j'ai un virus bagle Fermé

Question

Bonjour,
 j'ai un virus bagle, j'ai téléchargé ComboFix, je vous joins le rapport:

ComboFix 09-10-18.04 - Olivia 19/10/2009 13:36.1.1 - NTFSx86
Microsoft Windows XP Édition familiale  5.1.2600.3.1252.33.1036.18.190.28 [GMT 2:00]
Lancé depuis: c:\documents and settings\Olivia\Bureau\liloute.exe
AV: avast! antivirus 4.8.1351 [VPS 091018-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Olivia\Application Data\drivers\downld
c:\documents and settings\Olivia\Application Data\drivers\downld\1011123.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1011434.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1011504.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1050570.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1051461.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1051501.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1059884.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1061546.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1062607.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1181488.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1211892.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1414684.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1415705.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\1416056.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\400051834.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\400072093.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\400191344.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\400334861.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\400341921.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\522180.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\523813.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\525856.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\527999.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\529090.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\529701.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\529851.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\534879.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\535239.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\535279.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\540937.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\541278.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\541338.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\554827.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\555328.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\555448.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\555789.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\555969.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\556049.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\560586.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\560686.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\560696.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\570320.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\570370.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\570410.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\572112.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\572493.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\572653.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\580895.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\581175.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\581295.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\666328.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\670674.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\677944.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\682451.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\690012.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\693867.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\713856.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\714196.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\714267.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\731762.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\732483.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\732543.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\761585.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\762716.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\763467.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\837774.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\996072.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\996673.exe
c:\documents and settings\Olivia\Application Data\drivers\downld\996743.exe
c:\documents and settings\Olivia\Application Data\drivers\srosa2.sys
c:\documents and settings\Olivia\Application Data\drivers\wfsintwq.sys
c:\documents and settings\Olivia\Application Data\drivers\winupgro.exe
c:\documents and settings\Olivia\Application Data\m
c:\documents and settings\Olivia\Application Data\m\data.oct
c:\documents and settings\Olivia\Application Data\m\flec006.exe
c:\documents and settings\Olivia\Application Data\m\list.oct
c:\documents and settings\Olivia\Application Data\m\shared\4 Digits 2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\A_Smaller_GIF_1.22_[Key+Serial].zip
c:\documents and settings\Olivia\Application Data\m\shared\ABB_Image_Icon_Converter_5.1_[Cracked].zip
c:\documents and settings\Olivia\Application Data\m\shared\AdRem_Server_Manager_6.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Advanced Magnifier 1.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Advanced_Link_Manager_3.5.1_(Patch).zip
c:\documents and settings\Olivia\Application Data\m\shared\Age_of_Mythology_-_Forest_Blood_3_scenario.zip
c:\documents and settings\Olivia\Application Data\m\shared\Alpha Key Saver 3.5.0.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Amethyst ShadowFX 1.08b.zip
c:\documents and settings\Olivia\Application Data\m\shared\AngeliaMail 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\ASPFusion_Basic_Suite_1.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\ATSN 1.0.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\ATSoftOnline_Barcode_Maker_1.0_Cracked.zip
c:\documents and settings\Olivia\Application Data\m\shared\AudioVideoSoft RapidRip 2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Auto-Mate_Add-in_for_Outlook_1.8.2_[With_Crack].zip
c:\documents and settings\Olivia\Application Data\m\shared\Basic Metronome 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Brooks_INTELLIscribe_LPR_Client_4.0.0.65.zip
c:\documents and settings\Olivia\Application Data\m\shared\Canon_IJ_Printer_Driver_Canon_iP6220D_1.9.zip
c:\documents and settings\Olivia\Application Data\m\shared\Canto_Pod_2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\CatViewer 4.54.zip
c:\documents and settings\Olivia\Application Data\m\shared\CDLaboratory_2.1.8e.zip
c:\documents and settings\Olivia\Application Data\m\shared\Code Visual to Flowchart 4.1 build 1218 [Key].zip
c:\documents and settings\Olivia\Application Data\m\shared\Colorizer_1.0c.zip
c:\documents and settings\Olivia\Application Data\m\shared\Component Conversion Utility 0.6.zip
c:\documents and settings\Olivia\Application Data\m\shared\CorelDRAW Graphics Suite X4.zip
c:\documents and settings\Olivia\Application Data\m\shared\Corporate_Network_Security_1.6.zip
c:\documents and settings\Olivia\Application Data\m\shared\Cyberdelia_4.6.zip
c:\documents and settings\Olivia\Application Data\m\shared\Daily_Dose_2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\DatAdmin_0.8.8.zip
c:\documents and settings\Olivia\Application Data\m\shared\Desktop_Clock_4_4.0.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\DiamondCS IRClean 2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Dino_Glade_1.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\Document Map 0.6.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\DoggieFlics Labs 1.zip
c:\documents and settings\Olivia\Application Data\m\shared\DVDBuilder Pro 3.1 b16.zip
c:\documents and settings\Olivia\Application Data\m\shared\e-HRpro_Manager_2.2_Serial.zip
c:\documents and settings\Olivia\Application Data\m\shared\Easter Rabbit - Animated Screensaver 5.07.zip
c:\documents and settings\Olivia\Application Data\m\shared\eGrader_3.0_[Crack].zip
c:\documents and settings\Olivia\Application Data\m\shared\EMCO UnLock IT EMCO Unlock It 1.6.10.14.zip
c:\documents and settings\Olivia\Application Data\m\shared\eVerify_1.0_(Key).zip
c:\documents and settings\Olivia\Application Data\m\shared\Experience_WWII_mod_(Battlefield_1942)_2.4_beta.zip
c:\documents and settings\Olivia\Application Data\m\shared\FileLink_2.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\Free_MP3_Recorder_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Garaxi Chat 2.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\GMSI.NET Angular Gauge Component 1.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\HAM-LOG 11.10.zip
c:\documents and settings\Olivia\Application Data\m\shared\Hide_Files_3.2_[Crack].zip
c:\documents and settings\Olivia\Application Data\m\shared\Hiew 8.00.zip
c:\documents and settings\Olivia\Application Data\m\shared\Hixus_HTML_Code_Guru_Pro_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Hosaka TN3270 1.2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\IBM DB2 Import Multiple Text Files Software 7.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Ini Files Manager 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Instyler Ex-it! 2.14.zip
c:\documents and settings\Olivia\Application Data\m\shared\Kernel_SQL_Password_Recovery_4.02.zip
c:\documents and settings\Olivia\Application Data\m\shared\Later Maybe 0.6.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\LingvoSoft Talking Picture Dictionary 2008 Russian - Persian (Farsi) 1.2.26.zip
c:\documents and settings\Olivia\Application Data\m\shared\lowdisk32 1.0.0.12.zip
c:\documents and settings\Olivia\Application Data\m\shared\Manage Registry ActiveX Control 2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Mattahan 3.0.5.zip
c:\documents and settings\Olivia\Application Data\m\shared\Morgana 1.2.7.zip
c:\documents and settings\Olivia\Application Data\m\shared\Mortgage_Mantra_1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Mp3 Auto Recorder 3.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Mp3 To All Converter 1.38 KeyGen.zip
c:\documents and settings\Olivia\Application Data\m\shared\My DVD Catalog 1.3.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\MyHome Inventory System 3.2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Mysql Data Manager 1.73.zip
c:\documents and settings\Olivia\Application Data\m\shared\Network_Eagle_4.9.435.zip
c:\documents and settings\Olivia\Application Data\m\shared\Nod32.italiano+Crack.funzionante.zip
c:\documents and settings\Olivia\Application Data\m\shared\OpenMedSpel 1.0.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\OsaSync Lite 8.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Panda.platinum.7.espaÃ±ol.autoactualizable_.zip
c:\documents and settings\Olivia\Application Data\m\shared\Panda_TruPrevent_Corporate_3.06.zip
c:\documents and settings\Olivia\Application Data\m\shared\PC Photo Kiosk 2.52.15.zip
c:\documents and settings\Olivia\Application Data\m\shared\Plato DVD to PSP Converter 7.83.zip
c:\documents and settings\Olivia\Application Data\m\shared\Polar Crypto Light 2.5.zip
c:\documents and settings\Olivia\Application Data\m\shared\Portable Erunt 1.1j.zip
c:\documents and settings\Olivia\Application Data\m\shared\Portable Graphical Expression Viewer 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\PostgreSQL Data Access Components 1.10.0.5.zip
c:\documents and settings\Olivia\Application Data\m\shared\PractiCount and Invoice 3.1 (Build 8.90).zip
c:\documents and settings\Olivia\Application Data\m\shared\ProLingo English Dutch Dictionary 1.4.8.zip
c:\documents and settings\Olivia\Application Data\m\shared\Promises_Of_God_Screensaver_1.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\PWFind 1.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\QR Photo to Pocket PC Converter 1.1.9.zip
c:\documents and settings\Olivia\Application Data\m\shared\QReminder_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Quick-Icon-Grabber 2.5.zip
c:\documents and settings\Olivia\Application Data\m\shared\Rainlendar_Pro_2.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\Rapid_News_Daily_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\RSSMore_1.0.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Schedule D Tax Tool 1.0.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\Screen_VidShot_2.1_(Cracked).zip
c:\documents and settings\Olivia\Application Data\m\shared\Shuric_scan(clone_and_duplicate_killer)_1.99.702_[Key].zip
c:\documents and settings\Olivia\Application Data\m\shared\Simple_Webcam_Capture_1.3.zip
c:\documents and settings\Olivia\Application Data\m\shared\Slots_Reef_3.zip
c:\documents and settings\Olivia\Application Data\m\shared\Smart Pix Manager 10.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\SMS Sender 1.12.zip
c:\documents and settings\Olivia\Application Data\m\shared\SMS_Cute_2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\SoftPerfect Bandwidth Manager 2.3 build 158.zip
c:\documents and settings\Olivia\Application Data\m\shared\SpeedItUp Extreme 3.7.zip
c:\documents and settings\Olivia\Application Data\m\shared\SpiderUI_1.00.2.zip
c:\documents and settings\Olivia\Application Data\m\shared\SSTool_1.00.zip
c:\documents and settings\Olivia\Application Data\m\shared\Summum Sexual Ecstasy from Ancient Wisdom 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Superversion Swedish PalmOS 2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\SwordSearcher_Bible_Software_5.1.1.1_(Serial).zip
c:\documents and settings\Olivia\Application Data\m\shared\Symantec.Norton.Antivirus.2002.Italiano.Completo.zip
c:\documents and settings\Olivia\Application Data\m\shared\System_and_Disk_Cleaner_1.51_[Cracked].zip
c:\documents and settings\Olivia\Application Data\m\shared\System_ScreenSaver_2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\Teleport_Ultra_1.49.zip
c:\documents and settings\Olivia\Application Data\m\shared\Text Editor 1.0.0.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Thai For Lovers S60 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\The Games Factory 2 2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\TimeBell 1.7.zip
c:\documents and settings\Olivia\Application Data\m\shared\Transporter P2P 6.0.2.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Tuber_Player_1.03.zip
c:\documents and settings\Olivia\Application Data\m\shared\Turbo_Connect_2.0.3_Key+Serial.zip
c:\documents and settings\Olivia\Application Data\m\shared	xt2palm_1.6.zip
c:\documents and settings\Olivia\Application Data\m\shared\USB Redirector RDP Edition 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\usuario.panda.internet.security.2007.50.czip.zip
c:\documents and settings\Olivia\Application Data\m\shared\Vegetarian_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Virtual Stopwatch 3.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\Visharad NKJV Bible 1.0.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\WinInizio PenSuite Utilities 2.1.zip
c:\documents and settings\Olivia\Application Data\m\shared\WinMessenger 2.1 With Crack.zip
c:\documents and settings\Olivia\Application Data\m\shared\WINTER SAVER 1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\XSite 1.1.0.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\YQuickChanger_1.0.zip
c:\documents and settings\Olivia\Application Data\m\shared\ZAP Picture Browser 1.0.zip
c:\documents and settings\Olivia\Application Data\m\srvlist.oct
c:\documents and settings\Oliviaeal.txt
c:\windows\system32\ban_list.txt
c:\windows\system32\mdelk.exe
c:\windows\system32\wintems.exe
c:\windows\system32\wl.exe
E:\autorun.inf

.
(((((((((((((((((((((((((((((((((((((((   Pilotes/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_SROSA
-------\Legacy_SROSA
-------\Legacy_SK9OU0S
-------\Service_sK9Ou0s


(((((((((((((((((((((((((((((   Fichiers créés du 2009-09-19 au 2009-10-19  ))))))))))))))))))))))))))))))))))))
.

2009-10-19 10:34 . 2009-10-19 10:35	--------	d-----w-	c:\program files\CCleaner
2009-10-19 09:54 . 2009-10-19 09:54	--------	d-----w-	c:\documents and settings\Olivia\Application Data\Uniblue
2009-10-19 09:53 . 2009-10-19 09:53	--------	d-----w-	c:\program files\Uniblue
2009-10-19 09:10 . 2009-10-19 09:45	--------	d-----w-	c:\documents and settings\Olivia\Application Data\EoRezo
2009-10-19 09:10 . 2009-10-19 09:45	--------	d-----w-	c:\program files\EoRezo
2009-10-19 08:16 . 2009-10-19 08:16	--------	d-sh--w-	c:\documents and settings\Olivia\PrivacIE
2009-10-19 07:39 . 2009-10-19 11:43	--------	d--h--w-	c:\documents and settings\Olivia\Application Data\drivers
2009-10-12 20:31 . 2009-10-12 20:31	--------	d-----w-	c:\program files\MSXML 4.0
2009-10-12 07:40 . 2009-06-21 21:47	153088	-c----w-	c:\windows\system32\dllcache	riedit.dll
2009-10-05 09:10 . 2009-10-05 09:10	--------	d-sh--w-	c:\documents and settings\NetworkService\IETldCache
2009-09-28 16:40 . 2009-09-28 21:25	--------	d-----w-	c:\documents and settings\Olivia\Application Data\HP
2009-09-28 16:37 . 2009-09-28 16:37	--------	d-----w-	c:\documents and settings\Olivia\Local Settings\Application Data\HP
2009-09-28 16:30 . 2009-09-28 16:30	--------	d-----w-	c:\documents and settings\All Users\Application Data\Hewlett-Packard
2009-09-28 16:30 . 2007-12-06 15:55	271704	----a-r-	c:\windows\system32\hpzids01.dll
2009-09-28 16:30 . 2007-03-15 13:32	118272	----a-w-	c:\windows\system32\hpz3l5ha.dll
2009-09-28 16:28 . 2007-11-01 03:28	309760	----a-r-	c:\windows\system32\difxapi.dll
2009-09-28 16:28 . 2007-11-01 03:28	364544	----a-r-	c:\windows\system32\hppldcoi.dll
2009-09-28 16:28 . 2007-11-01 03:28	303104	----a-r-	c:\windows\system32\hpovst12.dll
2009-09-28 16:28 . 2007-11-01 03:28	970752	----a-r-	c:\windows\system32\hpotiop5.dll
2009-09-28 16:28 . 2007-11-01 03:28	729088	----a-r-	c:\windows\system32\hpowiax5.dll
2009-09-28 16:28 . 2001-08-23 15:20	6912	-c--a-w-	c:\windows\system32\dllcache\serscan.sys
2009-09-28 16:28 . 2001-08-23 15:20	6912	----a-w-	c:\windows\system32\drivers\serscan.sys
2009-09-28 16:16 . 2009-09-28 16:18	--------	d-----w-	c:\documents and settings\All Users\Application Data\HP
2009-09-28 16:16 . 2009-09-28 16:16	--------	d-----w-	c:\documents and settings\All Users\Application Data\HP Product Assistant
2009-09-28 16:15 . 2009-09-28 16:15	--------	d-----w-	c:\program files\Fichiers communs\Hewlett-Packard
2009-09-28 16:15 . 2009-09-28 16:15	--------	d-----w-	c:\program files\Hewlett-Packard
2009-09-28 16:14 . 2009-09-28 16:14	--------	d-----w-	c:\program files\Fichiers communs\HP
2009-09-28 16:10 . 2009-09-28 16:37	--------	d-----w-	c:\program files\HP
2009-09-28 16:10 . 2008-04-13 18:47	25856	-c--a-w-	c:\windows\system32\dllcache\usbprint.sys
2009-09-28 16:10 . 2008-04-13 18:47	25856	----a-w-	c:\windows\system32\drivers\usbprint.sys
2009-09-28 16:10 . 2008-04-13 18:45	32128	-c--a-w-	c:\windows\system32\dllcache\usbccgp.sys
2009-09-28 16:10 . 2008-04-13 18:45	32128	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2009-09-28 16:04 . 2009-09-28 17:50	186995	----a-w-	c:\windows\hpoins21.dat
2009-09-28 16:04 . 2008-02-13 01:18	7262	------w-	c:\windows\hpomdl21.dat
2009-09-22 16:45 . 2009-09-22 16:45	--------	d-sh--w-	c:\documents and settings\Olivia\IETldCache
2009-09-19 18:21 . 2009-08-07 08:48	100352	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2009-09-19 18:21 . 2009-10-12 20:31	--------	d-----w-	c:\windows\ie8updates
2009-09-19 18:19 . 2009-07-03 16:57	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2009-09-19 18:19 . 2009-07-03 16:57	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-19 15:17 . 2008-01-12 10:12	--------	d-----w-	c:\documents and settings\Olivia\Application Data\OpenOffice.org2
2009-10-19 08:56 . 2003-04-24 19:00	64052	----a-w-	c:\windows\system32\perfc00C.dat
2009-10-19 08:56 . 2003-04-24 19:00	445672	----a-w-	c:\windows\system32\perfh00C.dat
2009-10-18 23:54 . 2008-05-01 17:31	--------	d-----w-	c:\program files\eMule
2009-10-18 08:10 . 2008-01-01 15:06	--------	d-----w-	c:\program files\Mozilla Thunderbird
2009-08-27 06:05 . 2008-01-12 10:06	--------	d-----w-	c:\program files\java
2009-08-17 16:10 . 2008-05-22 10:03	1279456	----a-w-	c:\windows\system32\aswBoot.exe
2009-08-17 16:06 . 2008-05-22 10:03	93392	----a-w-	c:\windows\system32\drivers\aswmon.sys
2009-08-17 16:04 . 2008-05-22 10:03	23152	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2009-08-17 16:02 . 2008-05-22 10:03	97480	----a-w-	c:\windows\system32\AvastSS.scr
2009-08-05 09:00 . 2003-04-24 19:00	205312	----a-w-	c:\windows\system32\mswebdvd.dll
2009-07-25 03:23 . 2009-01-14 03:02	411368	----a-w-	c:\windows\system32\deploytk.dll
2007-11-13 18:11 . 2007-11-13 18:11	3395476	----a-w-	c:\program files\openofficeorg4.cab
2007-11-13 18:11 . 2007-11-13 18:11	68332489	----a-w-	c:\program files\openofficeorg3.cab
2007-11-13 18:04 . 2007-11-13 18:04	17645041	----a-w-	c:\program files\openofficeorg2.cab
2007-11-13 18:03 . 2007-11-13 18:03	19208747	----a-w-	c:\program files\openofficeorg1.cab
2007-11-13 18:02 . 2007-11-13 18:02	4369408	----a-w-	c:\program files\openofficeorg23.msi
2002-03-11 09:06 . 2002-03-11 09:06	1822520	----a-w-	c:\program files\instmsiw.exe
2002-03-11 08:45 . 2002-03-11 08:45	1708856	----a-w-	c:\program files\instmsia.exe
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2005-10-19 901120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Creative WebCam Tray"="c:\program files\Creative\Shared Files\CAMTRAY.EXE" [2003-06-26 184320]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-10-19 81000]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-14 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-22 80896]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Olivia\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.4.lnk - c:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-1-21 393216]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
WlanUtility.lnk - c:\program files\MicroStar\WLANUtility\WlanUtility.exe [2004-5-11 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe"=
"%windir%\Network Diagnostic\xpnetdiag.exe"=
"c:\Program Files\Messenger\msmsgs.exe"=
"c:\Program Files\eMule\emule.exe"=
"c:\program files\Microsoft ActiveSyncapimgr.exe"= c:\program files\Microsoft ActiveSyncapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"e:\Diablo2\game_crk.exe"=
"c:\Program Files\Windows Live\Messenger\wlcsdk.exe"=
"c:\Program Files\Windows Live\Messenger\msnmsgr.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hposid01.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"=
"c:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

S1 aswSP;avast! Self Protection; [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys --> c:\windows\system32\DRIVERS\aswFsBlk.sys [?]
S3 s716bus;Sony Ericsson Device 716 driver (WDM);c:\windows\system32\drivers\s716bus.sys [25/12/2007 15:41 83208]
S3 s716mdfl;Sony Ericsson Device 716 USB WMC Modem Filter;c:\windows\system32\drivers\s716mdfl.sys [25/12/2007 15:42 15112]
S3 s716mdm;Sony Ericsson Device 716 USB WMC Modem Driver;c:\windows\system32\drivers\s716mdm.sys [25/12/2007 15:42 108552]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
HPService	REG_MULTI_SZ   	HPSLPSVC
.
.
------- Examen supplémentaire -------
.
uStart Page = about:blank
FF - ProfilePath - c:\documents and settings\Olivia\Application Data\Mozilla\Firefox\Profiles\10zb2tyo.default\
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-ItsTV - c:\program files\EoRezo\EoWeather\ItsTV.exe
HKLM-Run-EoEngine - (no file)
HKLM-Run-EoWeather - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-10-19 17:15
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ... 

Recherche d'éléments en démarrage automatique cachés ... 

Recherche de fichiers cachés ... 

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3720)
c:\progra~1\WINDOW~2\wmpband.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\java\jre6\bin\jqs.exe
c:\liloute\CF7085.exe
c:\program files\OpenOffice.org 2.4\program\soffice.exe
c:\program files\OpenOffice.org 2.4\program\soffice.bin
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\MicroStar\WLANUtility\WLAN_Service.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
.
**************************************************************************
.
Heure de fin: 2009-10-19 17:25 - La machine a redémarré
ComboFix-quarantined-files.txt  2009-10-19 15:25

Avant-CF: 3 395 207 168 octets libres
Après-CF: 4 085 833 728 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

- - End Of File - - 7C0136D9476AE1C263D621593DC7C7E0

Xplode · Answer

Salut, fais ceci :

-+-+-+-> Findykill ( Infections Bagle ) <-+-+-+-


&#x25B6; Le virus " Bagle " s'attrape via le P2P ( eMule, shareaza, etc.. ), il neutralise le fonctionnement de l'antivirus, désactive le mode sans échec,
désactive l'accès à la base de registre etc..

/!\ Désactive tes protections résidentes ( Antivirus, Pare-Feu, Antispyware ) /!\

[x] Télécharge Findykill.

[x] Branche tout tes médias amovibles sur ton PC

[x] Lance Findykill ( clique droit -> éxecuter en tant qu'administrateur sous vista )

[x] Choisis l'option F ( français ) puis l'option n°1 ( Recherche )

[x] Laisse le scan s'opérer.

[x] Copie/Colle le rapport qui s'ouvrira et poste le dans ta prochaine réponse

[x] Note : Le rapport FindyKill.txt est sauvegardé a la racine du disque. ( C:\FindyKill.txt )

olivier114 · Answer

bonjour,
    * Double-cliquez sur le programme FindyKill présent sur votre Bureau.
    * Choisissez l'option 2 (Suppression).
    * Votre Bureau disparaîtra et le PC redémarrera.
    * Au redémarrage , FindyKill scannera ton PC, laissez travailler l'outil.
    * Ensuite postez le rapport FindyKill.txt qui apparaîtra avec le Bureau.
    * Note : le rapport FindyKill.txt est sauvegardé a la racine du disque. (C:\FindyKill.txt)

olivier114 · Answer

faite ma solution apres celle de xplode

Utilisateur anonyme · Answer

bonsoir à tous et à Xplod ;-)

il n'a pas qu'une infection par bagle : 

c:\program files\EoRezo

bonne continuation ;-)

Xplode · Answer

Je n'avais pas fait attention, mais par ordre de priorité je fais d'abord passe findykill et ensuite un ZHPDiag qui m'aurait permis de voir EoRezo :)

@+ sur le forum ;)

liloute · Answer

voici le rapport de FindyKill:


############################## | FindyKill V5.013 |

# User : Olivia (Administrateurs) # MOBILILY
# Update on 08/10/2009 by Chiquitine29
# Start at: 19:18:40 | 19/10/2009
# Website : http://pagesperso-orange.fr/NosTools/index.html

# mobile AMD Athlon(tm) XP2500+
# Microsoft Windows XP Édition familiale (5.1.2600 32-bit) # Service Pack 3
# Internet Explorer 8.0.6001.18702
# Windows Firewall Status : Enabled
# AV : avast! antivirus 4.8.1351 [VPS 091018-0] 4.8.1351 [ (!) Disabled | Updated ]

# C:\ # Disque fixe local # 18,64 Go (4,48 Go free) # NTFS
# D:\ # Disque CD-ROM
# E:\ # Disque fixe local # 60,09 Go (48,4 Go free) [DATA] # FAT32
# F:\ # Disque amovible # 1,91 Go (1,26 Go free) # FAT
# G:\ # Disque fixe local # 298,02 Go (160,76 Go free) [LACIE] # FAT32

############################## | Processus actifs |

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe

################## | C: |


################## | C:\WINDOWS |

Supprimé ! C:\WINDOWS\Prefetch\FLEC006.EXE-1698382D.pf  
Supprimé ! C:\WINDOWS\Prefetch\WINUPGRO.EXE-17681AA8.pf  

################## | C:\WINDOWS\system32 |


################## | C:\WINDOWS\system32\drivers |


################## | C:\Documents and Settings\Olivia\Application Data |

Supprimé ! C:\Documents and Settings\Olivia\Application Data\drivers\downld  
Supprimé ! C:\Documents and Settings\Olivia\Application Data\drivers  

################## | Références de comparaison Bagle MD5 : |

File : C:\Qoobox\Quarantine\C\Documents and Settings\Olivia\Application Data\drivers\winupgro.exe.vir 
-> Crc32 : e16129dd | Md5 : 39e53d2164961ec41ef548b7f0b3c3ae  
 

################## | Autres suppression ... |

Supprimé ! "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" 
-> Size : 901120 | Crc32 : e16129dd | Md5 : 39e53d2164961ec41ef548b7f0b3c3ae 


################## | Temporary Internet Files |


################## | Registre / Clés infectieuses | 

Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\serial]  
Supprimé ! [HKCU\Software\Local AppWizard-Generated Applications\winupgro]  
Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusDisableNotify"  
Supprimé ! [HKLM\software\microsoft\security center] "AntiVirusOverride"  
Supprimé ! [HKLM\software\microsoft\security center] "FirewallDisableNotify"  
Supprimé ! [HKLM\software\microsoft\security center] "FirewallOverride"  
Supprimé ! [HKLM\software\microsoft\security center] "UpdatesDisableNotify"  
Supprimé ! [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableRegistryTools"  

################## | Etat / Services / Informations |

# Mode sans echec : OK


# Affichage des fichiers cachés : OK

# Ndisuio -> Start = 3 ( Good = 3 | Bad = 4 ) 
# EapHost -> Start = 2 ( Good = 2 | Bad = 4 ) 
# Ip6Fw -> Start = 2 ( Good = 2 | Bad = 4 ) 
# SharedAccess -> Start = 2 ( Good = 2 | Bad = 4 ) 
# wuauserv -> Start = 2 ( Good = 2 | Bad = 4 ) 
# wscsvc -> Start = 2 ( Good = 2 | Bad = 4 ) 

################## | PEH ... |

Corrompu : C:\Program Files\Alwil Software\Avast4\ashAvast.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashChest.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashDisp.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashLogV.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashPopWz.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashQuick.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashServ.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
[Offset = 0000011C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
[Offset = 00000124 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSkPcc.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashSkPck.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashUpd.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\aswRegSvr.exe
[Offset = 000000D4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\copyx64.exe
[Offset = 000000CC - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\sched.exe
[Offset = 000000FC - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\VisthLic.exe
[Offset = 0000010C - Valeur = 0x0001]

Corrompu : C:\Program Files\Alwil Software\Avast4\VisthUpd.exe
[Offset = 000000F4 - Valeur = 0x0001]

Corrompu : C:\Program Files\Creative\Creative WebCam NX\WebCam Monitor\Monitor.exe
[Offset = 00000114 - Valeur = 0x0001]

Corrompu : C:\Program Files\Spybot - Search & Destroy\blindman.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
[Offset = 00000104 - Valeur = 0x0001]

Corrompu : C:\SphinxME\Sphinx.exe
[Offset = 00000104 - Valeur = 0x0001]


################## | Cracks / Keygens / Serials |

"C:\Documents and Settings\Olivia\Application Data\Microsoft\Internet Explorer\Quick Launch\"VirtualDJcrack.exe.lnk""  
28/12/2007 11:53 |Size 737 |Crc32 07d9f199 |Md5 a4ee1f17809726f608cac662d7a10ada  
 

################## | ! Fin du rapport # FindyKill V5.013 ! |

Xplode · Answer

Corrompu par bagle, à désinstaller -> Avast!, Spybot, SphinxMe ( tu connais ? ) , et ton programme de webcam.


-+-+-+-> ZHPDiag <-+-+-+-


[x] Télécharge ZHPDiag ( de Nicolas coolman ).

[x] Double clique sur le fichier d'installation, puis installe le avec les paramètres par défaut ( N'oublie pas de cocher " Créer une icône sur le bureau " )

[x] Lance ZHPDiag en double cliquant sur l'icône présente sur ton bureau

[x] Clique sur la loupe en haut à gauche, puis laisse l'outil scanner.

[x] Une fois le scan terminé, clique sur l'icône en forme de disquette et enregistre le fichier sur ton bureau.

[x] Rend toi sur www.cjoint.com

[x] Clique sur " Parcourir " dans la partie " Joindre un fichier[...] "

[x] Séléctionne le rapport ZHPdiag.txt qui se trouve sur ton bureau

[x] Clique ensuite sur " Créer le lien cjoint " et copie/colle le dans ton prochain message

Utilisateur anonyme · Answer

re,
bonne continuation  :-)

liloute · Answer

voilà j'ai fait tout ce que tu m'as dit, le lien c'est ça:
https://www.cjoint.com/?ktw3Eh7YpO

Utilisateur anonyme · Answer

bonjour,
avec permission de Xplod et pour avancer les choses :-)

•/!\ Utilisateur de Vista : Ne pas oublier de désactiver l’UAC juste le temps de désinfection de ton pc, il sera à réactiver plus tard :
Tuto : https://www.commentcamarche.net/faq/8343-vista-desactiver-l-uac
/!\ Déconnecte-toi et ferme toutes applications en cours /!\ 

Télécharge de AD-Remover (Merci à Cyrildu17 / C_XX) sur ton Bureau.
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe

Miroir: 

https://www.androidworld.fr/

- Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files). 
- Double-clique sur l'icône Ad-remover située sur ton Bureau. 
/!\Utilisateur de Vista : Clique droit sur le logo de AD-Remover, « exécuter en tant qu’Administrateur »
- Au menu principal, choisis l'option "L" (lancer ne nettoyage). 
- Poste le rapport qui apparaît à la fin. 

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log) 

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller) 

Note : 
"Process.exe", une composante de l'outil, est détectée par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. 
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. 
 
Tuto : https://kerio.probb.fr/t3786-tuto-ad-remover


bonne journée :-)

J'ai un virus bagle

10 réponses

Discussions similaires