthode certe mais bon vundo et pour pas mal de chose dans le cas présent un fouteur de m****

Mais bon c'est comme sa aussi que l'on progresse en commettant une fois une erreur aussi .
1
Au tout debut, j'ai essayé Findykill, mais l'ordi ne supporte pas trop ... Il bugue, et fait un ecran bleu avec pleins d'ecritures et il dit que l'ordinateur est infecté par "Srosa.sys" . Et du mal a le redemarrer, je le fais quand meme ?

Rapport MBAM :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1602
Windows 5.1.2600 Service Pack 2

03/01/2009 15:55:05
mbam-log-2009-01-03 (15-55-05).txt

Type de recherche: Examen rapide
Eléments examinés: 75571
Temps écoulé: 37 minute(s), 49 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 9
Fichier(s) infecté(s): 14

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webmediaplayer (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System Updates (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\System Updates (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\System Updates (Backdoor.Bot) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\WebMediaPlayer (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\updates (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Files: 2458 -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m (Trojan.Agent) -> Delete on reboot.
C:\Documents and Settings\Administrateur\Application Data\m\shared (Trojan.Agent) -> Delete on reboot.
C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\WebMediaPlayer\sqlite3.dll (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\uninst.exe (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\languages_v2.xml (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\resources\webmedias (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Program Files\WebMediaPlayer\skins\classic.skn (Rogue.WebMediaPlayer) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Application Data\m\shared\A.M.L. - Full Edition (Trojan.Agent) -> Delete on reboot.
C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM87bdaf89.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM87bdaf89.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\uschi.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Program Files\eoRezo (Rogue.Eorezo) -> Delete on reboot.
C:\Documents and Settings\All Users\Bureau\WebMediaPlayer.lnk (Adware.EGDAccess) -> Quarantined and deleted successfully.
0
Utilisateur anonyme
3 janv. 2009 à 16:00
Re,

Passe le maintenant findykill .

Mais vire ellibagla.

Ensuite il a du boulot.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Rapport Findykill :

----------------- FindyKill V4.710 ------------------

* User : Administrateur - PAPA
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 21/12/08 par Chiquitine29
* Recherche effectuée à 16:06:22 le 03/01/2009
* Windows XP - Internet Explorer 7.0.5730.13

((((((((((((((((( *** Recherche *** ))))))))))))))))))


--------------- [ Processus actifs ] ----------------


C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PDFCreatorMessages.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\WINDOWS\system32\ctfmon.exe
C:\program files\orange\player orange\Orange Player.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe
C:\PROGRA~1\MICROS~4\rapimgr.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\Orb Networks\Orb\bin\Orb.exe
C:\Program Files\GetRight\getright.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe

--------------- [ Fichiers/Dossiers infectieux ] ----------------


»»»» Presence des fichiers dans C:

Found ! [03/01/2009 15:02] - C:\InfoSat.txt

»»»» Presence des fichiers dans C:\WINDOWS


»»»» Presence des fichiers dans C:\WINDOWS\Prefetch

Found ! - C:\WINDOWS\prefetch\119390.EXE-2B7E8C4B.pf
Found ! - C:\WINDOWS\prefetch\14873234.EXE-1D4E5B03.pf
Found ! - C:\WINDOWS\prefetch\14916921.EXE-190369FD.pf
Found ! - C:\WINDOWS\prefetch\16578453.EXE-269D47F7.pf
Found ! - C:\WINDOWS\prefetch\16602234.EXE-33F0AABD.pf
Found ! - C:\WINDOWS\prefetch\16606546.EXE-34F2F67B.pf
Found ! - C:\WINDOWS\prefetch\16614828.EXE-1A99FD19.pf
Found ! - C:\WINDOWS\prefetch\16642531.EXE-1DEB79F0.pf
Found ! - C:\WINDOWS\prefetch\1750281.EXE-2AA93CCC.pf
Found ! - C:\WINDOWS\prefetch\1766468.EXE-08E641AA.pf
Found ! - C:\WINDOWS\prefetch\1771156.EXE-1DB1CD39.pf
Found ! - C:\WINDOWS\prefetch\1787562.EXE-00C2ADE9.pf
Found ! - C:\WINDOWS\prefetch\1815265.EXE-2958E0D2.pf
Found ! - C:\WINDOWS\prefetch\1995765.EXE-24C5FEE6.pf
Found ! - C:\WINDOWS\prefetch\202328.EXE-2D2725B4.pf
Found ! - C:\WINDOWS\prefetch\2050843.EXE-0B1DA8A2.pf
Found ! - C:\WINDOWS\prefetch\2088578.EXE-06EE7783.pf
Found ! - C:\WINDOWS\prefetch\234109.EXE-0425DDC6.pf
Found ! - C:\WINDOWS\prefetch\268671.EXE-2A5CB42F.pf
Found ! - C:\WINDOWS\prefetch\280703.EXE-3562FE9A.pf
Found ! - C:\WINDOWS\prefetch\2900046.EXE-108540B1.pf
Found ! - C:\WINDOWS\prefetch\2933109.EXE-303C141A.pf
Found ! - C:\WINDOWS\prefetch\2945109.EXE-2CD3BDF8.pf
Found ! - C:\WINDOWS\prefetch\2991640.EXE-32EFCE8A.pf
Found ! - C:\WINDOWS\prefetch\299781.EXE-01A73449.pf
Found ! - C:\WINDOWS\prefetch\303937.EXE-0604CEB4.pf
Found ! - C:\WINDOWS\prefetch\313703.EXE-300D5C24.pf
Found ! - C:\WINDOWS\prefetch\343703.EXE-31709EEF.pf
Found ! - C:\WINDOWS\prefetch\4151687.EXE-07E57BFD.pf
Found ! - C:\WINDOWS\prefetch\4154781.EXE-0E03FC67.pf
Found ! - C:\WINDOWS\prefetch\4158656.EXE-2C492CDB.pf
Found ! - C:\WINDOWS\prefetch\4165109.EXE-29789443.pf
Found ! - C:\WINDOWS\prefetch\4202484.EXE-15FCEDFB.pf
Found ! - C:\WINDOWS\prefetch\FLEC003.EXE-2CA2A784.pf
Found ! - C:\WINDOWS\prefetch\FLEC006.EXE-0695BA6E.pf
Found ! - C:\WINDOWS\prefetch\HLDRRR.EXE-106798BB.pf
Found ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
Found ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf
Found ! - C:\WINDOWS\prefetch\WINUPGRO.EXE-101AF362.pf

»»»» Presence des fichiers dans C:\WINDOWS\system32


»»»» Presence des fichiers dans C:\WINDOWS\system32\config\systemprofile\AppData\Roaming


»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers


»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Application Data

Found ! [03/01/2009 14:18] - "C:\Documents and Settings\Administrateur\Application Data\m\shared"
Found ! [03/01/2009 14:18] - "C:\Documents and Settings\Administrateur\Application Data\m"

»»»» Presence des fichiers dans C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp


»»»» Presence des fichiers dans C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5

Found ! [02/11/2008 12:41] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\09FBBB78-B640-4E6A-BAC8-EC6C7ACFD286.jpg
Found ! [30/07/2008 13:00] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\28FDE204-FB64-4965-9903-4445C6EEAF2D.jpg
Found ! [02/11/2008 12:55] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\31E37712-DBCC-4ED4-ACB6-81DB64CFFE0D.jpg
Found ! [02/11/2008 12:53] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\40ACC61B-8C4C-427D-AB64-81B781164AD7.jpg
Found ! [02/11/2008 12:40] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\52F77901-9462-4797-BB5E-0B648F8E9593.jpg
Found ! [02/11/2008 12:39] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\63B64114-7395-4337-9F62-42B17A1280FE.jpg
Found ! [02/11/2008 12:55] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\753732E7-AE5F-4185-B640-9426231184AA.jpg
Found ! [02/11/2008 12:41] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\8680CA5F-AEF4-4096-B64C-1FA9FA38B20B.jpg
Found ! [02/11/2008 12:40] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\9E36B911-A493-4EB8-B64D-7C36F3B26E23.jpg
Found ! [02/11/2008 12:40] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\A06AE301-CE2C-423E-954B-24996A9B647E.jpg
Found ! [30/07/2008 13:03] - C:\Documents and Settings\Administrateur\iWizz\Thumbnails\D8C8A97F-8A9A-453C-B64D-51355EB2B58F.jpg
Found ! [02/01/2009 22:51] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0HLRHUMI\b64[1].jpg
Found ! [20/12/2008 21:46] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0HLRHUMI\b64[2].jpg
Found ! [23/12/2008 23:01] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0HLRHUMI\b64[3].jpg
Found ! [21/12/2008 19:04] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0HLRHUMI\b64_2[1].jpg
Found ! [31/12/2008 18:18] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0HLRHUMI\b64_3[1].jpg
Found ! [15/12/2008 21:59] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64[1].jpg
Found ! [20/12/2008 21:46] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64[2].jpg
Found ! [22/12/2008 23:12] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64[3].jpg
Found ! [23/11/2008 12:15] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64_1[2].jpg
Found ! [21/12/2008 13:57] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64_3[1].jpg
Found ! [31/12/2008 13:43] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\b64_5[1].jpg
Found ! [01/01/2009 19:04] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\0LLAL3X8\mxd[1].jpg
Found ! [02/01/2009 20:50] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_2[1].jpg
Found ! [03/01/2009 13:22] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_2[2].jpg
Found ! [08/12/2008 14:22] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_2[4].jpg
Found ! [23/11/2008 12:16] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_3[2].jpg
Found ! [17/12/2008 20:53] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_3[3].jpg
Found ! [20/12/2008 21:46] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_3[4].jpg
Found ! [24/12/2008 23:32] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1A6E8F9K\b64_5[1].jpg
Found ! [24/12/2008 23:33] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3DEFUQ18\b64[1].jpg
Found ! [16/12/2008 22:29] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3DEFUQ18\b64[4].jpg
Found ! [21/12/2008 19:04] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3DEFUQ18\b64[5].jpg
Found ! [01/01/2009 19:08] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3DEFUQ18\b64_3[1].jpg
Found ! [02/01/2009 20:48] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3DEFUQ18\mxd[1].jpg
Found ! [20/12/2008 21:47] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3QQLMR5V\b64[3].jpg
Found ! [20/12/2008 21:46] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3QQLMR5V\b64_3[1].jpg
Found ! [20/12/2008 21:47] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\3QQLMR5V\mxd[1].jpg
Found ! [24/12/2008 23:33] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\5R0FOJUO\b64_2[1].jpg
Found ! [02/01/2009 20:48] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\5R0FOJUO\b64_3[1].jpg
Found ! [03/01/2009 13:28] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\5R0FOJUO\b64_5[1].jpg
Found ! [31/12/2008 18:18] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6BQIJLP4\b64[1].jpg
Found ! [18/12/2008 21:42] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6BQIJLP4\b64[2].jpg
Found ! [03/01/2009 13:28] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6BQIJLP4\b64_3[1].jpg
Found ! [24/12/2008 23:33] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6KU5D72X\b64[1].jpg
Found ! [23/12/2008 22:59] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6KU5D72X\b64_1[1].jpg
Found ! [29/12/2008 00:41] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\6KU5D72X\d7f746ecc0a4f502221a38b6425ed0a5[1].jpg
Found ! [02/01/2009 20:50] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\7TTV7N3Q\mxd[1].jpg
Found ! [23/11/2008 12:16] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\9ZO0D1VV\b64[1].jpg
Found ! [18/12/2008 21:41] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A1IA7BR3\b64_3[1].jpg
Found ! [05/12/2008 22:03] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\A1IA7BR3\mxd[1].jpg
Found ! [21/12/2008 13:56] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\CP3YMRLY\b64_3[1].jpg
Found ! [24/12/2008 19:29] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\CP3YMRLY\b64_5[1].jpg
Found ! [01/01/2009 19:07] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\CP3YMRLY\b64_5[2].jpg
Found ! [19/12/2008 20:58] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\CP3YMRLY\mxd[1].jpg
Found ! [02/01/2009 12:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\CP3YMRLY\mxd[2].jpg
Found ! [02/01/2009 20:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64[1].jpg
Found ! [19/12/2008 20:56] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_1[1].jpg
Found ! [21/12/2008 23:07] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_1[2].jpg
Found ! [31/12/2008 13:37] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_2[1].jpg
Found ! [23/12/2008 23:00] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_3[1].jpg
Found ! [31/12/2008 13:45] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_5[1].jpg
Found ! [03/01/2009 13:21] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\DVWORC1R\b64_5[2].jpg
Found ! [02/01/2009 12:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\EMT26VA5\b64[1].jpg
Found ! [18/12/2008 07:52] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\EMT26VA5\b64_2[1].jpg
Found ! [31/12/2008 18:17] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\EMT26VA5\b64_5[1].jpg
Found ! [02/01/2009 20:47] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\EMT26VA5\mxd[1].jpg
Found ! [02/01/2009 22:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FF2II0J9\b64_5[1].jpg
Found ! [21/12/2008 13:57] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\FF2II0J9\mxd[1].jpg
Found ! [19/12/2008 20:58] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KXKAB8TT\b64[1].jpg
Found ! [03/01/2009 13:23] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KXKAB8TT\b64[2].jpg
Found ! [03/01/2009 13:06] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KXKAB8TT\b64_3[1].jpg
Found ! [02/01/2009 20:48] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ONQ84MQA\b64[1].jpg
Found ! [03/01/2009 13:21] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ONQ84MQA\b64[2].jpg
Found ! [03/01/2009 13:06] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ONQ84MQA\b64_3[1].jpg
Found ! [21/12/2008 19:05] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64[1].jpg
Found ! [24/12/2008 19:30] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64[2].jpg
Found ! [01/01/2009 19:08] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64[3].jpg
Found ! [23/11/2008 12:17] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64_1[1].jpg
Found ! [01/01/2009 19:09] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64_2[1].jpg
Found ! [24/12/2008 23:32] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64_3[1].jpg
Found ! [02/01/2009 20:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64_3[2].jpg
Found ! [02/01/2009 20:47] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\b64_5[1].jpg
Found ! [02/01/2009 20:49] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\OPHSU5AJ\mxd[1].jpg
Found ! [21/12/2008 13:56] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TFE662RA\b64_1[2].jpg
Found ! [22/12/2008 23:10] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TFE662RA\b64_1[3].jpg
Found ! [02/01/2009 12:48] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\TFE662RA\mxd[1].jpg
Found ! [15/12/2008 17:57] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ZKQFPGMC\b64_2[1].jpg
Found ! [31/12/2008 18:14] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ZKQFPGMC\b64_2[2].jpg
Found ! [31/12/2008 13:44] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ZKQFPGMC\b64_3[1].jpg
Found ! [14/12/2008 14:34] - C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\ZKQFPGMC\mxd[3].jpg
Found ! [03/11/2008 23:28] - C:\Documents and Settings\Administrateur\Mes documents\Mes images\Nouveau dossier (2)\doma_(www_sverch_ru)_004_b64f.jpg
Found ! [03/11/2008 23:28] - C:\Documents and Settings\Administrateur\Mes documents\Mes images\Nouveau dossier (2)\doma_(www_sverch_ru)_006_b64f.jpg
Found ! [03/11/2008 23:28] - C:\Documents and Settings\Administrateur\Mes documents\Mes images\Nouveau dossier (2)\doma_(www_sverch_ru)_007_b64f.jpg
Found ! [03/11/2008 23:28] - C:\Documents and Settings\Administrateur\Mes documents\Mes images\Nouveau dossier (2)\doma_(www_sverch_ru)_008_b64f.jpg

--------------- [ Registre / Startup ] ----------------

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
mRouterConfig="C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
OrangePlayer=c:\program files\orange\player orange\Orange Player.exe /systray
MsnMsgr="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
TomTomHOME.exe="C:\Program Files\TomTom HOME 2\HOMERunner.exe"
PK Guard=
Orb="C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" /background
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\AdobeUpdater=
<NO NAME>=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
IntelliPoint="C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
SoundMAXPnP=C:\Program Files\Analog Devices\Core\smax4pnp.exe
SoundMAX="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
NvCplDaemon=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents=
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL=
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI=
NoChange=1
Installed=1
<NO NAME>=
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS=
Installed=1
<NO NAME>=

[HKEY_CURRENT_USER\software\local appwizard-generated applications\A1_iPod_Video_Converter_1.2.1]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\AVS_Video_Converter_5.6.1.715_[Key+Serial]]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\hldrrr]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\JMRaidTool]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\mdelk]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\nideiect]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NkvBrowser]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NkvMon]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\NkvViewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\Viewer]
[HKEY_CURRENT_USER\software\local appwizard-generated applications\WMPNSCFG]

--------------- [ Registre / Clés infectieuses ] ----------------


Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\Local AppWizard-Generated Applications\AVS_Video_Converter_5.6.1.715_[Key+Serial]
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\Local AppWizard-Generated Applications\hldrrr
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\Local AppWizard-Generated Applications\mdelk
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\Local AppWizard-Generated Applications\nideiect
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\EWZ
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\FFC
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\MuleAppData
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\UBISOFT
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\XEW
Found ! - HKEY_USERS\S-1-5-21-823518204-789336058-839522115-500\Software\XYZ
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\AVS_Video_Converter_5.6.1.715_[Key+Serial]
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\hldrrr
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\mdelk
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_CURRENT_USER\Software\EWZ
Found ! - HKEY_CURRENT_USER\Software\XYZ
Found ! - HKEY_CURRENT_USER\Software\XEW
Found ! - HKEY_CURRENT_USER\Software\FirtR

--------------- [ Etat / Services ] ----------------



+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]

/!\ Ndisuio - Type de démarrage = 4

/!\ Ip6Fw - Type de démarrage = 4

SharedAccess - Type de démarrage = 2

wuauserv - Type de démarrage = 2

/!\ wscsvc - Type de démarrage = 4



--------------- [ Recherche dans supports amovibles] ----------------


+- Informations :

C: - Lecteur fixe


+- Contenu de l'autorun : C:\autorun.inf

[autorun]
open=setup.exe


+- presence des fichiers :

Found ! [01/10/2008 22:26][--a------] - C:\autorun.inf


--------------- [ Registre / Mountpoint2 ] ----------------

Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00225aaa-8d41-11dd-9033-00030d000001}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00225aaa-8d41-11dd-9033-00030d000001}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{00225aaa-8d41-11dd-9033-00030d000001}\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0409fcb1-96a6-11db-937b-00073a47f0ed}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0409fcb1-96a6-11db-937b-00073a47f0ed}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0409fcb1-96a6-11db-937b-00073a47f0ed}\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a95c7cf-c7bf-11dd-90b6-00d05c000000}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a95c7cf-c7bf-11dd-90b6-00d05c000000}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1a95c7cf-c7bf-11dd-90b6-00d05c000000}\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e9b35a5-5cef-11dd-8fc0-00030d000001}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e9b35a5-5cef-11dd-8fc0-00030d000001}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e9b35a5-5cef-11dd-8fc0-00030d000001}\Shell\open\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6509e5bb-c44d-11dd-90ae-00d05c000000}\Shell\AutoRun\command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6509e5bb-c44d-11dd-90ae-00d05c000000}\Shell\explore\Command
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6509e5bb-c44d-11dd-90ae-00d05c000000}\Shell\open\Command


------------------- ! Fin du rapport ! --------------------

J'ai oublié de préciser que j'ai fait un autre rapport MBAM, avant celui que je viens de poster, mais je ne l'avais pas terminé !
0
Utilisateur anonyme
3 janv. 2009 à 16:12
Re,

Arrête le si en cours.

Fait ceci.

Findykill de chiquitine29 option 2:

▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir

▶ Double-clique sur le raccourci FindyKill sur ton bureau

▶ Au menu principal, choisisl'option 2 (Suppression)

/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

▶ Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
0
D'accord.

Tout premier rapport MBAM abandonné :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1602
Windows 5.1.2600 Service Pack 2

03/01/2009 14:09:44
mbam-log-2009-01-03 (14-09-44).txt

Type de recherche: Examen rapide
Eléments examinés: 38552
Temps écoulé: 10 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d31b5c62-0e69-4c88-8d42-e6aea5abb37e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d31b5c62-0e69-4c88-8d42-e6aea5abb37e} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ad7fafb0-16d6-40c3-af27-585d6e6453fd} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7aa32fc7-133b-4ae7-998e-ced0d9829b12} (Trojan.Dialer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ba4271e-5c1e-48e2-b432-d8bf420dd31d} (Rogue.DeusCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{060bb0ab-4b09-4c51-9ecb-9580a6d08d7f} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d5792aa9-d373-4039-8670-2cdab6a71f15} (Trojan.Lop) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{060bb0ab-4b09-4c51-9ecb-9580a6d08d7f} (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kacik (Adware.Navipromo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{060bb0ab-4b09-4c51-9ecb-9580a6d08d7f} (Trojan.Vundo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\tcpmib32.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\kacik_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\kacik_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\kacik.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur\Local Settings\Application Data\kacik.exe (Adware.Navipromo.H) -> Delete on reboot.
0
Utilisateur anonyme
3 janv. 2009 à 16:21
Bonjours ,

pour suivre merci
0
J'écris d'un autre ordinateur. Celui infecté met beaucoup de temps a se fermer !!!
Que dois-je faire ?
0
Utilisateur anonyme
3 janv. 2009 à 16:35
Re,

Tu la passer l'option 2 ou pas ?

ou en cours...
0
J'ai fait l'option 2, il s'est eteint, je me suis absenté le temps qu'il redemarre, et dès que je reviens c'est toujours "Fermeture de Windows" ...
0
Utilisateur anonyme
3 janv. 2009 à 16:41
Re,

Patiente un peu tout de même et voit d'ici dix minutes .

Sinon,on passera a autres choses.
0
D'accord, merci !

Qu'est qu'il a en faite l'ordinateur ?
0
chimay8 Messages postés 7720 Date d'inscription jeudi 1 mai 2008 Statut Contributeur sécurité Dernière intervention 3 janvier 2014 60
3 janv. 2009 à 16:44
une overdose de cracks!!!
0
Utilisateur anonyme
3 janv. 2009 à 16:45
Re,

tu as du télécharger un crack et il était infecter par un BEAGLE donc cela te bouffe ton antivirus et autres merde qui te bloque ton Mode sans échec.....
0
Il y a beaucoup de virus differents, ou il n'y a que Bagle ??

J'avais une petite question, est ce qu'il est possible que cet ordinateur qui est infecté ai transmis ses/son virus a un autre ordi du reseau qui possedeait beaucoup moins de problèmes (2 clés de registres inféctés) ? Et le contraire est possible ?

Toujours "Fermeture de Windows" ...
0
evasion60/PCA Messages postés 819 Date d'inscription mercredi 2 novembre 2005 Statut Contributeur sécurité Dernière intervention 29 janvier 2010 92
3 janv. 2009 à 16:52
Hello TLM

... Juste pour suivre, aussi comme Chiquitine, mais grave erreur dès le départ avec X-V ( remontez les posts ) ( cela reste que mon avis perso )

Elibagla avait déjà bien nettoyé, passer de suite derrière le Tool de Chiquitine perturbe la machine, et pour cause !!!

Cordialement
Evasion60
0
Utilisateur anonyme
3 janv. 2009 à 16:52
Re,

Tu as plusieurs infections sur ton pc.

Tout d'abord j'aimerais que tu t'inscrit sur CCM.

Être membre permet de bénéficier de plusieurs fonctionnalités comme un meilleur suivi de vos interventions, l'utilisation de la messagerie privée CCM, la possibilité de donner son avis sur tel ou tel logiciel ou matériel... et bien d'autres.
comment s'inscrire sur Comment Ca Marche

Une fois inscrit je t'envoi un MP pour te donner un lien qui et tu fera et suivras les conseil que je te donnerai.
0
Utilisateur anonyme
3 janv. 2009 à 16:54
re

passer de suite derrière le Tool de Chiquitine perturbe la machine, et pour cause !!!

expliquation ? .... mp si tu veux ou ici
0
evasion60/PCA Messages postés 819 Date d'inscription mercredi 2 novembre 2005 Statut Contributeur sécurité Dernière intervention 29 janvier 2010 92
3 janv. 2009 à 17:06
Oui, je te contacte par MP

Cordialement
Evasion60
0
Utilisateur anonyme > evasion60/PCA Messages postés 819 Date d'inscription mercredi 2 novembre 2005 Statut Contributeur sécurité Dernière intervention 29 janvier 2010
3 janv. 2009 à 17:17
ok parfait ,

a te lire ..
0
lilibiscuit Messages postés 50 Date d'inscription dimanche 9 mars 2008 Statut Membre Dernière intervention 9 juin 2013
3 janv. 2009 à 16:57
En fait, j'avais deja un compte, mais je ne m'étais pas identifié. Donc c'est bon.
0
Utilisateur anonyme
3 janv. 2009 à 16:59
Re,

Le mp et partie.

Poste le rapport sur le forum.
0