Infecté par Bagle

Substrat -
Substrat - 2 sept. 2009 à 13:48

Bonjour,
j'ai été apparemment infecté par Bagle. Je voudrais donc savoir si quelqu'un pouvait m'aider à enlever ce ver si possible. Après avoir cherché sur d'autres forums une solution, il faudrait faire une analyse avec Findykill. Chose que j'ai faite. Je vous poste donc le rapport d'avance:

| FindyKill V5.006 |

# User : Unknown (Administrateurs) # PC-BESMA
# Update on 14/08/09 by Chiquitine29
# Start at: 17:33:56 | 29/08/2002
# Website : http://pagesperso-orange.fr/NosTools/index.html

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 74,53 Go (4,29 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\AhnRpta.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\iexplorer.exe
C:\WINDOWS\system32\XP-532DB899.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\V-Gear BEE\VBService.exe
C:\Documents and Settings\Unknown\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Présent ! C:\autorun.inf

################## | C:\WINDOWS |

################## | C:\WINDOWS\system32 |

Présent ! C:\WINDOWS\system32\mdelk.exe
Présent ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

Présent ! C:\WINDOWS\system32\drivers\down

################## | C:\Documents and Settings\Unknown\Application Data |

Présent ! C:\Documents and Settings\Unknown\Application Data\drivers
Présent ! C:\Documents and Settings\Unknown\Application Data\drivers\downld

################## | C:\Documents and Settings\Unknown\Temporary Internet Files |

################## | Registre / Clés infectieuses |

Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\sK9Ou0s]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Présent ! [HKCU\Software\bisoft]
Présent ! [HKU\S-1-5-21-4256108942-4281811353-1972613420-1010\Software\bisoft]

################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 2 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 3 ( Good = 2 | Bad = 4 )
# (!) Ip6Fw -> Start = 4 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# (!) wuauserv -> Start = 4 ( Good = 2 | Bad = 4 )
# (!) wscsvc -> Start = 4 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

################## | ! Fin du rapport # FindyKill V5.006 ! |

Merci pour votre aide!

Afficher la suite

A voir également:

Infecté par Bagle
Alerte windows ordinateur infecté - Accueil - Arnaque
L'ordinateur de simon a été infecté par un virus répertorié récemment ✓ - Forum Virus
L'ordinateur de mustapha a été infecté par un virus répertorié récemment - Forum Virus
Infection par : ONLYPC Flow.co.in ✓ - Forum Virus
Mustapha - Forum Windows

13 réponses

Réponse 1 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Salut,

------------------- SUPPRESSION -----------------------

--> Branche tes disques amovibles à ton PC (clefs USB, disque dur externe, etc...) sans les ouvrir.

--> Double-clique sur le raccourci FindyKill sur ton Bureau.
(Sous Vista, il faut cliquer droit sur le raccourci FindyKill et choisir Exécuter en tant qu'administrateur)

--> Au menu principal, choisis l'option 2 (Suppression).

/!\ Il y aura un redémarrage, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\

--> Ensuite, poste le rapport FindyKill.txt

Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.

Réponse 2 / 13

[EniDurb_Rp] Messages postés 1769 Statut Membre 489

tu copies colle les messages de destrio ?!
au moins permets lui de télécharger findyskill ...

Xplode Messages postés 9212 Statut Contributeur sécurité 726

j'ai pas encore fait de canned pour findykill et si il a lancé le mode recherche c'est forcément qu'il a déjà findykill sur son pc.

Réponse 3 / 13

Substrat

Merci de votre rapidité!
Je lance la suppression...

Réponse 4 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Ok j'attend ton rapport.

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 5 / 13

Substrat

Hmmm... désolé du temps que ça a mis mais depuis tout à l'heure FindyKill tourne et quand il est arrivé à 80% (redémarrage des services veuillez patienter), un écran bleu est sorti, écrit dessus qu'il y a eu un pb grave et que Windows a fait ça pour protéger l'ordi...etc

Qu'est-ce que je fais alors. Je redémarre la suppression?

Merci encore!

FrenchKilleR Messages postés 182 Statut Membre 17

Utilise MalwareBytes , c'est le meilleur Anti-Spyware ( pour moi ) et en plus il est gratuit :

https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

Xplode Messages postés 9212 Statut Contributeur sécurité 726 > FrenchKilleR Messages postés 182 Statut Membre

il a une infection bagle et tu lui proposes malwarebyte's ???

[EniDurb_Rp] Messages postés 1769 Statut Membre 489 > FrenchKilleR Messages postés 182 Statut Membre

malwarebytes ne peut rien là ...

FrenchKilleR Messages postés 182 Statut Membre 17 > Xplode Messages postés 9212 Statut Contributeur sécurité

Pour Xplode :

https://www.commentcamarche.net/faq/9889-comment-supprimer-le-virus-beagle-bagle

Tiré de cet même page :

Ce très bon outil a la particularité de détecter la totalité de l'infection Bagle, cependant il n'est efficace qu'à condition d'utiliser Elibagla juste avant pour neutraliser le fichier infecté repéré en 04 (HijackThis) ou si cette 04 a déjà été supprimée auparavant.

Il faut juste supprimer le fichier infecté , apres MalwareBytes se charge du reste

Xplode Messages postés 9212 Statut Contributeur sécurité 726 > FrenchKilleR Messages postés 182 Statut Membre

Oui mais avant il faut passer findykill car malware ne peut rien pour l'instant.

Chaque chose en son temps , merci de ne pas porter confusion

Réponse 6 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Poste le rapport qui se trouve sous C:\Findykill.txt normalement il a fait son boulot

Réponse 7 / 13

Substrat

Voila mais j'ai l'impression que c'est le meme que tout à l'heure:

############################## | FindyKill V5.006 |

# User : Unknown (Administrateurs) # PC-BESMA
# Update on 14/08/09 by Chiquitine29
# Start at: 20:18:31 | 29/08/2002
# Website : http://pagesperso-orange.fr/NosTools/index.html

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 74,53 Go (5,67 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\AhnRpta.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\iexplorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\V-Gear BEE\VBService.exe
C:\Documents and Settings\Unknown\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\WINDOWS\system32\XP-532DB899.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Présent ! C:\autorun.inf

################## | C:\WINDOWS |

################## | C:\WINDOWS\system32 |

Présent ! C:\WINDOWS\system32\mdelk.exe
Présent ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Unknown\Application Data |

Présent ! C:\Documents and Settings\Unknown\Application Data\drivers
Présent ! C:\Documents and Settings\Unknown\Application Data\drivers\downld

################## | C:\Documents and Settings\Unknown\Temporary Internet Files |

################## | Registre / Clés infectieuses |

Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Présent ! [HKCU\Software\bisoft]
Présent ! [HKU\S-1-5-21-4256108942-4281811353-1972613420-1010\Software\bisoft]

Réponse 8 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

En effet, réessaye la suppression.

Substrat

Rebonjour,
voila, je poste le rapport de la suppression en précisant que findykill n'a pas fini le travail et qu'il est resté bloqué sur 80% (redémarrage des services...veuillez patienter) pendant environ 10h (je l'ai laissé faire son travail toute la nuit. Vers 1h du matin il était à 80%, à 11h30, à 80%). Je l'ai alors arrêté. (J'ai bien fait?)
Bref, voici le rapport :

############################## | FindyKill V5.006 |

# User : Unknown (Administrateurs) # PC-BESMA
# Update on 14/08/09 by Chiquitine29
# Start at: 23:59:40 | 29/08/2002
# Website : http://pagesperso-orange.fr/NosTools/index.html

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 74,53 Go (5,67 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM
# F:\ # Disque amovible

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauc1t.exe
C:\WINDOWS\AhnRpta.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

(!) Non supprimé ! C:\autorun.inf

################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

################## | C:\WINDOWS\system32 |

(!) Non supprimé ! C:\WINDOWS\system32\mdelk.exe
(!) Non supprimé ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Unknown\Application Data |

(!) Non supprimé ! C:\Documents and Settings\Invit‚\Application Data\drivers\srosa.sys
Supprimé ! C:\Documents and Settings\Unknown\Application Data\drivers\downld
Supprimé ! C:\Documents and Settings\Unknown\Application Data\drivers
(!) Non supprimé ! C:\Documents and Settings\Invit‚\Application Data\drivers

################## | Autres ... |

################## | Temporary Internet Files |

################## | Registre / Clés infectieuses |

Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKCU\Software\bisoft]

################## | Etat / Services / Informations |

Merci encore!

Réponse 9 / 13

Substrat

Ok, merci mais je la relancerai ce soir et je posterai le rapport dès que je l'ai.
Bonne soirée.

Réponse 10 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Ben il a pas fait entièrement le boulot .. on va déjà s'occuper de ce qui n'a pas été supprimé :

- Télécharge OTMoveIt (de Old_Timer) https://www.luanagames.com/index.fr.html sur ton Bureau.

- Double-clique sur OTMoveIt.exe
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte en gras ci dessous et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved
<gras>
:processes
explorer.exe

:files
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\system32\mdelk.exe
C:\autorun.inf
C:\Documents and Settings\Invit‚\Application Data\drivers\srosa.sys
C:\Documents and Settings\Invit‚\Application Data\drivers

:commands
[emptytemp]
[purity]
[reboot]

- Clique sur MoveIt! pour lancer la suppression.
- Si OTMoveIt propose de redémarrer ton PC, accepte.
- Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
- Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles

Substrat

Voici le rapport OTMoveIt3 (il y avait plusieurs fichiers j'espère que c'est celui là) et merci Xplode :

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== FILES ==========
File move failed. C:\WINDOWS\system32\wintems.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\mdelk.exe scheduled to be moved on reboot.
C:\AUTORUN.INF moved successfully.
File/Folder C:\Documents and Settings\Invit‚\Application Data\drivers\srosa.sys not found.
File/Folder C:\Documents and Settings\Invit‚\Application Data\drivers not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\com.run scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\dp1.fne scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\eAPI.fne scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\internet.fne scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\krnln.fnr scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\RegEx.fnr scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\shell.fne scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\urlclassifier3.sqlite-journal scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Error: Unable to interpret <- Clique sur MoveIt! pour lancer la suppression.> in the current context!
Error: Unable to interpret <- Si OTMoveIt propose de redémarrer ton PC, accepte.> in the current context!
Error: Unable to interpret <- Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.> in the current context!
Error: Unable to interpret <- Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles> in the current context!

OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 08302002_203510

Files moved on Reboot...
File move failed. C:\WINDOWS\system32\wintems.exe scheduled to be moved on reboot.
File move failed. C:\WINDOWS\system32\mdelk.exe scheduled to be moved on reboot.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\com.run moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\dp1.fne moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\eAPI.fne moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\internet.fne moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\krnln.fnr moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\RegEx.fnr moved successfully.
C:\DOCUME~1\Unknown\LOCALS~1\Temp\E_4\shell.fne moved successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat moved successfully.
C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ moved successfully.
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!
File C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ not found!

Réponse 11 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Ok relance l'option 1 de findykill et poste le rapport.

Substrat

Voila :

############################## | FindyKill V5.006 |

# User : Unknown (Administrateurs) # PC-BESMA
# Update on 14/08/09 by Chiquitine29
# Start at: 21:11:05 | 30/08/2002
# Website : http://pagesperso-orange.fr/NosTools/index.html

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 74,53 Go (5,61 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AhnRpta.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\iexplorer.exe
C:\WINDOWS\system32\XP-532DB899.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe
C:\Program Files\V-Gear BEE\VBService.exe
C:\Documents and Settings\Unknown\Menu Démarrer\Programmes\Démarrage\Dos Optimizer.pif
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

Présent ! C:\autorun.inf

################## | C:\WINDOWS |

Présent ! C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Présent ! C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf

################## | C:\WINDOWS\system32 |

Présent ! C:\WINDOWS\system32\ban_list.txt
Présent ! C:\WINDOWS\system32\mdelk.exe
Présent ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Unknown\Application Data |

Présent ! C:\Documents and Settings\Unknown\Application Data\drivers
Présent ! C:\Documents and Settings\Unknown\Application Data\drivers\downld

################## | C:\Documents and Settings\Unknown\Temporary Internet Files |

Présent ! C:\Documents and Settings\Unknown\Local Settings\Temporary Internet Files\Content.IE5\ETWY98MF\file[1].txt

################## | Registre / Clés infectieuses |

Présent ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Présent ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Présent ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Présent ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Présent ! [HKCU\Software\bisoft]
Présent ! [HKCU\Software\DateTime4]
Présent ! [HKCU\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Présent ! [HKU\S-1-5-21-4256108942-4281811353-1972613420-1010\Software\Microsoft\Windows\CurrentVersion\Run] "german.exe"
Présent ! [HKU\S-1-5-21-4256108942-4281811353-1972613420-1010\Software\bisoft]
Présent ! [HKU\S-1-5-21-4256108942-4281811353-1972613420-1010\Software\DateTime4]

################## | Etat / Services / Informations |

# Affichage des fichiers cachés : OK

# Mode sans echec : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 )
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 )
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 )
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 )
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 )
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 )

################## | Cracks / Keygens / Serials |

################## | ! Fin du rapport # FindyKill V5.006 ! |

Réponse 12 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

Relance l'option 2 puis poste le rapport et surtout ne redémarre pas le PC avant de faire la prochaine manip' que je t'indiquerais.

Substrat

Je le fais mais ça risque de durer longtemps.

Substrat

Bon voila c'est fait mais ça bloque toujours au même endroit (80%).
En tout cas voici le rapport :

############################## | FindyKill V5.006 |

# User : Unknown (Administrateurs) # PC-BESMA
# Update on 14/08/09 by Chiquitine29
# Start at: 22:59:33 | 30/08/2002
# Website : http://pagesperso-orange.fr/NosTools/index.html

# Intel(R) Pentium(R) M processor 1.73GHz
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 7.0.5730.11
# Windows Firewall Status : Enabled

# C:\ # Disque fixe local # 74,53 Go (5,62 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque CD-ROM

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\oodag.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauc1t.exe
C:\WINDOWS\AhnRpta.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe

################## | C: |

(!) Non supprimé ! C:\autorun.inf

################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf
Supprimé ! C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf

################## | C:\WINDOWS\system32 |

Supprimé ! C:\WINDOWS\system32\ban_list.txt
(!) Non supprimé ! C:\WINDOWS\system32\mdelk.exe
(!) Non supprimé ! C:\WINDOWS\system32\wintems.exe

################## | C:\WINDOWS\system32\drivers |

################## | C:\Documents and Settings\Unknown\Application Data |

(!) Non supprimé ! C:\Documents and Settings\Invit‚\Application Data\drivers\srosa.sys
Supprimé ! C:\Documents and Settings\Unknown\Application Data\drivers\downld
Supprimé ! C:\Documents and Settings\Unknown\Application Data\drivers
(!) Non supprimé ! C:\Documents and Settings\Invit‚\Application Data\drivers

################## | Autres ... |

################## | Temporary Internet Files |

Supprimé ! C:\Documents and Settings\Unknown\Local Settings\Temporary Internet Files\Content.IE5\ETWY98MF\file[1].txt

################## | Registre / Clés infectieuses |

Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Services\srosa]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Services\srosa]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Services\srosa]
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SK9OU0S]
Supprimé ! [HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SROSA]
Supprimé ! [HKCU\Software\bisoft]
Supprimé ! [HKCU\Software\DateTime4]

################## | Etat / Services / Informations |

Réponse 13 / 13

Xplode Messages postés 9212 Statut Contributeur sécurité 726

- Télécharge OTMoveIt (de Old_Timer) ftp://zebulon.fr/OTMoveIt3.exe sur ton Bureau.

- Double-clique sur OTMoveIt.exe
- Assure toi que la case Unregister Dll's and Ocx's soit bien cochée
- Copie le texte en gras ci dessous et colle le dans le cadre de gauche de OTMoveIt nommé Paste List of Files/Folders to be moved

:processes
explorer.exe

:files
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe
C:\Documents and Settings\Invité\Application Data\drivers\srosa.sys
C:\Documents and Settings\Invité\Application Data\drivers
C:\autorun.inf

:commands
[emptytemp]
[purity]
[start explorer]

- Clique sur MoveIt! pour lancer la suppression.
- Si OTMoveIt propose de redémarrer ton PC, accepte.
- Lorsque un résultat apparaît dans le cadre Results, clique sur Exit.
- Dans ta future réponse, envoie le rapport de OTMoveIt situé sur C:\_OTMoveIt\MovedFiles

----------------------------------------------
Puis fais ceci :

Malwarebyte's anti-malware ----->

[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le

[x] N'oublie pas de le mettre à jour !

[x] Fais un scan <gras>complet

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message

Substrat

Ok, je m'y met! merci beaucoup

Substrat

Voila c'est bon j'ai les deux rapports. Désolé du temps que j'ai mis à répondre, mon ordi a pété les plombs et les analyses trop longue (alors quel bonheur de voir un joli petit écran bleu après 4 heures d'analyse et hop...plus rien!). Bref, en te remerciant, voici les deux rapports :

Rapport _OTMoveit :

Error: Unable to interpret <files> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\mdelk.exe> in the current context!
Error: Unable to interpret <C:\WINDOWS\system32\wintems.exe> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Invité\Application Data\drivers\srosa.sys> in the current context!
Error: Unable to interpret <C:\Documents and Settings\Invité\Application Data\drivers> in the current context!
Error: Unable to interpret <C:\autorun.inf> in the current context!
========== COMMANDS ==========
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Unknown\Local Settings\Application Data\Mozilla\Firefox\Profiles\6n95m8fr.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.7.0 log created on 09012002_124311

Rapport Malwarebytes :

Malwarebytes' Anti-Malware 1.40
Version de la base de données: 2722
Windows 5.1.2600 Service Pack 3

01/09/2002 23:55:19
mbam-log-2002-09-01 (23-55-18).txt

Type de recherche: Examen complet (C:\|F:\|)
Eléments examinés: 267651
Temps écoulé: 1 hour(s), 29 minute(s), 6 second(s)

Processus mémoire infecté(s): 2
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 45
Valeur(s) du Registre infectée(s): 11
Elément(s) de données du Registre infecté(s): 5
Dossier(s) infecté(s): 44
Fichier(s) infecté(s): 786

Processus mémoire infecté(s):
C:\WINDOWS\system32\iexplorer.exe (Malware.NSPack) -> Unloaded process successfully.
C:\WINDOWS\AhnRpta.exe (Trojan.Backdoor) -> Unloaded process successfully.

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\e8main0.dll (Spyware.OnlineGames) -> Delete on reboot.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.Casino) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5e2402a0-5f99-4188-b30d-d8743996b340} (Adware.LuckyTender) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmsk.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctor.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\woptilities.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.kxp (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvsrvxp.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vpc32.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccenter.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avmonitor.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icesword.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmor.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kregex.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wuauclt.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kasarp.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antiarp.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autorunkiller.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frameworkservice.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b33de756-deee-4d7a-87db-1d905ba2aa21} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lnkfile\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Audio\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Image\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\exefile\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\SystemFileAssociations\Directory.Video\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.lnk\ShellEx\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\secure_del (Rogue.SecurePCCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bb4c402f-882a-4526-8c08-51278ea437c1} (Spyware.OnlineGames) -> Delete on reboot.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\srosa (Worm.Bagle) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\iexplorer (Malware.NSPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{b33de756-deee-4d7a-87db-1d905ba2aa21} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\3 (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\4 (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun\1 (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bb4c402f-882a-4526-8c08-51278ea437c1} (Spyware.OnlineGames) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\xp-532db899 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FrameWorkService (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\FrameWorkService (Trojan.Delf) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Worm.Bagle) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.6 85.255.112.8 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.6 85.255.112.8 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.6 85.255.112.8 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.114.6 85.255.112.8 -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\msskinner (Adware.EGDAccess) -> Delete on reboot.
C:\Documents and Settings\All Users\AVP 2009 (Malware.Trace) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Delete on reboot.
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Delete on reboot.
C:\Program Files\Registry_Doktor 4.1\definitions (Rogue.RegistryDoctor) -> Delete on reboot.
C:\Program Files\Registry_Doktor 4.1 (Rogue.RegistryDoctor) -> Delete on reboot.
C:\Documents and Settings\BESMA\Application Data\m (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\privacy_danger\images (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\privacy_danger (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Temp\E_4 (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Documents and Settings\Unknown\Local Settings\Temp\E_4 (Worm.AutoRun) -> Delete on reboot.
C:\Documents and Settings\BESMA\Application Data\drivers\downld (Worm.Bagle) -> Files: 7833 -> Quarantined and deleted successfully.
C:\Documents and Settings\Unknown\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-5 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-13 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-7 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-25 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-14 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-12 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-28 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-16 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-15 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-2 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-3 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-19 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-8 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-22 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-21 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-11 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-24 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-9 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-30 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-20 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-17 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-6 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-4 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-29 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-18 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-10 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-23 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-1 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-27 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-31 (Worm.Brontok) -> Quarantined and deleted successfully.
C:\Documents and Settings\BESMA\Local Settings\Application Data\Bron.tok-8-26 (Worm.Brontok) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Documents and Settings\Invité\Local Settings\Temp\Setup.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\WINDOWS\msskinner\msbackup.dat (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wijlqu_nav.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wijlqu_navps.dat (Adware.NaviPromo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP702\A0399051.exe (Fraudtool.RegistryCleaner) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381704.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381748.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381705.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381719.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP669\A0381672.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381749.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381889.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381722.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381914.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381864.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381941.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381890.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381779.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381915.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381802.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381995.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0382018.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381863.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0382045.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0382048.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0383041.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0383043.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0384042.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0384043.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381777.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0385044.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0385066.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381992.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0385111.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0385112.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0382020.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0386069.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0386104.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0386106.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386152.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386153.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386170.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386173.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386214.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386218.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0385069.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386236.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381824.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381827.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386293.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386296.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386315.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386318.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP673\A0386347.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP673\A0386348.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP673\A0386368.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381945.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381967.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386235.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386459.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386460.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386479.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386483.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386528.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386531.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386552.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386555.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386575.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386578.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386639.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP674\A0386641.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386677.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386678.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386708.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386710.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP671\A0386066.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386743.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386791.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386794.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP676\A0386947.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP676\A0386948.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP677\A0387041.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP677\A0387042.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP679\A0387391.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP679\A0387392.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP679\A0387412.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP679\A0387413.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386256.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP672\A0386259.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP681\A0390096.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP681\A0390097.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP682\A0390143.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP682\A0390144.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP684\A0390153.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP684\A0390154.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP685\A0390200.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP685\A0390203.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP687\A0390323.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381970.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP688\A0390325.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP688\A0390326.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390440.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390441.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390456.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390457.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390519.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP689\A0390520.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP690\A0390526.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP690\A0390527.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP690\A0390598.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP690\A0390599.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0390603.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0390604.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0390785.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0390786.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP675\A0386741.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0390810.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0391807.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0391810.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0391830.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0391831.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0392830.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP691\A0392832.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0392837.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0392838.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0392858.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0381799.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0392896.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0392898.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393013.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393014.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393132.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393134.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393154.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393157.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393173.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393177.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393212.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP692\A0393213.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393229.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393230.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393258.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393260.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393283.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP693\A0393285.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0393305.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP670\A0385041.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0393333.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0393334.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0393359.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0393361.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP660\A0373142.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP660\A0373143.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0394387.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0394390.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP660\A0373163.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP660\A0373164.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0394435.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP694\A0394436.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373197.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373198.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP695\A0394486.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373224.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373225.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0394512.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0394513.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373275.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373276.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376993.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0394551.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373313.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373314.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0395556.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373366.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373367.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP673\A0386412.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373381.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373383.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0395590.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0395592.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373424.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0373425.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0395634.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0395637.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0374428.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0374429.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP696\A0396635.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0377197.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0374456.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP661\A0374457.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0377232.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP662\A0374466.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP662\A0374467.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0377255.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0377258.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374472.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374473.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0377284.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374487.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374489.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP708\A0402511.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP699\A0398778.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374509.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374511.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP699\A0398811.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP709\A0402551.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374586.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374588.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wuauc1t.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP667\A0378333.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374604.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374605.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP709\A0403685.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP702\A0399016.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374659.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP687\A0390324.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP668\A0378400.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP702\A0399067.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374689.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP668\A0378456.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374703.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP702\A0399091.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0399106.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374797.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP663\A0374799.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0399119.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374881.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374882.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400140.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400142.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374896.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374898.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400166.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400195.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374927.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0374929.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400243.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400244.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0375000.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0375001.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400275.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP712\A0406992.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0375024.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP664\A0375025.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP712\A0407066.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400314.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0375057.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0375058.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400332.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0375072.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0375073.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400375.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400378.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0376072.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0376073.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400397.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0376282.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP665\A0376285.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP715\A0409722.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400429.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376316.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376317.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0400450.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376357.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376358.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401448.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401449.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376407.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376408.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401469.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP715\A0412262.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376612.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376613.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP716\A0412270.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401505.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376702.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376703.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401523.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP703\A0401524.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376770.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361E4DEA76A5}\RP666\A0376773.exe (Malware.NSPack) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{ECB3AD12-64E1-4857-9A37-361

Discussions similaires

infecté par des virus

Virus non détecté par mon anti-virus ?

Menace détectée TrojanSMS-PA sur Google Huawei/Android

simon

Powershell infecté

Infecté par Bagle

13 réponses

Votre réponse

Discussions similaires

Newsletters