Gros problème de virus?

stissy.v Messages postés 15 Statut Membre -  
did71 Messages postés 2187 Statut Contributeur sécurité -
Bonjour,

J'utilise BIT Defender 10 qui a disparu soudainement. Impossible de le réinstaller. Idem pour d'autres anti virus pour lesquels j'avais téléchargé les versions d'évalution.
Pouvez-vous m'aider à résoudre ce problème. Merci
Configuration: Windows XP
Internet Explorer 6.0

10 réponses

  1. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    Bonsoir,

    télécharge HijackThis:

    http://pchelpbordeaux.free.fr/logiciels.html

    Tutorial:

    http://pchelpbordeaux.free.fr/tuto.html

    Démo en image:

    http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm

    Fais un scan et poste l'analyse.

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Bonsoir et merci pour la réponse. Voici le scan:

      Logfile of HijackThis v1.99.1
      Scan saved at 22:54:17, on 18/02/2007
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
      C:\WINDOWS\System32\ctfmon.exe
      C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
      C:\WINDOWS\System32\hldrrr.exe
      C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
      C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Hijackthis Version Française\hijackthis vf.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: (no name) - {00000EF1-0786-4633-87C6-1AA7A44296DA} - (no file)
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
      O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
      O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [ImInstaller_IncrediMail] C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\ImInstaller\IncrediMail\imloader.exe -startup -product IncrediMail
      O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
      O4 - HKLM\..\Run: [PDF3 Registry Controller] "C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\\RegistryController.exe"
      O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
      O4 - HKLM\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /QS
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
      O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
      O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files\ScanSoft\OmniPage15.0\PDFConverter3\IEShellExt.dll /100
      O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
      O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
      O16 - DPF: {22272CAC-E859-4523-B505-7ECF74469A1B} (Mdview3d Control) - http://www.veka.de/__C1256E8C00321464.nsf/html/mdview3d.cab/$FILE/mdview3d.cab
      O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (Download Helper Class) - http://activex.microgaming.com/DLhelper/version7/dlhelper.cab
      O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - http://www.o2c.de/download/o2cplayer.cab
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
      O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: IAA Event Monitor (IAANTMon) - Intel - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
      O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
      0
  2. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    Bonjour,

    Télécharge Blacklight (de F-Secure), sauvegarde le sur ton Bureau:

    https://europe.f-secure.com/exclude/blacklight/index.shtml

    Double-clique blbeta.exe et accepte la licence ;clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

    Copie et colle le contenu de ce rapport dans ta prochaine réponse!

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Bonsoir,

      Voilà le résultat de F Secure

      02/19/07 20:22:06 [Info]: BlackLight Engine 1.0.55 initialized
      02/19/07 20:22:06 [Info]: OS: 5.1 build 2600 (Service Pack 1)
      02/19/07 20:22:06 [Note]: 7019 4
      02/19/07 20:22:06 [Note]: 7005 0
      02/19/07 20:22:12 [Note]: 7006 0
      02/19/07 20:22:12 [Note]: 7011 1764
      02/19/07 20:22:12 [Note]: 7026 0
      02/19/07 20:22:12 [Note]: 7026 0
      02/19/07 20:22:12 [Note]: 7024 3
      02/19/07 20:22:12 [Info]: Hidden process: C:\WINDOWS\System32\hldrrr.exe
      02/19/07 20:22:12 [Note]: 7024 3
      02/19/07 20:22:12 [Info]: Hidden process: C:\WINDOWS\System32\hldrrr.exe
      02/19/07 20:22:12 [Note]: 7024 3
      02/19/07 20:22:12 [Info]: Hidden process: C:\WINDOWS\System32\wintems.exe
      02/19/07 20:22:23 [Note]: FSRAW library version 1.7.1021
      02/19/07 20:22:24 [Info]: Hidden file: c:\Documents and Settings\utilisateur\Application Data\hidires\hidr.exe
      02/19/07 20:22:24 [Note]: 10002 2
      02/19/07 20:22:24 [Info]: Hidden file: c:\Documents and Settings\utilisateur\Application Data\hidires\m_hook.sys
      02/19/07 20:22:24 [Note]: 10002 2
      02/19/07 20:22:24 [Info]: Hidden file: c:\Documents and Settings\utilisateur\Application Data\hidires\flec003.exe
      02/19/07 20:22:24 [Note]: 10002 3
      02/19/07 20:22:24 [Note]: 10002 3
      02/19/07 20:22:24 [Note]: 10002 3
      02/19/07 20:22:24 [Note]: 10002 2
      02/19/07 20:22:24 [Note]: 10002 2
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9li.dll
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9cbe.dll
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9cbeEN.cbd
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9cbeFR.cbt
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9ce.icr
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9ce.sav
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9cf.icr
      02/19/07 20:23:24 [Note]: 10002 3
      02/19/07 20:23:24 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9cf.sav
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9en.hlp
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9en.hwl
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9en.mor
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9fr.adv
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9fr.hlp
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9fr.hyd
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9fr.icr
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9fr.mor
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9fr.rul
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9fr.sav
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9fr.ths
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9gefr.cnt
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\Wt9gefr.hlp
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9geuk.cnt
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9geuk.hlp
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9geus.cnt
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\WT9GEUS.HLP
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\WT9LDEN.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\WT9LDFR.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9ldxx.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9oz.icr
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9oz.sav
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9sptlEN.exe
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9sptlfr.hlp
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\WT9SPWP.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uien.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uifr.dll
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uk.adv
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uk.icr
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uk.rul
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uk.sav
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9uk.ths
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9us.adv
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9us.icr
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9us.rul
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9us.sav
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Info]: Hidden file: c:\Program Files\Corel\Shared\Writing Tools\9.0\wt9us.ths
      02/19/07 20:23:25 [Note]: 10002 3
      02/19/07 20:23:25 [Note]: 10002 2
      02/19/07 20:23:25 [Note]: 10002 2
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 3
      02/19/07 20:23:27 [Note]: 10002 2
      02/19/07 20:23:27 [Note]: 10002 2
      02/19/07 20:25:31 [Note]: 10002 2
      02/19/07 20:25:31 [Note]: 10002 2
      02/19/07 20:25:42 [Info]: Hidden file: C:\WINDOWS\System32\wintems.exe
      02/19/07 20:25:42 [Note]: 10002 2
      0
  3. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    télécharge ELIBAGLA sur ton bureau:

    http://www.zonavirus.com/datos/archivos/Descargas/Utilidades%20SATINFO/EliBaglA.exe

    Double-clic sur Elibagla.exe>laisse la case
    "eliminar ficheros automaticamente" coché>clique sur"explorar"
    >laisse-le travailler>poste le rapport final qui sera
    dans c:\infosat.txt

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Voilà le résultat


      Mon Feb 19 20:36:34 2007
      EliBagle v10.15 (c)2007 S.G.H. / Satinfo S.L.
      ----------------------------------------------
      Lista de Acciones (por Acción Directa):
      C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Renombrado a .VIR
      C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
      C:\DOCUMENTS AND SETTINGS\UTILISATEUR\APPLICATION DATA\HIDIRES\HIDR.EXE --> Bagle Renombrado a .VIR
      C:\DOCUMENTS AND SETTINGS\UTILISATEUR\APPLICATION DATA\HIDIRES\M_HOOK.SYS --> Eliminado Bagle (rootkit)
      Por favor, envienos una muestra del fichero
      C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.15
      a "virus@satinfo.es". Gracias.
      C:\WINDOWS\SYSTEM32\HLDRRR.EXE --> Bagle Renombrado a .VIR
      Eliminada Carpeta "%WinDir%\exefld"
      Restaurada Clave: "SafeBoot\Minimal y Network"
      0
  4. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    ok!

    passe un scan en ligne ici:

    http://www.bitdefender.fr/scan8/ie.html

    poste le rapport bitdefender!

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Bonjour,

      Voici le scan de bitdefender.

      <HTML>
      <HEAD>
      <TITLE>BitDefender Online Scanner -Scan Report</TITLE>
      <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
      <meta name="generator" content="Namo WebEditor v5.0(Trial)">
      </HEAD>
      <BODY BGCOLOR=#FFFFFF leftmargin="10" marginwidth="0" topmargin="20" marginheight="0" >


      <table align="center" border="0" cellpadding="0" cellspacing="0" width="90%">
      <tr>
      <td width="458">
      <p><font face="Arial" color=red><span style="font-size:14pt;"><b>BitDefender
      Online Scanner</b></span></font></p>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>
      <tr>
      <td colspan="3" width="912">
      <p><font face="Arial"><span style="font-size:11pt;"><B>Scan report generated
      at: Tue, Feb 20, 2007 - 00:08:36</b></span></font></p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <p><font face="Arial"><span style="font-size:11pt;"><B>Scan
      path: </b></span><span style="font-size:10pt;">A:\;C:\;D:\;E:\;F:\;</span></font></p>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <p><font face="Arial"><span style="font-size:11pt;"><B> </b></span></font></p>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
      <tr>
      <td width="451" colspan="2" bgcolor="#CCCCCC">
      <p><font face="Arial" size="2"><B>Statistics</b></font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Time</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">03:16:34</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Files</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">1470159</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Folders</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">6150</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Boot Sectors</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">2</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Archives</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">12100</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Packed Files</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">314710</font></p>
      </td>
      </tr>
      </table>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>



      <tr>
      <td width="458">
      <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
      <tr>
      <td width="451" colspan="2" bgcolor="#CCCCCC">
      <p><font face="Arial" size="2"><B>Results</b></font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Identified Viruses </font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">4</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Infected Files </font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">35</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Suspect Files </font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">0</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Warnings</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">0</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Disinfected</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">0</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Deleted Files</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">34</font></p>
      </td>
      </tr>
      </table>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
      <tr>
      <td width="451" colspan="2" bgcolor="#CCCCCC">
      <p><font face="Arial" size="2"><B>Engines Info</b></font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Virus Definitions</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">388874</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Engine build</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan plugins</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">14</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Archive plugins</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">38</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Unpack plugins</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">6</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">E-mail plugins</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">6</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">System plugins</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">1</font></p>
      </td>
      </tr>
      </table>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td width="458">
      <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
      <tr>
      <td width="451" colspan="2" bgcolor="#CCCCCC">
      <p><font face="Arial" size="2"><B>Scan Settings</b></font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">First Action</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Disinfect</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Second Action</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Delete</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Heuristics</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Enable Warnings</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scanned Extensions</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">*;</font></p>
      </td>
      </tr>

      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Exclude Extensions</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2"> </font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan Emails</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan Archives</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan Packed</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan Files</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">Scan Boot</font></p>
      </td>
      <td width="43%" align="right">
      <p><font face="Arial" size="2">Yes</font></p>
      </td>
      </tr>
      </table>
      </td>
      <td width="40%">
      <p> </p>
      </td>
      <td width="10%">
      <p> </p>
      </td>
      </tr>

      <tr>
      <td colspan=2>  
      <table border="1" cellspacing="0" bordercolordark="white" bordercolorlight="black" width="100%">
      <tr>
      <td width="252" bgcolor="#CCCCCC">
      <p><font face="Arial" size="2"><B>Scanned File</b></font></p>
      </td>
      <td width="195" bgcolor="#CCCCCC" align="right">
      <p align="left"><b><font size="2" face="Arial"> Status</font></b></p>
      </td>
      </tr>
      <tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Trojan.Downloader.Bagle.AV</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HM@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104584.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104584.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104590.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104590.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104592.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104592.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104593.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104593.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104594.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104594.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104596.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104596.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104603.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.HW@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104603.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Deleted</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104605.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Infected with: Win32.Bagle.CK@mm</font></p>
      </td>
      </tr><tr>
      <td width="57%">
      <p><font face="Arial" size="2">C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104605.exe</font></p>
      </td>
      <td width="43%" align="left">
      <p><font face="Arial" size="2">Disinfection failed</fon
      0
    2. stissy.v Messages postés 15 Statut Membre
       
      C'est quand même plus lisible comme ça.


      BitDefender Online Scanner



      Scan report generated at: Tue, Feb 20, 2007 - 00:08:36





      Scan path: A:\;C:\;D:\;E:\;F:\;







      Statistics

      Time
      03:16:34

      Files
      1470159

      Folders
      6150

      Boot Sectors
      2

      Archives
      12100

      Packed Files
      314710




      Results

      Identified Viruses
      4

      Infected Files
      35

      Suspect Files
      0

      Warnings
      0

      Disinfected
      0

      Deleted Files
      34




      Engines Info

      Virus Definitions
      388874

      Engine build
      AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

      Scan plugins
      14

      Archive plugins
      38

      Unpack plugins
      6

      E-mail plugins
      6

      System plugins
      1




      Scan Settings

      First Action
      Disinfect

      Second Action
      Delete

      Heuristics
      Yes

      Enable Warnings
      Yes

      Scanned Extensions
      *;

      Exclude Extensions


      Scan Emails
      Yes

      Scan Archives
      Yes

      Scan Packed
      Yes

      Scan Files
      Yes

      Scan Boot
      Yes




      Scanned File
      Status

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP643\A0104487.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP645\A0104500.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP646\A0104519.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP648\A0104549.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104559.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104568.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104577.sys
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe
      Infected with: Trojan.Downloader.Bagle.AV

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104580.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104581.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104583.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104584.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104584.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104585.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104586.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104587.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104588.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104589.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104590.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104590.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104591.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104592.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104592.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104593.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104593.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104594.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104594.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104595.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104596.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104596.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104597.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104598.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104599.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104600.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104601.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104602.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104603.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104603.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104604.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104605.exe
      Infected with: Win32.Bagle.CK@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104605.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104605.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104606.exe
      Infected with: Win32.Bagle.HW@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104606.exe
      Deleted

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104607.exe
      Infected with: Win32.Bagle.HM@mm

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104607.exe
      Disinfection failed

      C:\System Volume Information\_restore{13D815E2-2525-4684-B8D6-6A2F3FC57258}\RP649\A0104607.exe
      Deleted

      C:\WINDOWS\system32\WINTEMS.EXE.VIR
      Infected with: Trojan.Downloader.Bagle.AV

      C:\WINDOWS\system32\WINTEMS.EXE.VIR
      Disinfection failed

      C:\WINDOWS\system32\WINTEMS.EXE.VIR
      Delete failed
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    Bonsoir,

    1) désactive ta restauration système:

    http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924

    2) recherche et supprime le fichier en gras ci dessous:

    C:\WINDOWS\system32\WINTEMS.EXE.VIR

    3) repasse le scan bitdefender et poste le rapport!

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      bonsoir,

      Impossible de trouver le fichier wintems
      0
  7. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    Rendre visible les fichiers cachés et système
    panneau de configuration > options des dossiers > onglet affichage
    Cocher la case devant " afficher les fichiers et dossiers cachés "
    Décocher la case devant " masquer les extensions des fichiers dont le type est connu"
    Décocher la case devant " masquer les fichiers protégés du système"
    clic sur [Appliquer] puis sur [ok] pour valider

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Je pense qu'il se cache bien ou qu'il a déjà été effacé car je ne le trouve nul part. J'ai lancé le scan bitdefender
      0
  8. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    ok, à la suite du scan, on va s'occuper de lui!

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Voilà le résultat du scan. C'est magique il n'y a plus rien. Comment faire maintenant? En tout cas, merci beaucoup.

      BitDefender Online Scanner



      Scan report generated at: Tue, Feb 20, 2007 - 23:14:55





      Scan path: A:\;C:\;D:\;E:\;F:\;







      Statistics

      Time
      03:07:19

      Files
      1431776

      Folders
      6059

      Boot Sectors
      2

      Archives
      11476

      Packed Files
      314346




      Results

      Identified Viruses
      0

      Infected Files
      0

      Suspect Files
      0

      Warnings
      0

      Disinfected
      0

      Deleted Files
      0




      Engines Info

      Virus Definitions
      389162

      Engine build
      AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)

      Scan plugins
      14

      Archive plugins
      38

      Unpack plugins
      6

      E-mail plugins
      6

      System plugins
      1




      Scan Settings

      First Action
      Disinfect

      Second Action
      Delete

      Heuristics
      Yes

      Enable Warnings
      Yes

      Scanned Extensions
      *;

      Exclude Extensions


      Scan Emails
      Yes

      Scan Archives
      Yes

      Scan Packed
      Yes

      Scan Files
      Yes

      Scan Boot
      Yes




      Scanned File
      Status

      No virus found.
      0
  9. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    pour vérifier,

    télécharge pocket killbox directement sur ton bureau :

    http://www.killbox.net/

    Lance Pocket killbox
    coche la case delete on reboot
    Dans le champs "Full Path of File to Delete" , copie :

    C:\WINDOWS\system32\WINTEMS.EXE.VIR

    Puis clik sur le rond rouge avec la croix blanche.

    Si killbox redémarre ton pc, laisse le faire sinon redémarre toi même.

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Bonsoir,

      Tout semble correct maintenant. J'ai réinstaller Bitdefender sans problème. Par contre, que faire de l'option restauration système. A quoi sert elle? Faut elle la réactiver.
      Encore un grand merci pour ton aide.
      0
  10. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    re,

    oui, réactive ta restauration système!

    en cas de soucis, tu pourras restaurer ton système à une date antérieur, c'est important!

    indique ce sujet comme résolu, si tout va bien!

    Bon surf!

    a+
    0
    1. stissy.v Messages postés 15 Statut Membre
       
      Bonjour,

      Veux-tu dire qu'il faut que je mette mon horloge au 1/02/07 par exemple et que je réactive la restauration après ou s'agit il d'une autre manip?
      0
  11. did71 Messages postés 2187 Statut Contributeur sécurité 36
     
    Bonjour,

    réactive la restauration système et c'est tout! ne touche à rien d'autre!

    La restauration permet de retourner en arrière si tu rencontres un problème à l'avenir!

    a+
    0