Sujet Précédent Sujet Suivant

Hijackthis rapport SOS

Fermé
seb73 - 15 oct. 2007 à 14:45
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 - 20 oct. 2007 à 17:43
Bonjour,
mon ordi rame, mon antivrus norton2007 ne marche plus ni spybot. j'ai essaye de les reinstaller mais impossible, car message erreur indiquant que les fichier .exe sont manquant.
ci dessous est le rapport de hijackthis, pouvez vous m'aider?
merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:08, on 10/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/weather/5day.shtml?world=0008
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot a\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{87521A13-B41E-4DE7-825E-5B3B5F5A880C}: NameServer = 212.135.1.36 195.40.1.36
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

14 réponses

Réponse 1 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
15 oct. 2007 à 15:28
bonjour et bienvenue sur CCM

Télécharge Catchme de Gmer :
http://www2.gmer.net/catchme.exe sur le bureau

Double clique sur le fichier catchme.exe pour le lancer, il ne nécessite pas d'installation.
Une fenêtre DOS va s'ouvrir, laisse travailler le scan qui dure quelques instants.
Quand tu vois scan completed successfully tu fermes la fenêtre par Entrée
Un rapport catchme.log sera créé, poste-le pour analyse des résultats.
0
seb73
15 oct. 2007 à 19:03
Bonjour,
merci pour ton aide, comme demande le resultat du scan ci dessos;
catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

? [1632]

scanning hidden services ...

HKLM\SYSTEM\CurrentControlSet\Services\srserviceAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\SrverviceAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\SSDPSRVceAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\stisvcVceAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\StmatmVceAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\streamipeAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\swenumipeAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\swmidiipeAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\SwPrviipeAgent Service (default)

HKLM\SYSTEM\CurrentControlSet\Services\Symantec Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\symc810c Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\symc8xxc Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\symlcbrd Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\sym_hird Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\sym_u3rd Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\sysaudio Core LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\SysmonLogCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TapiSrvogCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TaurusUsbCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TcpipsUsbCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TDPIPEUsbCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TDTCPEUsbCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TermDDUsbCore LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TermServicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\Themesrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TlntSvrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TosIdervicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TrkWksrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\TSDDDsrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\UdfsDsrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\ultrasrvicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\Updatervicere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\upnphosticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\UPSphosticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\usbehciticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\usbhubiticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\usbohciticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\usbscanticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\USBSTORticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\usnjsvcticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\VgaSaveticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\ViaIdeeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\VolSnapticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\VSSSnapticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\W32Timeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\W3SVCmeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\Wanarpeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WDICApeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\wdmaudeticere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WebClientcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\winmgmtntcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\Winsockntcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2tcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WinTrusttcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WmdmPmSNtcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WmimPmSNtcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WmiApRpltcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WmiApSrvtcere LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WMPNetworkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WS2IFSLorkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\wscsvcLorkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WSTCODECrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\wuauservrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WudfPfrvrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WudfRdrvrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WudfSvcvrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\WZCSVCcvrkSvc LCervice (default)

HKLM\SYSTEM\CurrentControlSet\Services\xmlprovvrkSvc LCervice (default)

scanning hidden autostart entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 1
hidden services: 68
hidden files: 0
0
Réponse 2 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
15 oct. 2007 à 19:20
fais ceci

Télécharge Avira AntiRootkit Tool et dézippe-le sur ton bureau.
https://support.avira.com/hc/en-us
Ouvre le dossier antivir_rootkit créé,
double-clique sur le fichier setup.exe, et suis les instructions d'installation du programme. Lorsque c'est terminé,
lance l'outil par le menu
démarrer / tous les programmes / Avira RootKit Detection / Avira RootKit Detection.
Vérifie que les cases
"Scan files",
"Scan registry", "
Scan processes",
"Scan all drives"
et "Show progress" soient bien cochées.
Clique à présent sur "Start scan" et patiente.
Lorsque le scan est terminé, clique sur "View report" et dans ta prochaine réponse, poste le contenu du rapport qui s'est ouvert.
0
seb73
15 oct. 2007 à 20:20
bonsoir,

merci pour tes reponses rapides. ci dessous le resultats,:
15/10/2007 19:18:28]
AntiVir Removal Tool 3.0 (c) 2006 Avira GmbH
Removal Tool for:
Sober.J/P/Y
W32/Stanit.A
Worm/Mytob.IN.2/KS
Worm/NetSky.AA/B.1/C/D.Dam/P/X

Version: 3.0.1.16, Sep 20 2006 11:04:38

Use /? to list all available command line options

- Saving results to logfile "tool_en.log".

- Host: "seb-loco", IP: 87.80.152.36

Scanning memory... done

No malware found in memory


Scanning drive C: ...

Scanning drive D: ...

No malware found on hard drives

scan results:

scanned directories: 4541
scanned files: 52393
scanned streams: 39
scanned processes: 31
scanned modules: 344

infected files: 0
infected processes: 0

repaired/removed files: 0
renamed files: 0
terminated processes: 0

elapsed time for memory scan: 5.45 seconds
average memory scanner throughput: 24629.38 KB/s

elapsed time for file scan: 775.64 seconds
average file scanner throughput: 774.32 KB/s

Thank you for using AntiVir Removal Tool.
0
Réponse 3 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
15 oct. 2007 à 21:58
faire un scan antivirus en ligne avec internet explorer et accepter l'activex
poster le rapport ici ensuite
http://pandasoftware.fr
0
seb73
16 oct. 2007 à 21:25
bonsoir,

desole pour ma reponse un peu tardive, ja'i eu bcp de boulot. Donc voici ce dessous le resultat du scan, il y a l'air d'avoir bcp de problemes. Merci .

ANALYSIS: 2007-10-16 20:20:02
PROTECTIONS: 0
MALWARE: 71
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00106084 Application/Dnet.A HackTools No 0 No No D:\informatique\microsoft.product.activation.crack.all.products.office.windows.xp.2003.pro.professional.home.server.enterprise.rar[instw32.exe]
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@casalemedia[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@atdmt[1].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@247realmedia[1].txt
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@linksynergy[1].txt
00154200 Adware/nCase Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000300.exe
00154200 Adware/nCase Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000473.exe
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000475.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000316.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001491.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001507.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001515.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000458.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001522.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000402.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000401.DLL
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000272.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000189.dll
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@revenue[2].txt
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@yadro[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@xiti[1].txt
00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@statcounter[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@ad.yieldmanager[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@server.iad.liveperson[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@advertising[2].txt
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000290.exe
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000323.exe
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000321.exe
00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@statse.webtrendslive[2].txt
00170535 Cookie/GoClick TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@overture[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@zedo[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@bluestreak[2].txt
00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@stats1.reliablestats[2].txt
00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@searchportal.information[1].txt
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000330.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000331.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000326.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000329.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000328.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000327.bat
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@adviva[2].txt
00215524 Adware/WebHancer Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe[whAgent.exe]
00215524 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000034.exe
00215581 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000036.dll
00215581 Adware/WebHancer Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe[webhdll.dll]
00215582 Adware/WebHancer Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe[whSurvey.exe]
00215583 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000035.dll
00215583 Adware/WebHancer Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe[whiehlpr.dll]
00236675 Trj/Droppofonic.A Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000320.exe
00261977 Adware/WebHancer Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe[whInstaller.exe]
00261978 Adware/WebHancer Adware No 0 Yes No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\WHCC2[1].exe
00263780 w32/bagle.hx.worm Virus/Worm No 1 Yes No hkey_current_user\software\datetime4
00263780 w32/bagle.hx.worm Virus/Worm No 1 Yes No c:\windows\system32\wintems.exe
00270220 W32/Parite.B Virus No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000324.exe
00270220 W32/Parite.B Virus No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000325.exe
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000049.exe
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000196.exe
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[mediam.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000197.exe
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000050.exe
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[my.exe]
00273493 Adware/PurityScan Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000410.EXE[YazzleBundle-1122.exe][â– ++\Yazzle1122OinAdmin.exe]
00273493 Adware/PurityScan Adware No 0 No No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\116[1].avi[YazzleBundle-1122.exe][â– ++\Yazzle1122OinAdmin.exe]
00273493 Adware/PurityScan Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000406.EXE[â– ++\Yazzle1122OinAdmin.exe]
00274748 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000188.exe
00274748 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000033.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000384.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000404.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000400.exe
00275094 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000336.exe
00275636 Bck/Sdbot.HFH Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000334.EXE
00275669 Adware/Gimmy Adware No 0 Yes No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\gimmysmileys[1].exe
00275669 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000052.exe
00276072 Adware/YazzleSudoku Adware No 0 Yes No C:\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe
00276073 Adware/YazzleSudoku Adware No 0 Yes No C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\L1NRMHRP\116[1].avi
00276073 Adware/YazzleSudoku Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000410.EXE
00276331 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000031.dll
00276331 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000186.dll
00276708 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000337.exe
00276965 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000095.exe
00277055 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000405.exe
00277439 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000407.dll
00277600 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000408.exe
00278146 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whiehlpr.dll]
00278147 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whAgent.exe]
00278148 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[webhdll.dll]
00278149 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whInstaller.exe]
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000460.exe
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000348.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000412.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe[²ªÇ]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000201.exe
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001501.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000048.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001484.exe
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001530.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000468.exe
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000295.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[mc-110-12-0000336.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000293.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000466.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001528.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001482.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001499.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000199.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000046.exe
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000047.exe
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000467.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000294.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001483.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001500.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001529.exe
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000200.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[drsmartload195a.exe]
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[â– &&\Windows\WinUpdate.exe]
00285162 Spyware/SurfSideKick Spyware No 1 Yes No C:\Documents and Settings\seb\Local Settings\Temp\da160.tmp
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe[²ÜÇ\nsProcess.dll]
00521528 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@www.winantiviruspro[2].txt
00606703 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000187.dll
00606703 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000032.dll
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP433\A0059076.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059109.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059096.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP435\A0059122.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056647.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\WINDOWS\system32\drivers\srosa.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056917.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056967.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059142.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059148.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059043.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059036.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057017.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0058961.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057042.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057061.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058930.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057081.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP429\A0058917.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP428\A0058898.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP437\A0059171.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP427\A0058885.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP422\A0057374.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057431.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060171.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058867.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059062.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058844.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058811.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060181.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058778.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058516.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058500.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0058470.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060253.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057471.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058858.sys
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\347218.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\189546.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\395656.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\15342781.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058924.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\607359.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058938.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0058963.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\1096875.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\14812359.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059046.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059056.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\Documents and Settings\sebloco\Application Data\m\flec006.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059067.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\14962250.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059089.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\WINDOWS\exefld\14751046.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059101.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001502.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001485.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000051.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000202.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000296.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000469.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001531.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\14886156.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\14514281.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\15155265.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\109328.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\156906.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\108796.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\28917953.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\29288953.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\29558828.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060254.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP437\A0059196.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\WINDOWS\exefld\43320515.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059158.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP435\A0059124.exe
02523551 Bck/Mitglieder.QC Virus/Trojan Yes 2 Yes No C:\WINDOWS\SYSTEM32\WINTEMS.EXE
;===================================================================================================================================================================================
SUSPECTS
Location
;===============================================================================================================================
0
Réponse 4 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
16 oct. 2007 à 21:44
effectivement tu es pas mal infecté par ce que je pensais et d'autres...baggle a invité des copains à la fête!!mais tu les y avais déjà conviés....
Application/Dnet.A HackTools No 0 No No D:\informatique\microsoft.product.activation.crack.all.products.office.windows.xp.2003.pro.professional.home.ser
je te conseille de supprimer, vraisemblablement la source des infections!!ce n'est pas pour t'enfonce, c'est un constat!
un peu de lecture sur les risques du crack et du P2P
dans celui-ci, tesgaz t'explique les risques du P2P
https://forum.zebulon.fr/topic/85544-pr%C3%A9vention-le-p2p-et-ses-cons%C3%A9quences/

dans celui-là, les risques du crack
https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/

bon maintenant on désinfecte!

Télécharge : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires. Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Par la suite, laisse-le avec ses réglages par défaut. C'est tout.
Un tuto
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm
lance CCleaner , nettoyeur, et supprime tout ce qu'il trouve
lance CCleaner erreur et supprime tout ce qu'il trouve

Rends toi sur ce site :
http://www.zonavirus.com/datos/descargas/95/elibagla.asp
tout en bas de cette page tu trouveras un outil à télécharger,
clique sur "escargar Elibagla" (le numéro de version change au fur et à mesure des mises à jour)
installe ce fichier sur le bureau.
ensuite double-clic sur Elibagla.exe
>laisse la case "eliminar ficheros automaticamente" coché
>clique sur"explorar"
>laisse-le travailler
>poste le rapport final qui sera dans c:\infosat.txt

Si, dans le rapport, tu vois un texte semblable à celui-ci

Por favor, envienos una muestra del fichero
C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24
a "virus@satinfo.es". Gracias;

envoie ce(s) fichier(s) (dans l'exemple C:\Muestras\HLDRRR.EXE.Muestra EliBagle v10.24 ) à l'adresse e-mail indiquée (virus@satinfo.es).

L'outil a rencontré un fichier qu'il reconnait mais ne sait pas encore éradiquer. Dans 24 heures environ, sur le site, la version de déchargement (v10.24 dans l'exemple) aura changé par rapport à celle actuelle. Tu retéléchargeras l'outil, tu le relanceras et tu posteras le rapport.

ensuite tu fais ceci, ne pas laisser aux virus le temps de se reposer...
Télécharge combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Double clique combofix.exe.
Tape sur la touche Y (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse
NOTE : Le rapport se trouve également ici : C:\Combofix.txt

poste les rapports de elibagla, Combofix, Hijack this dans cet ordre..
bon courage et à demain pour la suite



0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
seb73
16 oct. 2007 à 23:16
je viens juste de finir d'appliuer tous tes conseils et je te poste les 3 rapports;

rapport de elibagla;

Tue Oct 16 21:45:02 2007
EliBagle v10.60 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v10.60
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Renombrado a .VIR
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Bagle Renombrado a .VIR
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle (rootkit)
C:\DOCUMENTS AND SETTINGS\SEBLOCO\APPLICATION DATA\M\FLEC006.EXE --> Eliminado Bagle.dldr
C:\DOCUMENTS AND SETTINGS\SEBLOCO\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle
Eliminada Carpeta "%WinDir%\exefld"
Restaurada Clave: "SafeBoot\Minimal y Network"

Tue Oct 16 21:45:59 2007
EliBagle v10.60 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Google\GoogleToolbarNotifier\GOOGLETOOLBARNOTIFIER.EXE --> Eliminado Bagle

Tue Oct 16 21:48:52 2007
EliBagle v10.60 (c)2007 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad D:\


rapport de combofix;

ComboFix 07-10-16.1 - sebloco 2007-10-16 21:52:53.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.44.1033.18.671 [GMT 1:00]
Running from: C:\Documents and Settings\sebloco\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\LocalService\Application Data\CROSOF~1.NET
C:\Documents and Settings\seb\Application Data\Sskcwrd.dll
C:\Documents and Settings\seb\Application Data\Sskknwrd.dll
C:\Documents and Settings\seb\Application Data\Sskuknwrd.dll
C:\Program Files\windows
C:\Program Files\windows\INF\Windows9898SE\penusba.inf
C:\Program Files\windows\INF\WindowsME\penusbb.inf
C:\Program Files\windows\System\IOSUBSYS\Windows9898SE\penusb6.vxd
C:\Program Files\windows\System32\Drivers\Windows9898SE\penusb5.sys
C:\WINDOWS\fnts~1
C:\WINDOWS\mdrive
C:\WINDOWS\system32\smante~1

.
((((((((((((((((((((((((( Files Created from 2007-09-16 to 2007-10-16 )))))))))))))))))))))))))))))))
.

2007-10-16 21:51 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-16 21:44 <DIR> d-------- C:\Muestras
2007-10-16 21:38 <DIR> d-------- C:\Program Files\CCleaner
2007-10-16 08:20 <DIR> d-------- C:\Program Files\Panda Security
2007-10-11 17:58 75,268 --a------ C:\WINDOWS\system32\WINTEMS.EXE.VIR
2007-10-10 21:35 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-02 14:57 <DIR> d--h----- C:\Documents and Settings\sebloco\Application Data\m
2007-09-30 18:38 <DIR> d-------- C:\Program Files\Spybot a
2007-09-30 17:18 <DIR> d-------- C:\Program Files\CheckIt
2007-09-30 17:09 <DIR> d-------- C:\Program Files\PerformanceTest
2007-09-30 11:53 2,137,600 --a------ C:\WINDOWS\system32\ntoskrnl.exe
2007-09-30 11:53 2,137,600 --a--c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2007-09-30 11:42 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-09-30 11:00 <DIR> d-------- C:\Program Files\Spybot
2007-09-29 16:14 702,474 --------- C:\WINDOWS\system32\drivers\HIDR.EXE.VIR

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-16 19:17 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2007-10-16 07:23 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2007-10-07 15:37 --------- d-----w C:\Program Files\Symantec
2007-10-07 15:37 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
2007-09-30 17:43 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-09-29 21:17 --------- d-----w C:\Documents and Settings\sebloco\Application Data\Ahead
2007-09-28 21:53 --------- d-----w C:\Program Files\eMule
2007-09-16 13:02 55,992 ----a-w C:\Documents and Settings\sebloco\Application Data\GDIPFONTCACHEV1.DAT
2007-08-19 18:07 --------- d-----w C:\Program Files\QuickTime
2007-08-19 12:19 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-08-18 20:38 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\QuickTime
2006-08-19 15:14 13,670,785 ----a-w C:\Program Files\psgold_26_1777.exe
2002-07-18 06:01 357,692 ----a-w C:\Program Files\PENTAX USB DISK Device.msi
2002-07-18 06:01 1,039 ----a-w C:\Program Files\Setup.INI
2002-03-04 14:08 184,320 ----a-w C:\Program Files\setup.exe
2001-10-04 10:49 3,605 ----a-w C:\Program Files\[u]0[/u]x0409.ini
2001-09-26 15:56 1,707,856 ----a-w C:\Program Files\instmsia.exe
2001-08-27 13:13 1,821,008 ----a-w C:\Program Files\instmsiw.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdslTaskBar"="stmctrl.dll" [2005-02-11 09:38 C:\WINDOWS\system32\stmctrl.dll]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 09:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-09-23 12:41]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2005-11-23 17:33]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 22:31]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 22:32]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-03 22:32]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" []
"NBJ"="C:\Program Files\nero\Nero BackItUp\NBJ.exe" [2005-10-11 18:25]
"SpybotSD TeaTimer"="C:\Program Files\Spybot a\TeaTimer.exe" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Acrobat Assistant.lnk - C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe [2006-05-19 19:49:42]
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-05-19 19:46:02]
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-01-19 16:45:07]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 10:01:04]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

R2 BCMNTIO;BCMNTIO;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\BCMNTIO.sys
R2 MAPMEM;MAPMEM;\??\C:\PROGRA~1\CheckIt\DIAGNO~1\MAPMEM.sys
R3 P1130VID;Creative WebCam NX Pro;C:\WINDOWS\system32\DRIVERS\P1130Vid.sys
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys
S3 FXDRV;FXDRV;\??\D:\Fxdrv.sys

.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-16 22:02:09
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-10-16 22:03:19 - machine was rebooted
.
--- E O F ---


rapport de hijackthis du 16/10;
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:34, on 16/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/weather/5day.shtml?world=0008
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot a\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://express.foto.com/NewUploader/ImageUploader4.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.wisup.net/_plateforme/Upload/Aurigma/AurigmaActiveX/ImageUploader35.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP-1.0.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{87521A13-B41E-4DE7-825E-5B3B5F5A880C}: NameServer = 212.135.1.36 195.40.1.36
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
0
Réponse 6 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
17 oct. 2007 à 08:58
recherche et supprime si encore présents
pour cela affiche tes fichiers et dossiers cachés
Ouvrir un dossier, n'importe lequel. Aller dans :
Outils/Options des dossiers/Affichage et
- cocher "afficher les dossiers et fichiers cachés",
- décocher "masquer les extensions des fichiers dont le type est connu".
- décocher masquer les fichiers protégés du système d'exploitation (recommandé)"
"appliquer" et "ok

C:\Muestras
C:\WINDOWS\system32\WINTEMS.EXE.VIR
C:\WINDOWS\system32\drivers\HIDR.EXE.VIR
C:\Program Files\Fichiers communs\Yazzle1122OinUninstaller.exe
C:\Documents and Settings\sebloco\Application Data\m\flec006.exe


lance hijack this pour un scan et coche les lignes suivantes
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/weather/5day.shtml?world=0008sauf si c'est toi qui a mis cette page en démarrage
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
ferme tes applications y compris internet et clique sur fix checked

refais le scan en ligne avec panda pour vérification
faire un scan antivirus en ligne avec internet explorer et accepter l'activex
poster le rapport ici ensuite
http://pandasoftware.fr
0
Réponse 7 / 14
seb73
17 oct. 2007 à 23:12
bonsoir,

je viens de faire tout ce qui tu m'as conseille, et voila le rapport.

je suis arrive a installer spybot et a la faire tourner par contre tjs impossible de reinstaller norton car tjs ce probleme de fichier .exe manquant.

encore merci pour ton aide, ca progresse.

NALYSIS: 2007-10-17 22:07:27
PROTECTIONS: 0
MALWARE: 55
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00145807 Cookie/Linksynergy TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@linksynergy[1].txt
00154200 Adware/nCase Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000473.exe
00154200 Adware/nCase Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000300.exe
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000401.DLL
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000402.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000189.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000272.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001507.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000316.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000475.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000458.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001515.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001522.dll
00157556 Adware/Look2Me Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001491.dll
00160284 Cookie/Findwhat TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@findwhat[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\sebloco\Cookies\sebloco@xiti[1].txt
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000323.exe
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000321.exe
00170258 W32/Gaobot.FVK.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000290.exe
00170535 Cookie/GoClick TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@c.goclick[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@overture[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@zedo[2].txt
00186469 Cookie/Reliablestats TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@stats1.reliablestats[2].txt
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000329.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000326.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000328.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000331.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000327.bat
00203860 Trj/BAT.Zapchast Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000330.bat
00215524 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000034.exe
00215524 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe[whAgent.exe]
00215581 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000036.dll
00215581 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe[webhdll.dll]
00215582 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe[whSurvey.exe]
00215583 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000035.dll
00215583 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe[whiehlpr.dll]
00236675 Trj/Droppofonic.A Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000320.exe
00261977 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe[whInstaller.exe]
00261978 Adware/WebHancer Adware No 0 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe
00270220 W32/Parite.B Virus No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000325.exe
00270220 W32/Parite.B Virus No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000324.exe
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000196.exe
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[mediam.exe]
00270399 Trj/LowZones.RO Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000049.exe
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000050.exe
00272338 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000197.exe
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[my.exe]
00272338 Adware/Gimmy Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[my.exe]
00273493 Adware/PurityScan Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000406.EXE[â– ++\Yazzle1122OinAdmin.exe]
00273493 Adware/PurityScan Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000410.EXE[YazzleBundle-1122.exe][â– ++\Yazzle1122OinAdmin.exe]
00274748 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000033.exe
00274748 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000188.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000404.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000400.exe
00274875 Adware/Maxifiles Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000384.exe
00275094 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000336.exe
00275636 Bck/Sdbot.HFH Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000334.EXE
00275669 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000052.exe
00275669 Adware/Gimmy Adware No 0 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060386.exe
00276072 Adware/YazzleSudoku Adware No 0 Yes No C:\RECYCLER\S-1-5-21-790525478-1409082233-1801674531-1003\Dc1.exe
00276073 Adware/YazzleSudoku Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000410.EXE
00276331 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000031.dll
00276331 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000186.dll
00276708 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000337.exe
00276965 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000095.exe
00277055 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000405.exe
00277439 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000407.dll
00277600 Adware/PurityScan Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000408.exe
00278146 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whiehlpr.dll]
00278147 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whAgent.exe]
00278148 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[webhdll.dll]
00278149 Adware/WebHancer Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE[whInstaller.exe]
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe
00279701 Trj/Multidropper.BJD Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000460.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000412.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe[²ªÇ]
00279708 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000348.exe
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[■&&\Windows\WinUpdate.exe][²ªÇ]
00279708 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe[²ªÇ]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000048.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001484.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000295.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000201.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001530.exe
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001501.exe
00279710 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000468.exe
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[mc-110-12-0000336.exe]
00279710 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[mc-110-12-0000336.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000466.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001528.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000199.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001499.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000293.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000046.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001482.exe
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[ya.exe]
00279713 Trj/LowZones.SG Virus/Trojan No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[ya.exe]
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001483.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001529.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000467.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000294.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001500.exe
00279714 Adware/ISearch Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe[drsmartload195a.exe]
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000047.exe
00279714 Adware/ISearch Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000200.exe
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE
00280194 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe
00280195 Adware/NewAds Adware No 0 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[â– &&\Windows\WinUpdate.exe]
00281551 Adware/NewAds Adware No 0 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[â– &&\Windows\WinUpdate.exe]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe[²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE[■&&\Windows\WinUpdate.exe][²ÜÇ\nsProcess.dll]
00285243 Adware/Maxifiles Adware No 1 No No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe[²ÜÇ\nsProcess.dll]
00521528 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\LocalService\Cookies\system@www.winantiviruspro[2].txt
00606703 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000032.dll
00606703 Spyware/SurfSideKick Spyware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000187.dll
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\sebloco\Desktop\ComboFix.exe[nircmd.cfexe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\Documents and Settings\sebloco\Desktop\ComboFix.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057471.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059043.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059036.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057061.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0058961.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057081.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059062.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP422\A0057374.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP433\A0059076.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057431.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058930.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057017.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP429\A0058917.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059096.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056967.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059109.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP435\A0059122.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP428\A0058898.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP427\A0058885.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058867.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060325.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059142.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059148.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058858.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058844.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0058470.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP437\A0059171.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057042.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056917.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060171.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060181.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058811.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058778.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058516.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058500.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060253.sys
02382262 W32/Bagle.KV.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056647.sys
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060340.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060345.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059056.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060347.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060326.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059101.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058924.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060338.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060329.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059089.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059067.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058938.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060336.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060333.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060334.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0058963.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060344.exe
02398410 W32/Bagle.OZ.worm Virus/Worm No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059046.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000296.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000051.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001502.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001531.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000202.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001485.exe
02424310 Adware/DollarRevenue Adware No 1 Yes No C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000469.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060323.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060254.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\Muestras\WINTEMS.EXE.Muestra EliBagle v10.60
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060339.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060327.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060341.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060328.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060342.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060343.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP437\A0059196.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059158.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060337.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060346.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP435\A0059124.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060331.exe
02523551 Bck/Mitglieder.QC Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060335.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 8 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
17 oct. 2007 à 23:31
c'est quasiment tout propre, tout ou presque est dans ta restauration système...
supprime Combofix
C:\Documents and Settings\sebloco\Desktop\ComboFix.exe
supprime elibagla
supprime ces dossiers
C:\Muestras
C:\WINDOWS\NirCmd.exe

Étape 1:
Télécharge eScan Antivirus Toolkit ici. Sauvegarde-le sur ton Bureau.

http://www.spywareinfo.dk/download/mwav.exe

Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué à l'étape 2.

Étape 2:
Voici comment mettre l'outil à jour :

1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau ; dézippe les fichiers dans le nouveau dossier suggéré (C:\Kaspersky). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").

2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky ; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.

3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue" ; tape sur une clé pour continuer. Deux nouveaux répertoires (dossiers) ont été créés lors de la mise à jour (C:\Bases et C:\Downloads).

4.) Sélectionne/copie tous les fichiers présents dans le dossier C:\Downloads, puis colle-les dans le dossier C:\Kaspersky. Accepte à l'invite de remplacer les fichiers existants.

Ne pas lancer le scan tout de suite !

Étape 3:
Redémarre en mode Sans Échec : si tu n'y arrives pas de cette façon, tu n'essaies pas autrement et tu arrêtes la manip pour me le dire
copie ou imprime car tu n'auras pas internet

1) Redémarre ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisi la première option : Sans Échec, et valide avec "Entrée"
5) Choisi ton compte régulier, et non Administrateur


Étape 4:
Du mode Sans Échec, voici comment utiliser le programme :

1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky

2.) Double-clique sur mwavscan.com ; l'interface d'eScan va apparaître à l'écran.

3.) Il est très important de bien cocher ces boîtes sous Scan Option : Memory, Registry, Startup Folders, System Folders, Services.

4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous ; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.

5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.

6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !

7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.

Ferme le programme. Redémarre ton PC en mode Normal. Poste (copie/colle) le rapport que tu as sauvegardé dans ta prochaine réponse.

à demain pour la suite

0
Réponse 9 / 14
seb73
18 oct. 2007 à 22:22
bonsoir,

et voila encore un rapport. bon courage et merci.
File C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy\Recovery\VcodeceMedia.zip infected by "Password-protected-EXE" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP418\A0055603.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP418\A0056603.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056646.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056671.exe infected by "Trojan.Win32.Scapur.k" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056672.exe infected by "Trojan-Clicker.Win32.VB.ly" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056673.exe tagged as not-a-virus:AdWare.Win32.AdURL.c. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056674.exe infected by "Trojan-Downloader.Win32.Adload.bo" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056675.exe infected by "Trojan-Downloader.Win32.VB.ada" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056676.exe infected by "Trojan-Downloader.Win32.Small.buy" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056677.dll infected by "not-virus:Hoax.Win32.Renos.ex" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056678.exe infected by "Trojan-Downloader.Win32.VB.adb" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056680.exe infected by "Trojan-Downloader.Win32.TSUpdate.p" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056681.exe infected by "Trojan-Downloader.Win32.TSUpdate.n" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056682.exe tagged as not-a-virus:AdWare.Win32.PurityScan.ek. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056683.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056684.exe infected by "Backdoor.Win32.Bifrose.aap" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056685.exe infected by "P2P-Worm.Win32.Kapucen.ac" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056686.exe infected by "Trojan-Downloader.Win32.Adload.bo" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056687.exe infected by "Trojan-Downloader.Win32.TSUpdate.o" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056688.exe infected by "Trojan-Downloader.Win32.TSUpdate.l" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056689.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056690.exe infected by "Trojan-Dropper.Win32.Small.qn" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056691.exe tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056692.exe infected by "Trojan-Clicker.Win32.VB.ly" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056693.exe tagged as not-a-virus:AdWare.Win32.CommAd.a. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056694.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056695.exe infected by "Trojan-Downloader.Win32.VB.ada" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056696.exe infected by "Trojan-Downloader.Win32.VB.adb" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056697.exe infected by "Trojan-Downloader.Win32.TSUpdate.f" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056916.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP419\A0056966.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057016.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057041.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057060.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP420\A0057080.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP421\A0057102.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP422\A0057373.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057430.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0057470.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP423\A0058469.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058499.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058515.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058777.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058810.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP425\A0058843.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058857.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP426\A0058866.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP427\A0058884.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP428\A0058897.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP429\A0058916.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP430\A0058929.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0058960.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059035.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP431\A0059042.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP432\A0059061.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP433\A0059075.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059095.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP434\A0059108.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP435\A0059121.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059141.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP436\A0059147.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP437\A0059170.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060170.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060180.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP438\A0060252.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060324.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP439\A0060349.exe infected by "Trojan-Downloader.Win32.Bagle.ea" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060386.exe tagged as not-a-virus:AdWare.Win32.180Solutions.ak. No Action Taken.
File C:\System Volume Information\_restore{7384BE36-E286-47CD-93B8-C6194D9D924B}\RP440\A0060387.exe tagged as not-a-virus:AdWare.Win32.WebHancer.351. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000031.dll tagged as not-a-virus:AdWare.Win32.SurfSide.at. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000032.dll tagged as not-a-virus:AdWare.Win32.SurfSide.at. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000033.exe tagged as not-a-virus:AdWare.Win32.SurfSide.ao. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000034.exe tagged as not-a-virus:AdWare.Win32.WebHancer.351. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000035.dll tagged as not-a-virus:AdWare.Win32.WebHancer.381. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000036.dll tagged as not-a-virus:AdWare.Win32.WebHancer.381. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000044.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000046.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000047.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000048.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000049.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000050.exe infected by "Trojan-Downloader.Win32.VB.abs" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000051.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000052.exe tagged as not-a-virus:AdWare.Win32.180Solutions.ak. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP3\A0000053.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000095.exe infected by "Trojan-Downloader.Win32.PurityScan.cl" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000186.dll tagged as not-a-virus:AdWare.Win32.SurfSide.at. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000187.dll tagged as not-a-virus:AdWare.Win32.SurfSide.at. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000188.exe tagged as not-a-virus:AdWare.Win32.SurfSide.ao. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000189.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000195.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000196.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000197.exe infected by "Trojan-Downloader.Win32.VB.abs" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000199.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000200.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000201.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000202.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP4\A0000203.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000272.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000290.exe infected by "Trojan-Dropper.Win32.Agent.ye" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000291.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000293.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000294.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000295.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000296.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000297.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000300.exe tagged as not-a-virus:AdWare.Win32.AdURL.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000316.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000320.exe infected by "Trojan-Dropper.Win32.Paradrop.a" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000321.exe infected by "Trojan-Dropper.Win32.Agent.ye" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000323.exe infected by "Trojan-Dropper.Win32.Agent.ye" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000324.exe infected by "Backdoor.Win32.PoeBot.c" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000325.exe infected by "Backdoor.Win32.PoeBot.c" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000326.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000327.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000328.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000329.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000330.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000331.bat infected by "Trojan.BAT.Regger.b" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000334.EXE infected by "Backdoor.Win32.SdBot.xd" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000335.EXE tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000336.exe infected by "Trojan-Downloader.Win32.PurityScan.bv" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000337.exe infected by "Trojan-Downloader.Win32.PurityScan.cl" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000339.EXE tagged as not-a-virus:AdWare.Win32.WebHancer.390. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000347.EXE tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000348.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000383.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000384.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000399.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000400.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000401.DLL tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000402.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000403.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000404.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000405.exe tagged as not-a-virus:AdWare.Win32.SurfSide.at. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000406.EXE infected by "Trojan.Win32.Scapur.k" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000407.dll tagged as not-a-virus:AdWare.Win32.PurityScan.ak. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000408.exe tagged as not-a-virus:AdWare.Win32.PurityScan.ek. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000410.EXE infected by "Trojan.Win32.Scapur.k" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000411.EXE tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000412.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000458.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000459.EXE tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000460.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000464.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000466.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000467.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000468.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000469.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000470.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000473.exe tagged as not-a-virus:AdWare.Win32.AdURL.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0000475.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001480.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001482.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001483.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001484.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001485.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001486.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001491.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001497.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001499.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001500.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001501.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001502.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001503.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001507.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001515.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001522.dll tagged as not-a-virus:AdWare.Win32.Look2Me.ab. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001526.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001528.exe infected by "Trojan.Win32.LowZones.cr" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001529.exe infected by "Trojan-Downloader.Win32.Adload.bm" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001530.exe infected by "Trojan-Downloader.NSIS.Agent.u" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001531.exe tagged as not-a-virus:AdWare.Win32.SmartLoad.c. No Action Taken.
File C:\System Volume Information\_restore{EEFBBAB7-D215-434B-8EB5-799741531266}\RP6\A0001532.exe tagged as not-a-virus:AdWare.Win32.Agent.y. No Action Taken.
0
Réponse 10 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
19 oct. 2007 à 10:55
DES SOUCIS ENCORE ?
Maintenant il te reste ceci à effectuer

1/
Supprime tous les outils utilisés:
HijackThis, qui sont spécifiques pour des infections et ne te serviront plus!
Supprime aussi tous les rapports obtenus!

Tu peux néanmoins conserver Ccleaner et AVG antispyware, mis à jour régulièrement, ils te serviront, l'un, Ccleaner, pour le nettoyage quotidien de ton PC, l'autre, AVG Antispyware, pour la recherche d'éventuelles infections...

2/
Restauration système
Désactive ta restauration
Clique droit sur poste de travail/propriétés/coche la case désactiver la restauration, appliquer, OK
Redémarre ton PC
Réactive ta restauration
Clique droit sur poste de travail/propriétés/décoche la case désactiver la restauration, appliquer, OK
Redémarre ton PC

3/
Nettoyage et Défragmentation de tes Disques
Nettoyage
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Général"
Clique sur le bouton "nettoyage de disque", OK
tu le fais pour chacun de tes disques

Vérifications des erreurs
Clic droit sur "poste de travail" ==>"ouvrir" ==>clic droit sur le disque C ==>Propriétés ==>onglet "Outil"
"Vérifier maintenant", une boîte s'ouvre, cocher les cases
réparer automatiquement les erreurs...
rechercher et tenter une récupération...
Démarrer, ok
tu le fais pour chacun de tes disques

ensuite toujours dans le même onglet tu choisis
Défragmentation
"défragmenter maintenant", OK
une boîte s'ouvre, tu sélectionnes le disque à défragmenter, et tu cliques sur "analyser", puis après l'analyse, "défragmenter" . OK
tu le fais pour chacun de tes disques

==>

Tu as été infecté, et je pense qu'au travers des différentes manoeuvres données, tu as compris que tu étais mal protégé...

Je te conseille donc de lire attentivement ce qui suit et de suivre les conseils prodigués

==>

Tu trouveras sur ce lien les différentes mises à jour de sécurité à effectuer, suivant les logiciels que tu possèdes.
https://forum.pcastuces.com/sujet.asp?f=25&s=25842

==>

La protection de ton Pc

La sécurité c'est très important mais ne remplace pas l'internaute, un surf prudent en évitant le crack, les sites "chauds", permet déjà d'éviter bien des soucis, le P2P lui aussi est source d'infections...
Outre la parfaite mise à jour du système d'exploitation, désormais, pour surfer tranquillement et sans soucis sur "le Net", il faut se protéger au maximum!
Pour cela il faut :

1. en résident : Il est résident sur ton PC, c'est à dire qu'il fonctionne dès la mise en route de ton Système.
/- un bon antivirus, gratuit ou payant, mis régulièrement à jour, qui te protège en temps réel!
/- un pare feu autre que celui fourni par Windows, comme Zone Alarm ou Kerio qui te protège aussi en temps réel!
/- un anti spyware efficace, type Spybot Search and Destroy, avec sa protection résidente, Tea Timer, activée!!
Tu scannes ton PC toutes les semaines environ avec, après l'avoir mis à jour, et tu as aussi sa protection en temps réel qui te protège.

2. pour scanner régulièrement ton PC
/- un anti trojan efficace, comme AVG antispyware .A la fin d'une période d'essai du logiciel, il est proposé une version payante que tu n'es pas obligé d'acheter. Il perd alors sa fonction "résident" et tu dois faire les mises à jour manuellement. Il reste néanmoins très utile pour scanner régulièrement ton PC et le nettoyer d'éventuelles infections.

3. un logiciel comme Spyware Blaster qui empêche l'installation d'ActiveX nuisibles.
Il faut régulièrement le mettre à jour pour inscrire les ActiveX dangereux dans sa base de données, et ainsi être protégé contre eux, puisque son rôle est d'empêcher leur installation.

4. un bon navigateur tel Firefox ou Opera pour remplacer IE, que tu ne conserves que pour effectuer les mises à jour de Windows!

Tu trouveras dans ce tuto, "Sécuriser son PC de Philae", de quoi satisfaire tous tes désirs en matière de logiciels gratuits et performants
https://forum.pcastuces.com/default.asp

dans celui-ci, tesgaz t'explique les risques du P2P
https://forum.zebulon.fr/topic/85544-pr%C3%A9vention-le-p2p-et-ses-cons%C3%A9quences/

dans celui-là, les risques du crack
https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/

Nous voulons aider avec de plus en plus d'efficacité et lutter contre les malwares pour qu'enfin tout le monde puisse surfer tranquille !
Avec un peu de prévention, il est possible d'être à l'abri des menaces !
S'il te plaît, fais passer le mot autour de toi !
S'il te plaît, s'il y a des internautes infectés autour de toi, envoie les nous sur ce forum !
Une bonne protection permet d'être à abri ! L'ennuyeux est que la protection vaut ce que vaut le maillon le plus faible et donc, il ne faut rien oublier!

==>

Dénonce ton infection pour faire condamner les auteurs.

Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection :
- Voir les règles du forum : https://malwarecomplaints.info/
- Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

Tu as alors, sous forme de liste, un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).

*** Ton infection :TU AS LE CHOIX DANS LA LISTE DE kASPERSKY

>> https://malwarecomplaints.info/

Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections, conforme au règle du forum (âge, ville, département etc..)

bonne continuation

0
Réponse 11 / 14
seb73
20 oct. 2007 à 16:03
Bonjour,
j'ai l'impression que ca marche, j'ai pu installer un antivirus et apres la mise a jour il ne trouve plus rien.
il ne me reste que a ajouter le firewall.
merci beaucoup pour ton aide. Sans toi je serais certainement encore en train de m'enerver sur mon ordi.
BRAVO et merci
0
Réponse 12 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
20 oct. 2007 à 17:10
de rien, je suis contente pour toi que tout fonctionne à nouveau correctement
0
Réponse 13 / 14
seb73
20 oct. 2007 à 17:27
Bonjour,
encore une petite question.
je viens de telecharger firefox.
j'utilise le logiciel windows live messenger et qd tu ouvres ce logiciel tu as la possibilite de directement voir si tu as de emails et ca te les ouvres forcement ds internet explorer. est ce qu'il y a possibilite de configurer ca pour que ca ouvre plutot firefox?
merci
0
Réponse 14 / 14
chrifleur Messages postés 1091 Date d'inscription samedi 29 septembre 2007 Statut Contributeur Dernière intervention 19 novembre 2008 18
20 oct. 2007 à 17:43
il suffit de dire que firefox est ton navigateur par défaut...
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
1fichier.com et bloqueur de pub
anthea1309 -
Patoche12 -

60 réponses
Accés au cloud
Dadou1968 -
loisou17 -

3 réponses