Virus bagle aidez moi svp

ThaNa80400 Messages postés 2 Date d'inscription   Statut Membre Dernière intervention   -  
jlpjlp Messages postés 51580 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

je suis infestée par bagle, jai téléchargé elibagla je ne sais pas quoi faire ensuite.
Si vous pouvez m'aider svp !!
merci


(22-3-2009 22:27:31)
EliBagle v12.37 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 18 de Marzo del 2009)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\MDELK.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\WINUPGRO.EXE --> Bagle Renombrado a .VIR
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\SROSA2.SYS --> Eliminado Bagle(rootkit)
C:\USERS\TOTO\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\M\LIST.OCT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\DOWN\234909296.EXE --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\DOWN\308001765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\100546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102459515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102497078.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102579671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102596453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102631500.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102718250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102767625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102892640.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\102905781.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103054656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103091250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103106328.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103116218.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103143484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103161437.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103162937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103216953.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103236156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103264062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103270921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103290046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103372500.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103426000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103510156.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103562546.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103597390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103699890.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103810796.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103832000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\103959812.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104189765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104190796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104272140.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104359781.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104491718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104532796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\104614296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\1054140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\105865515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\105898796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\105907203.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\1063343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\106888781.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\107075656.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\107212078.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\107343046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\112015.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117018484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117060906.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117154765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117194828.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117238781.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117329656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117449062.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117509687.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117553531.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117622343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117653125.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117700281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117720843.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117722781.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117741000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117745390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117750875.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117805343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117812421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117856328.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117872281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117886625.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117897203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\117997156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118040781.EXE --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\WINUPGRO.EXE.Muestra EliBagle v12.37
a "virus@satinfo.es". Gracias.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\WINUPGRO.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118269078.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118279625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118317906.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118410984.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118410984.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118412671.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118412671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118532875.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118532875.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118577015.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118578828.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118696718.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118786703.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118980406.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\118980406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119029875.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119029875.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119060968.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119060968.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119184953.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119184953.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\119301656.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120469312.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120469312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120502484.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120502484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120510671.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120510671.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120583812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\120583812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\121351578.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\121382531.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\121402828.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\121808468.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\121937343.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\122066703.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\122066703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131681234.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131681234.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131777046.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131826484.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131826484.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\131925093.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132148328.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132152015.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132152015.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132164796.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132164796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132186734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132186734.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132236453.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132236453.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132251500.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132251500.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132266234.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132266234.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132345593.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132345593.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132360671.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132360671.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132409296.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132449312.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132463000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132509531.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132555125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132586359.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132686140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132734562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132979015.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133022984.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133051453.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133105390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133136765.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133222484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133284375.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133316218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133377187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133770875.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133792484.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\133878812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\134007453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\134087359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\135064250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\135076453.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\135186125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136002125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136022656.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136088203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136531281.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136690250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\136811359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\139437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146245031.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146370187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146378421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146442765.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146536312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146777546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146854265.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146905500.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146923859.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\146982046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147010578.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147056656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147144468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147184093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147194000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147216906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147268296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147291437.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147382796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147426578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147671578.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147788468.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147793703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147794531.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14789750.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\147910218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148069437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14829187.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14835812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148456578.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14846406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14848046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14849109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148527312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148579531.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14859546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14859703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14865812.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14872546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14876250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148770531.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14883765.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\148863109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14892109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14897046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14899390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14901234.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14912656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14918046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14928906.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14930375.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14933468.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14943984.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14951203.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14951390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14953671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14961140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\149626609.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\149659875.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14988296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14992593.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\14994703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15001187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15015593.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15017734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15023515.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15027125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15034671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15047515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15048093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\150539718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15055906.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15057093.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\150577140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15059109.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\150594953.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\150670312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15067937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15071312.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15076015.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15089031.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15092078.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15092250.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15094078.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15096359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15097218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15105046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15105156.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15105500.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15112000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15117031.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15123046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15126578.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15129093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15140078.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15144921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15156031.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15159968.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15163796.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15167406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15169437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15176593.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15177187.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15197437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15213609.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15215421.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\152156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15227062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15237281.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15237359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15245015.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15246328.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15250593.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15255781.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15256265.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15258093.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15264812.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15271203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15272968.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15275640.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15276062.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15295171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15298593.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15305937.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15312609.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15348734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15357328.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15358500.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15379468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15393687.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15395578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15401859.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15403671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15411953.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15422187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15436406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15445812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15449656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15479125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15490140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15510828.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15517046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15520015.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15536265.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15548250.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15581078.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15582484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15583937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15656390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15714984.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\15869265.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\160421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\160625.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\160821906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\160887968.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161070546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161114296.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161202484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161324828.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161438421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161478109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161521515.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161664218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161683093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161685859.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161725656.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161729843.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161795468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161842843.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161876234.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161898625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\161988343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162033296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162357046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162482234.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162483109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162519718.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162615218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162716406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162765234.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\162982593.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163245328.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163264281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163327843.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163434171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163456218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\163581062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\164258406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\164267843.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\164335656.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\165125109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\165167953.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\175426609.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\175697875.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\175798859.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\175908109.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176028140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176063562.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176082421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176295500.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176323734.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176383750.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176398359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176417640.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176438406.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176463390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176487468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176518531.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176576468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176613156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\176666296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\177105062.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\177449343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\177470031.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\177717218.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178002562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178063234.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178072515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178244906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178393203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178667906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178794343.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178828468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178848734.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\178980421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\179697671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\179735312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\179850218.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\179931109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\181890.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\185826093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\185858312.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\186058171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\186107843.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190016062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190061890.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190145421.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190418281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190455968.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190581671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190758281.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190826828.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\190987187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191015218.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191044453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191071484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191078718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191097625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191123218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191125000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191157187.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191207781.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191232718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191278171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191323562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191875.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191894859.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\191927921.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192146609.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192274093.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192468265.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192549031.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192671218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192860062.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\192988906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\193004062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\193106921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\193420203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\193537140.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\193827875.EXE --> Eliminado Bagle
Por favor, envienos una muestra del fichero
C:\Muestras\132449312.EXE.Muestra EliBagle v12.37
a "virus@satinfo.es". Gracias.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\132449312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\194384109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\194425187.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\194447734.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\194593921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\196109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\196125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\196843.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\198250.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\200614453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\200635343.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\200714000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\200850359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\203515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204609062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204663875.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204745562.EXE --> Eliminado Bagle

(22-3-2009 22:36:4)
EliBagle v12.37 (c)2009 S.G.H. / Satinfo S.L. (Actualizado el 18 de Marzo del 2009)
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\MDELK.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\SROSA.SYS --> Bagle(rootkit) Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\M\FLEC006.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204872203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204872203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204914531.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\204914531.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205017937.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205017937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205054984.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205093.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205093.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205218.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205279328.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205466312.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205624171.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205650093.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205672734.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205672734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205680171.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205680171.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205693421.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205707562.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205707562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205728687.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205751453.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205751453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205766812.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205766812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205779578.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205779578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205802046.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205820812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205848984.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205848984.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205863953.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205863953.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205901281.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205901281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205951203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\205951203.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\206685906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\206685906.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\206835921.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\206835921.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207066953.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207066953.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207106218.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207106218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207149265.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207149265.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207272281.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207272281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207477281.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207477281.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207557796.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207557796.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\207991343.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208108750.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208108750.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208171609.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208171609.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208277546.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208277546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208309109.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208309109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208332265.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\208332265.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209063406.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209063406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209103968.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209103968.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209136109.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209136109.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209283171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209283171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\209437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215359125.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215388375.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215514812.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\215564593.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\217046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\217046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219201078.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219353531.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219353531.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219471156.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219471156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219520375.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\219605906.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220091671.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220091671.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220209109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220280843.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220280843.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220326218.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220359125.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220359125.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220369609.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220369609.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220388062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220388062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220435515.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220435515.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220508218.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220508218.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220516484.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220516484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220561828.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\220561828.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221542750.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221542750.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221623046.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221623046.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221741187.EXE --> Eliminado Bagle.dldr
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221850109.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\221869953.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222251468.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222251468.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222583984.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222583984.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222658953.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222771093.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222771093.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222775062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222775062.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222853437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222853437.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222895921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222896937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222896937.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222904203.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222926625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\222926625.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223002312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223002312.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223020390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223020390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223171.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223744703.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223744703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223776546.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223776546.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223782734.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223782734.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223913765.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\223913765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\227078.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\227078.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230075796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230075796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230180562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230180562.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230453.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230750.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\230750.EXE --> Bagle Renombrado a .VIR
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\233871593.EXE --> Eliminado Bagle
gado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\233912796.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\233912796.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\233995296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\233995296.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234063781.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234063781.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234107953.EXE --> Eliminado Bagle
ldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234291156.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234294703.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234294703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234550453.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234727484.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234727484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234862984.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234862984.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234969406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234969406.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234974734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234974734.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234976578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\234976578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\235012078.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\235127625.EXE --> Eliminado Bagle.dldr

C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\235262718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\235262718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\236265328.EXE --> Bagle.dldr Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\236265328.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\236379921.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237110500.EXE --> Eliminado Bagle
ldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237395765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237395765.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237453.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237455718.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237455718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237470484.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237470484.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237496046.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237496046.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237503718.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237503718.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237572390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237572390.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237644578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237644578.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237760812.EXE --> Bagle Acceso Denegado.
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\237760812.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\238406.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\244031.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245045687.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\238406.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245064921.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245365156.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245064921.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245640.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\245640.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\248508390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\248714906.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\248756671.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\248927703.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249220390.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249458625.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249593453.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249688187.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249765.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249774000.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249812359.EXE --> Eliminado Bagle
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249835250.EXE --> Eliminado Bagle.dldr
C:\USERS\TOTO\APPDATA\ROAMING\DRIVERS\DOWNLD\249980656.EXE --> Eliminado B
A voir également:

5 réponses

Réponse 1 / 5
jlpjlp Messages postés 51580 Date d'inscription   Statut Contributeur sécurité Dernière intervention   5 040
 
slt
vire elibaga de ton ordi
puis vire tes cracks

puis


Telecharge FindyKill sur ton bureau :

--> http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

--> Lance l installation avec les parametres par default

--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 1 (Recherche)

--> Post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
0
ThaNa80400
 
Voila le rapport:

############################## [ FindyKill V4.720 ]

# User : toto (Administrateurs) # PC-DE-TOTO
# Update on 22/03/09 by Chiquitine29
# Start at: 13:04:12 | 27/03/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
# Microsoft© Windows VistaT dition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 225,27 Go (43,07 Go free) [SYSTEM] # NTFS
# D:\ # Disque fixe local # 59,15 Go (42,67 Go free) [DATA] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# K:\ # Disque amovible

############################## [ Processus actifs ]

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Syncrosoft\POS\H2O\cledx.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\toto\AppData\Local\makwe.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\Crawler\CToolbar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\toto\Desktop\ELIBAGLA.%D8F%D8DB%D8I.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\msiexec.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\osk.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## [ Fichiers / Dossiers infectieux C:\ ]

Found ! - "C:\Muestras"
Found ! - C:\InfoSat.txt

################## [ C:\Windows ]


################## [ C:\Windows\system32 ]

Found ! - C:\Windows\system32\mdelk.exe
Found ! - C:\Windows\system32\wintems.exe

################## [ C:\Windows\system32\drivers ]


################## [ C:\.. Application Data ... ]

Found ! - "C:\Users\toto\AppData\Roaming\m\flec006.exe"
Found ! - "C:\Users\toto\AppData\Roaming\m\shared"
Found ! - "C:\Users\toto\AppData\Roaming\m"
Found ! - "C:\Users\toto\AppData\Roaming\drivers"
Found ! - "C:\Users\toto\AppData\Roaming\drivers\srosa.sys"
Found ! - "C:\Users\toto\AppData\Roaming\drivers\downld"

################## [ Registre / Clés infectieuses ]

Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\FirtR
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_patch
Found ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\srosa
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sK9Ou0s
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Enum\Root\LEGACY_SK9OU0S
Found ! - HKEY_CURRENT_USER\Software\FirtR
Found ! - HKEY_CURRENT_USER\Software\MuleAppData
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Found ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Found ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"

# Infection active : HKLM\SYSTEM\...\Services\srosa -> Start = 0x1
# Infection active : HKLM\SYSTEM\...\Services\sK9Ou0s -> Start = 0x1

################## [ Recherche dans supports amovibles]

# Presence des fichiers :


################## [ Registre / Mountpoint2 ]

# -> Not found !

################## [ ! Fin du rapport # FindyKill V4.720 ! ]
0
Réponse 2 / 5
jlpjlp Messages postés 51580 Date d'inscription   Statut Contributeur sécurité Dernière intervention   5 040
 
Branche tes sources de données externes à ton PC, (clé USB, disque dur externe, etc...) suceptible d avoir été infectés sans les ouvrir


--> Double clic sur le raccourci FindyKill sur ton bureau

--> Au menu principal,choisi l option 2 (Suppression)


/!\ il y aura 2 redémarrage, laisse travailler l outils jusqu a l apparition du message "nettoyage effectué"

/!\ Ne te sert pas du pc durant la suppression , ton bureau ne sera pas accessible c est normal !

-------> ensuite post le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé a la racine du disque
Note : Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet "Fichier" , "Nouvelle tâche" , tapes explorer.exe et valides

____________________________


Télécharge ici :

http://images.malwareremoval.com/random/RSIT.exe

random's system information tool (RSIT) par andom/random et sauvegarde-le sur le Bureau.

Double-clique sur RSIT.exe afin de lancer RSIT.

Clique Continue à l'écran Disclaimer.

Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront.

Poste le contenu de log.txt (<<qui sera affiché)
ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).

NB : Les rapports sont sauvegardés dans le dossier C:\rsit
0
Réponse 3 / 5
ThaNa80400
 
Voila j'ai tout ce que tu m'a dit.
Voici les resultats:

- Rapport n°2 Findykill




############################## [ FindyKill V4.720 ]

# User : SYSTEM () # PC-DE-TOTO
# Update on 22/03/09 by Chiquitine29
# Start at: 22:23:31 | 31/03/2009
# Website : http://pagesperso-orange.fr/FindyKill.Ad.Remover/

# AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
# Microsoft© Windows VistaT dition Familiale Premium (6.0.6001 32-bit) # Service Pack 1
# Internet Explorer 7.0.6001.18000
# Windows Firewall Status : Disabled

# C:\ # Disque fixe local # 225,27 Go (43,29 Go free) [SYSTEM] # NTFS
# D:\ # Disque fixe local # 59,15 Go (42,67 Go free) [DATA] # NTFS
# E:\ # Disque CD-ROM
# G:\ # Disque amovible
# H:\ # Disque amovible
# I:\ # Disque amovible
# J:\ # Disque amovible
# K:\ # Disque amovible

############################## [ Active Processes ]

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe

################## [ Infected Files / Folders C:\ ]

Deleted ! - "C:\Muestras"
Deleted ! - C:\InfoSat.txt

################## [ C:\Windows ]


################## [ C:\Windows\system32 ]

Deleted ! - C:\Windows\system32\mdelk.exe
Deleted ! - C:\Windows\system32\wintems.exe

################## [ C:\Windows\system32\drivers ]


################## [ C:\.. Application Data ... ]

Deleted ! - "C:\Users\toto\AppData\Roaming\m\flec006.exe"
Deleted ! - "C:\Users\toto\AppData\Roaming\m\shared"
Deleted ! - "C:\Users\toto\AppData\Roaming\m"
Deleted ! - "C:\Users\toto\AppData\Roaming\drivers\srosa.sys"
Deleted ! - "C:\Users\toto\AppData\Roaming\drivers\downld"
Deleted ! - "C:\Users\toto\AppData\Roaming\drivers"

################## [ Registry / Infected keys ]

Deleted ! - HKEY_CURRENT_USER\Software\FirtR
Deleted ! - HKEY_CURRENT_USER\Software\MuleAppData
Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_crack
Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\install_patch
Deleted ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winupgro
Deleted ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\MuleAppData
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Deleted ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"drvsyskit"
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Deleted ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"german.exe"
Deleted ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"
Deleted ! - HKEY_USERS\S-1-5-21-1371299326-2524384739-3655337171-1000\Software\Microsoft\Windows\CurrentVersion\Run\\"mule_st_key"

################## [ Cleaning Removable drives ]

# Deleting files :


################## [ Registry / Mountpoint2 ]

# -> Not found !

################## [ Searching Other Infections ]

Deleted ! : C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
# Taille : 798728 # MD5 : 12FFFACDF02B1C930B14AB595FDECD6E


################## [ PEH Corrupted ]

C:\Program Files\Alwil Software\Avast4\ashAvast.exe
C:\Program Files\Alwil Software\Avast4\ashChest.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashPopWz.exe
C:\Program Files\Alwil Software\Avast4\ashQuick.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe
C:\Program Files\Alwil Software\Avast4\ashSkPck.exe
C:\Program Files\Alwil Software\Avast4\ashUpd.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\sched.exe
C:\Program Files\Alwil Software\Avast4\VisthLic.exe
C:\Program Files\Alwil Software\Avast4\VisthUpd.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\PeerGuardian2\pg2.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Windows\System32\DriverStore\FileRepository\pfc027.inf_c3af346e\Monitor.exe

################## [ ! End of Report # FindyKill V4.720 ! ]

Et voici info et log de RSIT

info.txt logfile of random's system information tool 1.06 2009-03-31 22:43:43

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.1 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}
adsl TV-->C:\Program Files\adslTV\Uninstal.exe
AE2ls 1.0.3-->C:\Program Files\AE2ls\uninst.exe
Ambisone VST 2.02-->C:\Windows\iun6002.exe "C:\Program Files\VstPlugins\Ambisone VST\irunin.ini"
Apple Mobile Device Support-->MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update-->MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Applian FLV Player-->"C:\Windows\Applian FLV Player\uninstall.exe" "/U:C:\Program Files\FLV Player\Uninstall\uninstall.xml"
Applied Acoustics Lounge Lizard EP VSTi DXi v3.0-->C:\PROGRA~1\AAS\LOUNGE~1.0\UNWISE.EXE C:\PROGRA~1\AAS\LOUNGE~1.0\INSTALL.LOG
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
ASIO4ALL-->C:\Program Files\ASIO4ALL v2\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
Camel Audio Camel Phat VST v3.15-->C:\PROGRA~1\VSTPLU~1\CAMELP~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\CAMELP~1\INSTALL.LOG
CamfrogWEB Advanced ActiveX Plugin (remove only)-->"C:\Program Files\CFWebAdvancedU\Uninstall.exe"
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Ciel Compta Démo 13.0-->MsiExec.exe /I{E2C7E326-3453-4495-8E71-340827E0AD2A}
Ciel Devis Factures Démo 6.0-->MsiExec.exe /I{F638A716-81A9-487A-B9B6-BE86844EDA41}
Collab-->C:\Program Files\Image-Line\Collab\uninstall.exe
Crawler Toolbar-->C:\PROGRA~1\Crawler\CToolbar.exe uninst
CUE Splitter-->MsiExec.exe /I{12B60D3B-90B4-4175-BB90-FCE19ACD9B02}
Détecteur de flux Windows Live Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{EFFCB0F1-CFEC-48D4-B793-EBFCAE852976}
DiscoDSP Discovery v1.5-->C:\PROGRA~1\VSTPLU~1\discoDSP\DISCOV~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\discoDSP\DISCOV~1\INSTALL.LOG
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Edirol SuperQuartet v1.02-->C:\PROGRA~1\Edirol\SUPERQ~1\UNWISE.EXE C:\PROGRA~1\Edirol\SUPERQ~1\INSTALL.LOG
eMule-->"C:\Program Files\eMule\Uninstall.exe"
Exact Audio Copy 0.95b4-->C:\Program Files\Exact Audio Copy\uninst.exe
Favorit-->c:\users\toto\appdata\local\oamimsc.bat
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
FL Studio 7-->C:\Program Files\Image-Line\FL Studio 7\uninstall.exe
FL Studio 8-->C:\Program Files\Image-Line\FL Studio 8\uninstall.exe
FL Studio v7.0-->"C:\Program Files\Image-Line\FL Studio 7\unins000.exe"
Free Mp3 Wma Converter V 1.7.2-->"C:\Program Files\Free Audio Pack\unins000.exe"
Free YouTube to Mp3 Converter version 2.4-->"C:\Program Files\DVDVideoSoft\Free YouTube to Mp3 Converter\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
GForce - Minimonsta-->C:\Windows\unvise32.exe C:\Program Files\GForce\Minimonsta\uninstal.log
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Hydra VSTi/DXi v1.2 Demo-->"C:\Program Files\VstPlugins\Hydra\unins000.exe"
IL Download Manager-->C:\Program Files\Image-Line\Downloader\uninstall.exe
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
IziSpot 4-->MsiExec.exe /X{78DEE332-4FE2-469F-9CF7-F54C47E11F21}
Java(TM) 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Lecteur CANALPLAY 2.4-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E9E37358-E3E1-47BA-9E21-375EF3616BC9}\setup.exe" -l0x40c -removeonly
Les Sims 2-->C:\Program Files\EA GAMES\Les Sims 2\EAUninstall.exe
Les Sims™ 2 Animaux & Cie-->C:\Program Files\EA GAMES\Les Sims 2 Animaux & Cie\EAUninstall.exe
Les Sims™ 2 Kit Glamour-->C:\Program Files\EA GAMES\Les Sims 2 Kit Glamour\EAUninstall.exe
Les Sims™ 2 Tout pour les ados Kit-->C:\Program Files\EA GAMES\Les Sims 2 Tout pour les ados Kit\EAUninstall.exe
LG PC Suite-->C:\Program Files\InstallShield Installation Information\{993960EE-CA4D-443F-8F88-E24260DD5FD2}\setup.exe -runfromtemp -l0x040c -removeonly
LG USB Modem driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3ABE126-2BB2-4246-BFE1-6797679B3579}\setup.exe" -l0x40c LG -removeonly
Lightroom-->MsiExec.exe /I{6297F8EC-D821-4B33-B845-8A8D1A0DF472}
LinPlug daOrgan-->C:\Program Files\VstPlugins\UninstalOrgan.exe
LinPlug DeltaIII VSTi v3.0.5-->C:\PROGRA~1\VSTPLU~1\DeltaIII\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\DeltaIII\INSTALL.LOG
Live-Player-->C:\Program Files\Live-Player\uninst.exe
Ma-Config.com-->MsiExec.exe /X{8AFB8FC4-3EBA-4C67-943F-CF43DB2180F1}
Menus intelligents (Windows Live Toolbar)-->MsiExec.exe /X{0CC70FEF-5068-4CD5-B4DE-86FFD98EC929}
Messenger Plus! Live & Sponsor (CiD)-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft WorldWide Telescope-->MsiExec.exe /I{E7A9DCC5-8D19-4B95-BED8-2DB41F920F11}
MixVibes PRO 5 uninstall-->C:\Program Files\MixVibesPro5\uninstall.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
Native Instruments FM7-->C:\PROGRA~1\NATIVE~1\Fm7\UNWISE.EXE C:\PROGRA~1\NATIVE~1\Fm7\INSTALL.LOG
Native Instruments FM8 v1.0.1.002 VSTi DXi RTAS-->C:\PROGRA~1\NATIVE~1\FM8\UNWISE.EXE C:\PROGRA~1\NATIVE~1\FM8\INSTALL.LOG
Nero 7 Essentials-->MsiExec.exe /I{F0A7FB2C-99E2-4884-9187-4BC60B2C1036}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
ONES Trial (F)-->C:\Windows\InZU31.exe /U:C:\Program Files\ONES Trial (F)\Uninstall.inz /L:f /K:ONES(F)
OpenOffice.org 2.2-->MsiExec.exe /I{BF516A44-48E3-4319-BBF6-B4B66E9F76FA}
Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
Pixia 3.3b-->"C:\Program Files\Seagrand\Pixia\unins000.exe"
PoiZone-->C:\Program Files\Image-Line\PoiZone\uninstall.exe
QuickTime-->MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
Quivi 0.4-->C:\Program Files\Quivi\uninst.exe
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
reFX Nexus Demo-->"C:\Program Files\VstPlugins\unins001.exe"
reFX Vanguard 1.7.2-->"C:\Program Files\VstPlugins\unins000.exe"
ReValver-->"C:\Program Files\Alien Connections\ReValver\unins000.exe"
Rob Papen Albino 3-->C:\Program Files\VstPlugins\UninstalAlbino3.exe
Search Settings 1.2-->MsiExec.exe /X{D0C73318-7B4A-4D16-A0C4-3B83F075EA88}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Sina Web TV-->C:\PROGRA~1\sina\SINAWE~1\302~1.9BE\UNWISE.EXE C:\PROGRA~1\sina\SINAWE~1\302~1.9BE\Install.LOG
SolveigMM AVI Trimmer-->"C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\Uninstall.exe" "C:\Program Files\Solveig Multimedia\SolveigMM AVI Trimmer\install.log" -u
Sonic Charge µTonic VSTi v2.0-->C:\PROGRA~1\VSTPLU~1\SONICC~1\MICROT~1\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\SONICC~1\MICROT~1\INSTALL.LOG
Sonic Syndicate Junglist VSTi v3.02-->C:\PROGRA~1\VSTPLU~1\Junglist\Log\UNWISE.EXE C:\PROGRA~1\VSTPLU~1\Junglist\Log\INSTALL.LOG
Sony ACID Pro 6.0-->MsiExec.exe /X{2956585F-DB2F-45C2-9363-F8CB0BB4F2A7}
Sony Media Manager 2.2-->MsiExec.exe /X{2B5A75F0-FD85-4094-AB00-94902398D192}
SSL X-ORCISM v1.1-->C:\Program Files\VstPlugins\Solid State Logic\Remove X-ORCISM.exe
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Test_OnlineDiagnostic-->MsiExec.exe /I{538A1AE6-5D8B-4BF1-B1B3-AE14FDE21C09}
Toxic Biohazard-->C:\Program Files\Image-Line\Toxic Biohazard\uninstall.exe
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Uninstall 1.0.0.0-->"C:\Program Files\Common Files\DVDVideoSoft\unins000.exe"
Veetle TV Player 0.9.11-->C:\Program Files\Veetle\VLC\uninstall.exe
Veetle TV Player 0.9.11-->C:\Windows\UninstVeetleTVPlayer.exe
VideoLAN VLC media player 0.8.6c-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual DJ - Atomix Productions-->C:\PROGRA~1\VIRTUA~1\UNWISE.EXE C:\PROGRA~1\VIRTUA~1\INSTALL.LOG
Waldorf.Attack.v1.2-OxYGeN-->C:\Windows\WALDA\UNWISE.EXE C:\Windows\WALDA\INSTALL.LOG
WebMediaPlayer-->C:\Program Files\WebMediaPlayer\uninst.exe
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Movie Maker Bêta-->MsiExec.exe /X{F874DF52-A31F-44C1-A606-EF40F1549261}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}

======Security center information======

AS: Windows Defender (disabled)

======System event log======

Computer Name: PC-de-toto
Event Code: 7000
Message: Le service aswFsBlk n'a pas pu démarrer en raison de l'erreur :
Le fichier spécifié est introuvable.
Record Number: 120684
Source Name: Service Control Manager
Time Written: 20090331202558.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-toto
Event Code: 7000
Message: Le service Parallel port driver n'a pas pu démarrer en raison de l'erreur :
Le service ne peut pas être démarré parce qu'il est désactivé ou qu'aucun périphérique activé ne lui est associé.
Record Number: 120714
Source Name: Service Control Manager
Time Written: 20090331202558.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-toto
Event Code: 7000
Message: Le service Planificateur LiveUpdate automatique n'a pas pu démarrer en raison de l'erreur :
Le chemin d'accès spécifié est introuvable.
Record Number: 120721
Source Name: Service Control Manager
Time Written: 20090331202558.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-toto
Event Code: 7026
Message: Le pilote de démarrage système ou d'amorçage suivant n'a pas pu se charger :
aswSP
Record Number: 120747
Source Name: Service Control Manager
Time Written: 20090331202558.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-toto
Event Code: 2004
Message: Windows Defender a rencontré une erreur lors de la tentative de chargement des signatures et va essayer de revenir à un jeu de signatures correct.
Signatures essayées : Sauvegarde
Code de l’erreur : 0x80092003
Description de l’erreur : Une erreur s'est produite lors de la lecture ou de l'écriture dans un fichier.
Signatures chargées : Par défaut
Version chargée des signatures : 1.0.0.0
Version chargée du moteur : 1.1.3007.0
Record Number: 120769
Source Name: Microsoft-Windows-Windows Defender
Time Written: 20090331203115.000000-000
Event Type: Erreur
User:

=====Application event log=====

Computer Name: PC-de-toto
Event Code: 6000
Message: L’abonné aux notifications Winlogon <GPClient> n’était pas disponible pour traiter un événement de notification.
Record Number: 60527
Source Name: Microsoft-Windows-Winlogon
Time Written: 20090331202218.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-toto
Event Code: 4609
Message: Le système d'événements de COM+ a détecté un code de renvoi erroné lors de son traitement interne. Le HRESULT est 8007043c à partir de la ligne 45 de d:\vistasp1_gdr\com\complus\src\events\tier1\eventsystemobj.cpp. Contactez les services de support technique Microsoft pour signaler cette erreur.
Record Number: 60529
Source Name: Microsoft-Windows-EventSystem
Time Written: 20090331202228.000000-000
Event Type: Erreur
User:

Computer Name: PC-de-toto
Event Code: 6000
Message: L’abonné aux notifications Winlogon <GPClient> n’était pas disponible pour traiter un événement de notification.
Record Number: 60532
Source Name: Microsoft-Windows-Winlogon
Time Written: 20090331202338.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-toto
Event Code: 6000
Message: L’abonné aux notifications Winlogon <GPClient> n’était pas disponible pour traiter un événement de notification.
Record Number: 60535
Source Name: Microsoft-Windows-Winlogon
Time Written: 20090331202339.000000-000
Event Type: Avertissement
User:

Computer Name: PC-de-toto
Event Code: 6000
Message: L’abonné aux notifications Winlogon <Profiles> n’était pas disponible pour traiter un événement de notification.
Record Number: 60536
Source Name: Microsoft-Windows-Winlogon
Time Written: 20090331202339.000000-000
Event Type: Avertissement
User:

=====Security event log=====

Computer Name: PC-de-toto
Event Code: 4648
Message: Tentative d’ouverture de session en utilisant des informations d’identification explicites.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-TOTO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Compte dont les informations d’identification ont été utilisées :
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Serveur cible :
Nom du serveur cible : localhost
Informations supplémentaires : localhost

Informations sur le processus :
ID du processus : 0x270
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Adresse du réseau : -
Port : -

Cet événement est généré lorsqu’un processus tente d’ouvrir une session pour un compte en spécifiant explicitement les informations d’identification de ce compte. Ceci se produit le plus souvent dans les configurations par lot comme les tâches planifiées, ou avec l’utilisation de la commande RUNAS.
Record Number: 19282
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080825082633.593750-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-toto
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-TOTO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x270
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 19283
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080825082633.593750-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-toto
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : SYSTEM
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e7

Privilèges : SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 19284
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080825082633.593750-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-toto
Event Code: 4624
Message: L’ouverture de session d’un compte s’est correctement déroulée.

Sujet :
ID de sécurité : S-1-5-18
Nom du compte : PC-DE-TOTO$
Domaine du compte : WORKGROUP
ID d’ouverture de session : 0x3e7

Type d’ouverture de session : 5

Nouvelle ouverture de session :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e5
GUID d’ouverture de session : {00000000-0000-0000-0000-000000000000}

Informations sur le processus :
ID du processus : 0x270
Nom du processus : C:\Windows\System32\services.exe

Informations sur le réseau :
Nom de la station de travail :
Adresse du réseau source : -
Port source : -

Informations détaillées sur l’authentification :
Processus d’ouverture de session : Advapi
Package d’authentification : Negotiate
Services en transit : -
Nom du package (NTLM uniquement) : -
Longueur de la clé : 0

Cet événement est généré lors de la création d’une ouverture de session. Il est généré sur l’ordinateur sur lequel l’ouverture de session a été effectuée.

Le champ Objet indique le compte sur le système local qui a demandé l’ouverture de session. Il s’agit le plus souvent d’un service, comme le service Serveur, ou un processus local tel que Winlogon.exe ou Services.exe.

Le champ Type d’ouverture de session indique le type d’ouverture de session qui s’est produit. Les types les plus courants sont 2 (interactif) et 3 (réseau).

Le champ Nouvelle ouverture de session indique le compte pour lequel la nouvelle ouverture de session a été créée, par exemple, le compte qui s’est connecté.

Les champs relatifs au réseau indiquent la provenance d’une demande d’ouverture de session à distance. Le nom de la station de travail n’étant pas toujours disponible, peut être laissé vide dans certains cas.

Les champs relatifs aux informations d’authentification fournissent des détails sur cette demande d’ouverture de session spécifique.
- Le GUID d’ouverture de session est un identificateur unique pouvant servir à associer cet événement à un événement KDC .
- Les services en transit indiquent les services intermédiaires qui ont participé à cette demande d’ouverture de session.
- Nom du package indique quel est le sous-protocole qui a été utilisé parmi les protocoles NTLM.
- La longueur de la clé indique la longueur de la clé de session générée. Elle a la valeur 0 si aucune clé de session n’a été demandée.
Record Number: 19285
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080825082633.796875-000
Event Type: Succès de l'audit
User:

Computer Name: PC-de-toto
Event Code: 4672
Message: Privilèges spéciaux attribués à la nouvelle ouverture de session.

Sujet :
ID de sécurité : S-1-5-19
Nom du compte : SERVICE LOCAL
Domaine du compte : AUTORITE NT
ID d’ouverture de session : 0x3e5

Privilèges : SeAuditPrivilege
SeImpersonatePrivilege
SeAssignPrimaryTokenPrivilege
Record Number: 19286
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080825082633.796875-000
Event Type: Succès de l'audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip

-----------------EOF-----------------


Logfile of random's system information tool 1.06 (written by random/random)
Run by toto at 2009-03-31 22:43:34
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 1
System drive C: has 45 GB (19%) free of 231 GB
Total RAM: 1022 MB (42% free)

HijackThis download failed

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Aide pour le lien d'Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19C8E43B-07B3-49CB-BFFC-6777B593E6F8}]
Download Manager Browser Helper Object - C:\PROGRA~1\COMMON~1\fluxDVD\DOWNLO~1\XEBDLH~1.DLL [2007-05-21 525792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2008-02-12 1112576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64F56FC1-1272-44CD-BA6E-39723696E350}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2009-03-08 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-08-24 2582136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll [2008-08-24 651760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-08 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
SearchSettings Class - C:\Program Files\Search Settings\kb127\SearchSettings.dll [2008-06-12 1111904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler Toolbar - C:\PROGRA~1\Crawler\ctbr.dll [2008-02-12 1112576]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-08-24 2582136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"H2O"=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-23 385024]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-29 4317184]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-12-05 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-12-05 7766016]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-12-05 81920]
"Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2009-03-31 319488]
"SearchSettings"=C:\Program Files\Search Settings\SearchSettings.exe [2008-06-12 991584]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2007-11-04 185632]
"Trust bolt"=C:\ProgramData\readme bags bags.1mxzx9r [2009-03-24 188432]
"Frag Ooze Cash Scr"=C:\ProgramData\deaf setup date.z4s7id8 [2009-02-10 90128]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-08 148888]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-03-31 81000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-19 1233920]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe []
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2009-02-06 3885408]
"CanalPlayer"=C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe [2008-06-18 2144128]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]
"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe [2007-10-23 443968]
"AdobeUpdater"=C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"makwe"=c:\users\toto\appdata\local\makwe.exe [2009-03-26 307200]
"Trust bolt"=C:\ProgramData\readme bags bags.9eov2 [2009-03-26 286736]

C:\Users\toto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.2.lnk - C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\xchat\xchat.exe"="C:\Program Files\xchat\xchat.exe:*:Enabled:XChat IRC Client"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df79d8b-8a6c-11dd-bf0d-001a924b206e}]
shell\Auto\command - Start.exe
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4df79d8e-8a6c-11dd-bf0d-001a924b206e}]
shell\AutoRun\command - L:\LaunchU3.exe -a


======File associations======

.reg - open - "regedit.exe" "%1"

======List of files/folders created in the last 1 months======

2009-03-31 22:43:35 ----D---- C:\Program Files\trend micro
2009-03-31 22:43:34 ----D---- C:\rsit
2009-03-31 22:43:07 ----A---- C:\FindyKill2.txt
2009-03-31 22:23:29 ----A---- C:\FindyKill.txt
2009-03-31 22:22:00 ----A---- C:\Windows\ntbtlog.txt
2009-03-27 14:03:01 ----D---- C:\Program Files\FindyKill
2009-03-27 13:54:36 ----D---- C:\Program Files\CCleaner
2009-03-26 20:02:30 ----A---- C:\Windows\system32\EncDec.dll
2009-03-26 20:02:27 ----A---- C:\Windows\system32\psisdecd.dll
2009-03-26 20:01:20 ----A---- C:\Windows\system32\mshtml.dll
2009-03-26 20:01:19 ----A---- C:\Windows\system32\ieframe.dll
2009-03-26 20:01:18 ----A---- C:\Windows\system32\urlmon.dll
2009-03-26 20:01:18 ----A---- C:\Windows\system32\msfeeds.dll
2009-03-26 20:01:17 ----A---- C:\Windows\system32\wininet.dll
2009-03-26 20:01:17 ----A---- C:\Windows\system32\mstime.dll
2009-03-26 20:01:16 ----A---- C:\Windows\system32\jsproxy.dll
2009-03-26 20:01:16 ----A---- C:\Windows\system32\iertutil.dll
2009-03-26 20:01:09 ----A---- C:\Windows\system32\wmp.dll
2009-03-26 20:01:08 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-26 20:01:08 ----A---- C:\Windows\system32\spwmp.dll
2009-03-26 20:01:08 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-26 20:00:49 ----A---- C:\Windows\system32\schannel.dll
2009-03-23 00:03:52 ----A---- C:\Windows\system32\aswBoot.exe
2009-03-21 13:41:02 ----D---- C:\Program Files\Alwil Software
2009-03-09 12:47:32 ----A---- C:\ProgramData\readme bags bags.wsfrr
2009-03-08 14:48:42 ----A---- C:\Windows\system32\javaws.exe
2009-03-08 14:48:42 ----A---- C:\Windows\system32\javaw.exe
2009-03-08 14:48:42 ----A---- C:\Windows\system32\deploytk.dll
2009-03-08 14:48:41 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 months======

2009-03-31 22:43:36 ----D---- C:\Windows\Prefetch
2009-03-31 22:43:35 ----RD---- C:\Program Files
2009-03-31 22:28:26 ----D---- C:\Windows\System32
2009-03-31 22:26:11 ----D---- C:\Windows\system32\WDI
2009-03-31 22:22:00 ----D---- C:\Windows
2009-03-31 22:17:27 ----D---- C:\Program Files\Crawler
2009-03-31 22:07:54 ----D---- C:\Windows\Temp
2009-03-31 22:07:36 ----D---- C:\Windows\system32\Tasks
2009-03-31 21:09:15 ----SHD---- C:\System Volume Information
2009-03-31 20:56:55 ----SHD---- C:\Windows\Installer
2009-03-31 06:34:39 ----D---- C:\Windows\tracing
2009-03-31 01:48:57 ----D---- C:\Users\toto\AppData\Roaming\OpenOffice.org2
2009-03-31 01:46:32 ----HD---- C:\Windows\system32\drivers
2009-03-31 01:46:32 ----D---- C:\Windows\Minidump
2009-03-30 23:35:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-03-30 23:35:29 ----D---- C:\Windows\inf
2009-03-27 17:04:29 ----D---- C:\Windows\winsxs
2009-03-27 14:02:37 ----D---- C:\Windows\system32\catroot2
2009-03-27 13:59:02 ----D---- C:\Windows\Debug
2009-03-27 04:17:33 ----RSD---- C:\Windows\assembly
2009-03-27 04:17:33 ----D---- C:\Windows\Microsoft.NET
2009-03-27 04:10:45 ----D---- C:\Windows\system32\catroot
2009-03-27 04:08:12 ----D---- C:\Windows\ehome
2009-03-27 04:08:12 ----D---- C:\Program Files\Windows Media Player
2009-03-27 04:08:12 ----D---- C:\Program Files\Windows Mail
2009-03-26 20:10:48 ----HD---- C:\ProgramData
2009-03-22 23:44:27 ----D---- C:\Program Files\Syncrosoft
2009-03-22 22:52:10 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-22 22:47:52 ----D---- C:\ProgramData\Symantec
2009-03-22 15:25:03 ----SD---- C:\ProgramData\Microsoft
2009-03-21 14:21:32 ----D---- C:\Windows\Tasks
2009-03-21 14:17:29 ----D---- C:\Program Files\Common Files
2009-03-20 22:56:08 ----D---- C:\Users\toto\AppData\Roaming\Google
2009-03-12 21:17:02 ----D---- C:\ProgramData\ma-config.com
2009-03-12 21:17:02 ----D---- C:\Program Files\ma-config.com
2009-03-10 20:47:32 ----D---- C:\Program Files\Mozilla Firefox
2009-03-08 14:46:57 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R3 CLEDX;Team H2O CLEDX service; C:\Windows\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-01-02 1668456]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-12-05 4456384]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2006-11-24 50688]
S1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys []
S2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys []
S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys [2009-01-24 14336]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
S3 QCDonner;Logitech QuickCam Express(PID_0840); C:\Windows\system32\DRIVERS\LVCD.sys [2004-04-26 474304]
S3 usb_rndis;Pirelli USB Remote NDIS Device Driver; C:\Windows\system32\DRIVERS\usb8023.sys [2008-01-19 15872]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgusbbus.sys [2007-07-11 12416]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgusbdiag.sys [2007-07-11 19840]
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgusbmodem.sys [2007-07-11 21632]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S4 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys []
S4 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys []
S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2006-05-11 247808]
S4 nvatabus;nvatabus; C:\Windows\system32\drivers\nvatabus.sys [2006-07-14 105088]
S4 viamraid;viamraid; C:\Windows\system32\drivers\viamraid.sys [2006-03-31 100992]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-09-06 110592]
R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe [2006-11-14 204800]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2009-01-24 216232]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S3 Service CANALPLAY;Service CANALPLAY; C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe [2008-06-18 436096]
S4 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-03-31 18752]
S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-03-31 138680]
S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-03-30 254040]
S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-03-30 352920]

-----------------EOF-----------------
0
Réponse 4 / 5
ThaNa80400
 
S'il vous plait j'ai besoin d'aide apparement Bagle est toujours la je ne sais pas quoi faire !!
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
jlpjlp Messages postés 51580 Date d'inscription   Statut Contributeur sécurité Dernière intervention   5 040
 
ok vire avast qui est foutu comme ceci:
https://www.avast.com/fr-fr/uninstall-utility

______________

et mets antivir meilleur que avast et colle un rapport avec:
https://www.malekal.com/avira-free-security-antivirus-gratuit/
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses