virusWin32/Ursnif

Question

Bonjour,
    je viens de m'apercevoir que j'ai un virus Win32/Ursnif 
Trojan-Downloader.Win32.Bagle.cu 
W32.Beagle.GM 
Troj/BagleDl-DB 
Troj/Bagle-TH 

Je suis nul en informatique,je n'arrive meme pas à installer Windows OneCare, si une personne peux m'aider merci d'avance

jlpjlp · Answer

slt



    * Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
    * Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
    * Double-cliquez dessus pour l'ouvrir
    * Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
    * Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
    * Cliquez sur le bouton Explorar pour lancer l'analyse (colle le rapport)


___________________

telechagre et scan avec fx bagle:

https://www.broadcom.com/support/security-center

__________________

 colle le rapport d'un scan en ligne 
avec un des suivants: 


bitdefender en ligne : 
http://www.bitdefender.fr/scan_fr/scan8/ie.html 

Panda en ligne : 
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

___________________


colle un rapport hijackthis  et dis tes soucis actuels
 

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo. 

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste 

Ensuite avec Explorer créer un dossier c:\hijackthis 
Décompresser Hijackthis dans ce dossier. 
C'est important pour les sauvegardes."

didou · Answer

comment colle?
Voici ce qui est ecrit
HPSYSDRV.EXE-> Bagle.dldr
MDELK.EXE-> Bagle
Que faire? Merci

raleuboleu · Answer

alu

oups jlpjlp je m'incruste sur 2 de tes topics sorry  c'est juste pour vous faire gagner du temps entre 2

lorsque tu analyse avec hijack a la fin il ouvre seul 1 bloc note ! tu fais ctrol +c (copier) et sur le forum tu fais la manip ctrol+v (coller) 

voilà oups je me sauve ^^

bonne suite a vous

didou · Answer

Si j'achete un anti virus, ca serait pas plus simple mais lequel car j'avais Windows Onecare, et il n'a rien vu arrivé, et au faite j'ai choppé ça comment si c'est possible à savoir,merci,car pour le moment ca scanne et il y a encore pour 2 heures

^^Marie^^ · Answer

Slt

Si j'achete un anti virus,
Un Pro disait, et il a raison,,,,,, 

"""""""""""""""ce n'est pas parce que tu payes le sexe que tu passeras du bon temps"""""""
A toi de voir

A++

raleuboleu · Answer

nan tu as pas besoin de payer le top du top sachant qu'il ne sera pas sur a 100% alors pour le moment contente toi des free

bizz

didou · Answer

Je comprends bien, mais ca se fait tard,j'aimerai bien me coucher, c'est excellent ce que vous faite,je tirs mon chapeau, mais si j'avais un autre moyen pour enlever ce sacré Virus,merci

jlpjlp · Answer

slt
fais ce que j'ai mis en 1 et colle les rapports



tant qu'a payer achete un bon antivirus: G DATA ou KASPERSKY ou BITDEFENDER mais pas windows live one care qui est actuellement le plus mauvais...


a bientot a tous

didou · Answer

HPSYSDRV.EXE-> Bagle.dldr

raleuboleu · Answer

alors suis les recommandations de jlpx2!! prend ton temps et laisse le sien ! faire les choses peu a peu aide a comprendre bien des choses sur son propre ordi !!!

jvous dis bone suite cette fois jv me taire !!!vi je peux^^

kiss

jlpjlp · Answer

colles tous les rapports entier

a plus

didou · Answer

hier
ca fonctionner, mais aujourd'hui, voici ce que ca me marque , je ne peux rien faire
W32.Beagle@mm/Trojan.Tooso FixTool   1.13.0

You do not have Administrator rights to run the tool.
Please contact your Network Administrator for more information.

didou · Answer

comment copier completement le rapport ctrl + ?

didou · Answer

j'ai laissé cette nuit l'odinateur pour qu'il scanne, mais malheureusement j'avais un ecran bleu, avec des chiffres, je sais que ce n'est pas bon, mais je l'ai éteind avec le bouton pour pouvoir le ralumer

didou · Answer

Fri Feb 08 21:24:21 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:24:57 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:29:08 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\hp\support\HPSYSDRV.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios:   13053
Nº Total de Ficheros:      106140
Nº de Ficheros Analizados: 13328
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados:  1

	  Fri Feb 08 22:54:58 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 22:55:16 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13055
Nº Total de Ficheros:      107006
Nº de Ficheros Analizados: 13338
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 07:55:55 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

didou · Answer

mais je ne pas aller là 
https://www.broadcom.com/support/security-center 
---------------------------


---------------------------
---------------------------

jlpjlp · Answer

fais DEMARRER puis EXECUTER et tape   mrt  puis  clique sur ok et suis la procedure

___________

  essaye de refaire elibaga en mode sans echec car il ne les a pas tous supprimés (Acceso Denegado.)


__________



télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\WINDOWS\SYSTEM32\WINTEMS.EXE 
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT 
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS 
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE 

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 



____________
colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

___________________


colle un rapport hijackthis et dis tes soucis actuels


http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."

didou · Answer

Merci jlpjlp,
pour le moment bitdefender scanne et le logiciel malveillants cherche aussi

didou · Answer

J'ai rallumer l'ordi et c'est elibag qui c'est mis en route et voici le rapport


  Fri Feb 08 21:24:21 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:24:57 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:29:08 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\hp\support\HPSYSDRV.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios:   13053
Nº Total de Ficheros:      106140
Nº de Ficheros Analizados: 13328
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados:  1

	  Fri Feb 08 22:54:58 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 22:55:16 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13055
Nº Total de Ficheros:      107006
Nº de Ficheros Analizados: 13338
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 07:55:55 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 09:14:03 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 09:14:19 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13059
Nº Total de Ficheros:      105148
Nº de Ficheros Analizados: 13312
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 10:01:06 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 10:01:44 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13063
Nº Total de Ficheros:      105231
Nº de Ficheros Analizados: 13312
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

didou · Answer

le logiciel malveillant nece pausqu'au bout,il s'arrete au milieu,je ne sais plus quoi faire?

didou · Answer

File move failed. C:\WINDOWS\SYSTEM32\WINTEMS.EXE scheduled to be moved on reboot.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT moved successfully.
File move failed. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE scheduled to be moved on reboot.
 
OTMoveIt2 v1.0.19 log created on 02092008_104703

Et je comprends pas, car lorsque je rallume l'ordi,j'ai toujours Elibag qui se mets en route,avant le bureau et lorque le bureau s'ouvre j'ai la fenetre SELECT FILE TO CRACK qui s'ouvre, c'est de pire en pire. Merci

jlpjlp · Answer

colle un rapport hijackthis et dis tes soucis actuels


http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html

Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."

_______________



cette fois fais en mode sans echec surtout:  http://service1.symantec.com/support/inter/tsgeninfointl.nsf/fr_docid/20020905112131924


 DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure

___________

essaye de refaire elibaga en mode sans echec car il ne les a pas tous supprimés (Acceso Denegado.)

__________
en mode sans echec : stinger

http://download.nai.com/products/mcafee-avert/stng380.exe
__________




télécharges et installes :

kill box
https://www.bleepingcomputer.com/download/linux/


aide kill box
http://perso.wanadoo.fr/jesses/Docs/Logiciels/KillBox.htm


- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

- Double-clic sur fix.reg

Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le dossier jaune à droite et sélectionne les fichiers :



C:\WINDOWS\SYSTEM32\WINTEMS.EXE
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE

- Clique sur la croix rouge et et blanche
- Répond yes et laisse redémarrer ton pc.
N'hésite pas à consulter l'Aide killbox

____________
colle le rapport d'un scan en ligne
avec un des suivants:


bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html

Panda en ligne :
http://pandasoftware.fr

secuser en ligne :
http://www.secuser.com/outils/antivirus.htm

___________________

didou · Answer

Virus identifiés
 2
 
Fichiers infectés
 4
 
Fichiers suspects
 0
 
Avertissements
 0
 
Désinfectés
 0
 
Fichiers effacés
 2
 
  
  
 
Info sur les moteurs
 
Définition virus
 896232
 
Version des moteurs
 AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
 
Analyse des plugins
 14
 
Archive des plugins
 38
 
Unpack des plugins
 6
 
E-mail plugins
 6
 
Système plugins
 1
 
  
  
 
Paramètres d'analyse
 
Première action
 Désinfecté
 
Seconde Action
 Supprimé
 
Heuristique
 Oui
 
Acceptez les avertissements
 Oui
 
Extensions analysées
 *;
 
Excludez les extensions
  
 
Analyse d'emails
 Oui
 
Analyse des Archives
 Oui
 
Analyser paquets programmes
 Oui
 
Analyse des fichiers
 Oui
 
Analyse de boot
 Oui
 
  
  
 
  Fichier analysé
  Statut
 
C:\hp\KBD\KbdStub.exe
 Infecté par: Trojan.Downloader.Bagle.FD
 
C:\hp\KBD\KbdStub.exe
 Supprimé
 
C:\hp\support\hpsysdrv.exe
 Infecté par: Trojan.Downloader.Bagle.FD
 
C:\hp\support\hpsysdrv.exe
 Echec de la désinfection
 
C:\hp\support\hpsysdrv.exe
 Echec de la suppression
 
C:\Users\David\AppData\Local\VirtualStore\Windows\System32\FactoryMode
 Infecté par: Trojan.Downloader.Bagle.FD
 
C:\Users\David\AppData\Local\VirtualStore\Windows\System32\FactoryMode
 Supprimé
 
C:\Windows\System32\mdelk.exe
 Infecté par: Win32.Bagle.SUQ@mm
 
C:\Windows\System32\mdelk.exe
 Echec de la désinfection
 
C:\Windows\System32\mdelk.exe
 Echec de la suppression
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 6)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 7)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2BDB882D5EF14DA6985BB7714DB320DD=>(JAVASCRIPT 8)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2EC244A039F24FA39A8BDC4A6167CDC5
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2EC244A039F24FA39A8BDC4A6167CDC5=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2EC244A039F24FA39A8BDC4A6167CDC5=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0D1928CFEC9E4006857651B324475E6A
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0D1928CFEC9E4006857651B324475E6A=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0D1928CFEC9E4006857651B324475E6A=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0D1928CFEC9E4006857651B324475E6A=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0D1928CFEC9E4006857651B324475E6A=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9855B702655144FD890F6E64E6814AB0
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9855B702655144FD890F6E64E6814AB0=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9855B702655144FD890F6E64E6814AB0=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_8F76ADA71AD64D35B209C0E9E68D99C1
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_8F76ADA71AD64D35B209C0E9E68D99C1=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_8F76ADA71AD64D35B209C0E9E68D99C1=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_C3A86C5D41A7496EA2DC67C3B18FDAC7
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_C3A86C5D41A7496EA2DC67C3B18FDAC7=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_C3A86C5D41A7496EA2DC67C3B18FDAC7=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAE92D97C8674BC3B40D67A34D6EA673
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAE92D97C8674BC3B40D67A34D6EA673=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAE92D97C8674BC3B40D67A34D6EA673=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_266C475A87F64A3C9C6BCCB8B168CA01
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_266C475A87F64A3C9C6BCCB8B168CA01=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_266C475A87F64A3C9C6BCCB8B168CA01=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_266C475A87F64A3C9C6BCCB8B168CA01=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_266C475A87F64A3C9C6BCCB8B168CA01=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D43F1E7F633946D0B3E448CC4902FB94
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D43F1E7F633946D0B3E448CC4902FB94=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D43F1E7F633946D0B3E448CC4902FB94=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 6)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CC4ECBF946744FFA9867A2CE190112F8=>(JAVASCRIPT 7)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4B4550DA745B4A4D8C0CD7582888E9FD
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4B4550DA745B4A4D8C0CD7582888E9FD=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4B4550DA745B4A4D8C0CD7582888E9FD=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4055A8961D884777A6E09991A01743FF
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4055A8961D884777A6E09991A01743FF=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4055A8961D884777A6E09991A01743FF=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_740EAA6A058C439A853302D77D7F9BD6
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_740EAA6A058C439A853302D77D7F9BD6=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_740EAA6A058C439A853302D77D7F9BD6=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_740EAA6A058C439A853302D77D7F9BD6=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_740EAA6A058C439A853302D77D7F9BD6=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7282C26F72224AA290B58105F37ED261
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7282C26F72224AA290B58105F37ED261=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7282C26F72224AA290B58105F37ED261=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4674649DEC3F4B1EB98A52DDD1EA999E
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4674649DEC3F4B1EB98A52DDD1EA999E=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4674649DEC3F4B1EB98A52DDD1EA999E=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4674649DEC3F4B1EB98A52DDD1EA999E=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4674649DEC3F4B1EB98A52DDD1EA999E=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_101A6C7E002947B3B7B883B4D74666A3
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_101A6C7E002947B3B7B883B4D74666A3=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_101A6C7E002947B3B7B883B4D74666A3=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1947B70FBAB24F69844DFB826DF0605F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1947B70FBAB24F69844DFB826DF0605F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1947B70FBAB24F69844DFB826DF0605F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BA0F57B68D7F4052B96EBB8B008E85FC
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BA0F57B68D7F4052B96EBB8B008E85FC=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BA0F57B68D7F4052B96EBB8B008E85FC=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0CEDD61B554C3492A549839B86254E
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0CEDD61B554C3492A549839B86254E=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0CEDD61B554C3492A549839B86254E=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0B729FA60B0D448E99905C19C84AC50F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0B729FA60B0D448E99905C19C84AC50F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0B729FA60B0D448E99905C19C84AC50F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BAD726C7F71A4CEF90B8CA61EB218850
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BAD726C7F71A4CEF90B8CA61EB218850=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BAD726C7F71A4CEF90B8CA61EB218850=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_78BE53E793E04424B44FD75C70BE5A24
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_78BE53E793E04424B44FD75C70BE5A24=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_78BE53E793E04424B44FD75C70BE5A24=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B52820F262874A3DABCF3E5D6A23564B
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B52820F262874A3DABCF3E5D6A23564B=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B52820F262874A3DABCF3E5D6A23564B=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BBC63C5A387648068EFE48DBC89EFB08
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BBC63C5A387648068EFE48DBC89EFB08=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_BBC63C5A387648068EFE48DBC89EFB08=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B55795490CD345F68046731DDF8D9D78
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B55795490CD345F68046731DDF8D9D78=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B55795490CD345F68046731DDF8D9D78=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAEDEE31B1B24C9D9AF8845A1853685C
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAEDEE31B1B24C9D9AF8845A1853685C=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FAEDEE31B1B24C9D9AF8845A1853685C=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_908D760520D54E2A96F3E037F82AF432
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_908D760520D54E2A96F3E037F82AF432=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_908D760520D54E2A96F3E037F82AF432=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_869FB7E5B1064E7C9A01DCC244D36383
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_869FB7E5B1064E7C9A01DCC244D36383=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_869FB7E5B1064E7C9A01DCC244D36383=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DC111D42DCF745E5AB4EBEC0EF0A6284
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DC111D42DCF745E5AB4EBEC0EF0A6284=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DC111D42DCF745E5AB4EBEC0EF0A6284=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0F01F7C7910D49DB9FD3B969F9F26295
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0F01F7C7910D49DB9FD3B969F9F26295=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0F01F7C7910D49DB9FD3B969F9F26295=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_152A918E63EF424A99BA94CC10980282
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_152A918E63EF424A99BA94CC10980282=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_152A918E63EF424A99BA94CC10980282=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_3EB9F5C564B74A7CB7D57B0A2941DDFB
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_3EB9F5C564B74A7CB7D57B0A2941DDFB=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_3EB9F5C564B74A7CB7D57B0A2941DDFB=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_A89DFBA894854BAD9F55D561858B26B7
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_A89DFBA894854BAD9F55D561858B26B7=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_A89DFBA894854BAD9F55D561858B26B7=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 6)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_62AE4097F4E1475C87AC0FDE2E613E50=>(JAVASCRIPT 7)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_E8AE002223754DCC89263D0DCC9D1087
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_E8AE002223754DCC89263D0DCC9D1087=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_E8AE002223754DCC89263D0DCC9D1087=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_67D3537931024EC3A323042300C2287C
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_67D3537931024EC3A323042300C2287C=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_67D3537931024EC3A323042300C2287C=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1FFF08A34CD340A9B60E7AD639E0A131
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1FFF08A34CD340A9B60E7AD639E0A131=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1FFF08A34CD340A9B60E7AD639E0A131=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DEE5AFFB70974E05847D11A78DFEA793
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DEE5AFFB70974E05847D11A78DFEA793=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DEE5AFFB70974E05847D11A78DFEA793=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_19E8BFCC807948CAB59B4E981CC3FCBD
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_19E8BFCC807948CAB59B4E981CC3FCBD=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_19E8BFCC807948CAB59B4E981CC3FCBD=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B41CE08A7C47412BB4B910C8D1E12CA4
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B41CE08A7C47412BB4B910C8D1E12CA4=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B41CE08A7C47412BB4B910C8D1E12CA4=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_55006213997043F99DEE0761FA3E605A
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_55006213997043F99DEE0761FA3E605A=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_55006213997043F99DEE0761FA3E605A=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_792B2C4E0D784C51881AF4309E61CA55
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_792B2C4E0D784C51881AF4309E61CA55=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_792B2C4E0D784C51881AF4309E61CA55=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_76E0CAC0B7784B1EBA8E1AAD13E20AB4
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_76E0CAC0B7784B1EBA8E1AAD13E20AB4=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_76E0CAC0B7784B1EBA8E1AAD13E20AB4=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FDCD9369845A4033B105CADCC08B69F9
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FDCD9369845A4033B105CADCC08B69F9=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FDCD9369845A4033B105CADCC08B69F9=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_FDCD9369845A4033B105CADCC08B69F9=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_F4C69AB3F1B54CA6B31D859E8963023F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_F4C69AB3F1B54CA6B31D859E8963023F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_F4C69AB3F1B54CA6B31D859E8963023F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4D47905F9A7643D2A57B667AC3C27345
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4D47905F9A7643D2A57B667AC3C27345=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_4D47905F9A7643D2A57B667AC3C27345=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0582C145E542318CB72AF53416C1E1
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0582C145E542318CB72AF53416C1E1=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_7F0582C145E542318CB72AF53416C1E1=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B32C8C42B20041D1A8667D584CFE0F2B
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B32C8C42B20041D1A8667D584CFE0F2B=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B32C8C42B20041D1A8667D584CFE0F2B=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B4AAC88DF3614619A4B5F2A396AA288F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B4AAC88DF3614619A4B5F2A396AA288F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B4AAC88DF3614619A4B5F2A396AA288F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0CE64EF2A6A344688CE41F508078F5E9
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0CE64EF2A6A344688CE41F508078F5E9=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0CE64EF2A6A344688CE41F508078F5E9=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CE07D99A7F0B4622BD5A366667CBDD51
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CE07D99A7F0B4622BD5A366667CBDD51=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_CE07D99A7F0B4622BD5A366667CBDD51=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1346C195648D4B1EA07C7F4832D97F25
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1346C195648D4B1EA07C7F4832D97F25=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_1346C195648D4B1EA07C7F4832D97F25=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2C997A2B1B304FD8834B81988EC2E468
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2C997A2B1B304FD8834B81988EC2E468=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_2C997A2B1B304FD8834B81988EC2E468=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_05E9FB4248A545E883433EB9BED58617
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_05E9FB4248A545E883433EB9BED58617=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_05E9FB4248A545E883433EB9BED58617=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5F852A1175654EC3BB6489865D4CCAE5
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5F852A1175654EC3BB6489865D4CCAE5=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5F852A1175654EC3BB6489865D4CCAE5=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DDAAF697CE59456EA288E223E9EB727F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DDAAF697CE59456EA288E223E9EB727F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DDAAF697CE59456EA288E223E9EB727F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_DDAAF697CE59456EA288E223E9EB727F=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_6A6F1BC87CA3451992E3A408121F906E
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_6A6F1BC87CA3451992E3A408121F906E=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_6A6F1BC87CA3451992E3A408121F906E=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F=>(JAVASCRIPT 4)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F=>(JAVASCRIPT 5)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_5DF0974393D8488AA82FF15ABF89E46F=>(JAVASCRIPT 6)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D74BF11E12F749E38CB613254DC69CEB
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D74BF11E12F749E38CB613254DC69CEB=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_D74BF11E12F749E38CB613254DC69CEB=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0ACFF497517F40929AAEF864D40A8BCD
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0ACFF497517F40929AAEF864D40A8BCD=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_0ACFF497517F40929AAEF864D40A8BCD=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9C91D85F81D24545A5ED0C13D6F74C7D
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9C91D85F81D24545A5ED0C13D6F74C7D=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_9C91D85F81D24545A5ED0C13D6F74C7D=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B954DF7F28504A1A8BD472A34BE139C6
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B954DF7F28504A1A8BD472A34BE139C6=>(JAVASCRIPT 2)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_B954DF7F28504A1A8BD472A34BE139C6=>(JAVASCRIPT 3)
 Nettoyé
 
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab=>_460931E70DFD4F6FA396D0E421694272

didou · Answer

imposible ,j'ai le raccourci sur le bureau mais lorsque je clic dessus ca me marque
c:\program files	rend micro\hijack this\hijack this.exe.n'est pas une application win32 valide

didou · Answer

J'aimerai pas passer mon week-end à essayer d'enlever ce sacré virus, un anti virus c'est pas plus simple,pour le moment les magasins sont ouverts, et prendre lequel pour enlever ce VIRUS

didou · Answer

impossible de renomer hijack.exe

jlpjlp · Answer

slt
bagle malheureusement empeche l'installation des antivirus....... il faut donc arrivé a en virer le maximum 

fais tout

courage


________________


cette fois fais en mode sans echec surtout: http://service1.symantec.com/


DEMARRER puis EXECUTER et tape mrt puis clique sur ok et suis la procedure

___________

essaye de refaire elibaga en mode sans echec car il ne les a pas tous supprimés (Acceso Denegado.)

__________
en mode sans echec : stinger

http://download.nai.com/products/mcafee-avert/stng380.exe
__________




télécharges et installes :

kill box
https://www.bleepingcomputer.com/download/linux/


aide kill box
http://perso.wanadoo.fr/jesses/Docs/Logiciels/KillBox.htm


- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci

- Double-clic sur fix.reg

Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le dossier jaune à droite et sélectionne les fichiers :



C:\hp\KBD\KbdStub.exe
C:\hp\support\hpsysdrv.exe
C:\Users\David\AppData\Local\VirtualStore\Windows\System32\FactoryMode
C:\Windows\System32\mdelk.exe
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab
C:\WINDOWS\SYSTEM32\WINTEMS.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE

- Clique sur la croix rouge et et blanche
- Répond yes et laisse redémarrer ton pc.
N'hésite pas à consulter l'Aide killbox

____________


essaye maintenant si tu n'as aucun antivirus de mettre antivir qui est tres efficace et gratuit

https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)

___________________

didou · Answer

impossible d'aller sur cette page
http://service1.symantec.com/

didou · Answer

McAfee® Stinger Version 3.8.0 built on Sep 10 2007

Copyright © 2007 McAfee, Inc. All Rights Reserved.

Virus data file v1000 created on Sep 10 2007.

Ready to scan for 191 viruses, trojans and variants.



Scan initiated on Sat Feb 09 13:06:49 2008

  Number of clean files: 266836

didou · Answer

voici le dernier rapport, on dirait que ca va mieux et maintenant?  


  Fri Feb 08 21:24:21 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:24:57 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 21:29:08 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\hp\support\HPSYSDRV.EXE --> Eliminado Bagle.dldr

Nº Total de Directorios:   13053
Nº Total de Ficheros:      106140
Nº de Ficheros Analizados: 13328
Nº de Ficheros Infectados: 2
Nº de Ficheros Limpiados:  1

	  Fri Feb 08 22:54:58 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Fri Feb 08 22:55:16 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13055
Nº Total de Ficheros:      107006
Nº de Ficheros Analizados: 13338
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 07:55:55 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 09:14:03 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 09:14:19 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13059
Nº Total de Ficheros:      105148
Nº de Ficheros Analizados: 13312
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 10:01:06 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 10:01:44 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios:   13063
Nº Total de Ficheros:      105231
Nº de Ficheros Analizados: 13312
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados:  0

	  Sat Feb 09 10:50:10 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.

	  Sat Feb 09 14:01:54 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Eliminado Bagle.dldr

	  Sat Feb 09 14:02:28 2008
EliBagle v10.98  (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\hp\support\HPSYSDRV.EXE --> Eliminado Bagle.dldr
C:\Windows\System32\MDELK.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\107297.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\14656668.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\14667510.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\14673454.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\14674717.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\29312806.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\29379808.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\43915950.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\53243.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\55349.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\58999.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\59389.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\62509.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\65972.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\66768.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\68094.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\70574.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\71620.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\88655.EXE --> Eliminado Bagle
C:\Windows\System32\drivers\down\90230.EXE --> Eliminado Bagle

Nº Total de Directorios:   13154
Nº Total de Ficheros:      107469
Nº de Ficheros Analizados: 13381
Nº de Ficheros Infectados: 22
Nº de Ficheros Limpiados:  22

didou · Answer

il ne veux pas s'ouvrir.
https://www.bleepingcomputer.com/download/linux/

didou · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:21, on 09.02.2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/de-ch?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/de-ch?cobrand=hp.msn.com&ocid=HPDHP&pc=HPDTDF&checklang=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

jlpjlp · Answer

télécharge OTMoveIt 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.  Ou sur  https://www.luanagames.com/index.fr.html
double-clique sur OTMoveIt.exe pour le lancer. 
copie la liste qui se trouve en citation ci-dessous, 
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved. 

Citation : 

C:\hp\KBD\KbdStub.exe
C:\hp\support\hpsysdrv.exe
C:\Users\David\AppData\Local\VirtualStore\Windows\System32\FactoryMode
C:\Windows\System32\mdelk.exe
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab
C:\WINDOWS\SYSTEM32\WINTEMS.EXE
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE

clique sur MoveIt! pour lancer la suppression. 
le résultat apparaitra dans le cadre "Results". 
clique sur Exit pour fermer. 
poste le rapport situé dans C:\_OTMoveIt\MovedFiles. 

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes. 




____________
installe antivir:  et scan avec

https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)

didou · Answer

File/Folder C:\WINDOWS\SYSTEM32\WINTEMS.EXE not found.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT moved successfully.
File/Folder C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS not found.
File/Folder C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE not found.
 
OTMoveIt2 v1.0.19 log created on 02092008_144921
File move failed. C:\WINDOWS\SYSTEM32\WINTEMS.EXE scheduled to be moved on reboot.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT moved successfully.
File move failed. C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS scheduled to be moved on reboot.
File move failed. C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE scheduled to be moved on reboot.
 
OTMoveIt2 v1.0.19 log created on 02092008_104703
File/Folder C:\hp\KBD\KbdStub.exe not found.
File/Folder C:\hp\support\hpsysdrv.exe not found.
File/Folder C:\Users\David\AppData\Local\VirtualStore\Windows\System32\FactoryMode not found.
File/Folder C:\Windows\System32\mdelk.exe not found.
D:\HP\apps\APP30602\src\OUTPUTDIR_zh_CN\Data1.cab moved successfully.
File/Folder C:\WINDOWS\SYSTEM32\WINTEMS.EXE not found.
File/Folder C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS not found.
File/Folder C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE not found.
 
OTMoveIt2 v1.0.19 log created on 02092008_174101

jlpjlp · Answer

____________
installe antivir: et scan avec et colle le rapport

https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)

didou · Answer

AntiVir PersonalEdition Classic Report file date: samedi 9 février 2008 16:20 Scanning for 1096761 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (plain) [6.0.6000] Username: David Computer name: DAVID Version information: BUILD.DAT : 270 15603 Bytes 19.09.2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23.08.2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16.08.2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14.08.2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21.08.2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18.07.2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14.12.2007 14:22:33 ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08.02.2008 14:22:33 ANTIVIR3.VDF : 7.0.2.114 2048 Bytes 08.02.2008 14:22:33 AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 09.02.2008 14:22:33 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26.02.2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18.07.2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16.04.2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09.02.2008 14:22:33 AVREG.DLL : 7.0.1.6 30760 Bytes 18.07.2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28.08.2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18.07.2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08.03.2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07.08.2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21.08.2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23.07.2007 09:37:21 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: F:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: samedi 9 février 2008 16:20 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsm.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'wininit.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 16 processes with 16 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Boot sector 'D:\' [NOTE] No virus was found! Boot sector 'L:\' [NOTE] No virus was found! Boot sector 'G:\' [NOTE] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [NOTE] In the drive 'H:\' no data medium is inserted! Boot sector 'I:\' [NOTE] In the drive 'I:\' no data medium is inserted! Boot sector 'J:\' [NOTE] In the drive 'J:\' no data medium is inserted! Boot sector 'K:\' [NOTE] In the drive 'K:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '17' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\Windows\System32\drivers\down\14630397.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c8ce.qua'! C:\Windows\System32\drivers\down\14660209.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c8d1.qua'! C:\Windows\System32\drivers\down\14670131.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c8d5.qua'! C:\Windows\System32\drivers\down\14670770.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c8d7.qua'! C:\Windows\System32\drivers\down\166874.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c8e0.qua'! C:\Windows\System32\drivers\down\29306878.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e0c8ea.qua'! C:\Windows\System32\drivers\down\29363818.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e0c8ec.qua'! C:\Windows\System32\drivers\down\43904078.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e6c8ea.qua'! C:\Windows\System32\drivers\down\49265.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47dfc8f3.qua'! C:\Windows\System32\drivers\down\51355.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e0c8ed.qua'! C:\Windows\System32\drivers\down\56909.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e6c8f4.qua'! C:\Windows\System32\drivers\down\61745.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e4c8f1.qua'! C:\Windows\System32\drivers\down\64958.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e6c8f6.qua'! C:\Windows\System32\drivers\down\73726.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e4c8f8.qua'! C:\Windows\System32\drivers\down\75223.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47dfc8fc.qua'! C:\Windows\System32\drivers\down\88686.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e3c902.qua'! C:\Windows\System32\drivers\down\91338.exe [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen [INFO] The file was moved to '47e0c8fd.qua'! Begin scan in 'D:\' Begin scan in 'L:\' Begin scan in 'G:\' Search path G:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'H:\' Search path H:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'I:\' Search path I:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'J:\' Search path J:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'K:\' Search path K:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'E:\' Begin scan in 'F:\' Search path F:\ could not be opened! Le périphérique n'est pas prêt. End of the scan: samedi 9 février 2008 17:30 Used time: 1:09:51 min The scan has been done completely. 13896 Scanning directories 522428 Files were scanned 17 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 17 files were moved to quarantine 0 files were renamed 1 Files cannot be scanned 522411 Files not concerned 5803 Archives were scanned 1 Warnings 21 Notes

didou · Answer

ON M'A PROPOSER COMME ANTI VIRUS nod 32
MAINTENANT J'AI UN AUTRE PROBLEME AVEC LES CONTROLES ACTIVEX car je voulais scanner avec ce anti virus et j'ai un probleme avec les  controles activeX, je ne compremds plus rien

jlpjlp · Answer

vire ce qui est en quarantaine dans antivir et recolle un rapport antivir et dis tes soucis

colle aussi un nouveau rapport hijakchits

didou · Answer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:33:21, on 09.02.2008
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Real\Update_OBealsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ch/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Radio France Toolbar - {1a2cd84f-2175-4ae8-bd60-ce0d04442b4f} - C:\Program Files\Radio_France	bRadi.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [USB2Check] RUNDLL32.EXE "C:\Windows\system32\PCLECoInst.dll",CheckUSBController
O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OBealsched.exe"  -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resource/download/scanner/en-us/wlscctrl2.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

jlpjlp · Answer

relabnce hiajkchtis et fix ces lignes:

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"


__________

pourquoi avoir enlevé antivir??? 



remets le et colle un nouveau rapport apres avoir viré ce qui est en quarantaine









pour protéger gratos ton ordi

http://www.commentcamarche.net/telecharger/logiciel 4 securite

mettre un antivirus

 ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT +/-    si tea timer non active de spybot: WINDOWS DEFENDER 
+/-
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation  : il suffit de faire "update" pour mettre à jour tous les mois  et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version 
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
http://www.commentcamarche.net/telecharger/telecharger 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf

didou · Answer

quand je relance  hiajkchtis il me marque
for some reason your systeme dnied write access to the lost file etc...
notepad c:\windows\system32\drivers\etc\hosts
etc
je coche les 3 et je fix checked et il me marque
fix 3 slected items?......
je coche oui et il me marque
hijack this is about to remove a BHO and the cooesponding file from your system. etc...

didou · Answer

voici le dernier rapport AntiVir PersonalEdition Classic Report file date: dimanche 10 février 2008 10:36 Scanning for 1096761 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows Vista Windows version: (plain) [6.0.6000] Username: David Computer name: DAVID Version information: BUILD.DAT : 270 15603 Bytes 19.09.2007 13:32:00 AVSCAN.EXE : 7.0.6.1 290856 Bytes 23.08.2007 13:16:29 AVSCAN.DLL : 7.0.6.0 49192 Bytes 16.08.2007 12:23:51 LUKE.DLL : 7.0.5.3 147496 Bytes 14.08.2007 15:32:47 LUKERES.DLL : 7.0.6.1 10280 Bytes 21.08.2007 12:35:20 ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18.07.2007 14:27:15 ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14.12.2007 14:22:33 ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08.02.2008 14:22:33 ANTIVIR3.VDF : 7.0.2.114 2048 Bytes 08.02.2008 14:22:33 AVEWIN32.DLL : 7.6.0.62 3240448 Bytes 09.02.2008 14:22:33 AVWINLL.DLL : 1.0.0.7 14376 Bytes 26.02.2007 10:36:26 AVPREF.DLL : 7.0.2.2 25640 Bytes 18.07.2007 07:39:17 AVREP.DLL : 7.0.0.1 155688 Bytes 16.04.2007 13:16:24 AVPACK32.DLL : 7.6.0.3 360488 Bytes 09.02.2008 14:22:33 AVREG.DLL : 7.0.1.6 30760 Bytes 18.07.2007 07:17:06 AVARKT.DLL : 1.0.0.20 278568 Bytes 28.08.2007 12:26:33 AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18.07.2007 07:10:18 NETNT.DLL : 7.0.0.0 7720 Bytes 08.03.2007 11:09:42 RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07.08.2007 12:38:13 RCTEXT.DLL : 7.0.62.0 86056 Bytes 21.08.2007 12:50:37 SQLITE3.DLL : 3.3.17.1 339968 Bytes 23.07.2007 09:37:21 Configuration settings for the scan: Jobname..........................: Local Drives Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: off Scan boot sector.................: on Boot sectors.....................: F:, Scan memory......................: on Process scan.....................: on Scan registry....................: on Search for rootkits..............: off Scan all files...................: Intelligent file selection Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: dimanche 10 février 2008 10:36 The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned Scan process 'NMIndexingService.exe' - '0' Module(s) have been scanned Scan process 'unsecapp.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '0' Module(s) have been scanned Scan process 'wmpnetwk.exe' - '0' Module(s) have been scanned Scan process 'WZQKPICK.EXE' - '1' Module(s) have been scanned Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned Scan process 'sidebar.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'reader_sl.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'jusched.exe' - '1' Module(s) have been scanned Scan process 'USBTip.exe' - '1' Module(s) have been scanned Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned Scan process 'OSD.exe' - '1' Module(s) have been scanned Scan process 'SearchFilterHost.exe' - '0' Module(s) have been scanned Scan process 'SearchProtocolHost.exe' - '0' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'dwm.exe' - '1' Module(s) have been scanned Scan process 'taskeng.exe' - '1' Module(s) have been scanned Scan process 'WmiPrvSE.exe' - '0' Module(s) have been scanned Scan process 'WUDFHost.exe' - '0' Module(s) have been scanned Scan process 'taskeng.exe' - '0' Module(s) have been scanned Scan process 'SearchIndexer.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'NBService.exe' - '0' Module(s) have been scanned Scan process 'PIFSvc.exe' - '0' Module(s) have been scanned Scan process 'LSSrvc.exe' - '0' Module(s) have been scanned Scan process 'DQLWinService.exe' - '0' Module(s) have been scanned Scan process 'sched.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'avguard.exe' - '0' Module(s) have been scanned Scan process 'spoolsv.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'SLsvc.exe' - '0' Module(s) have been scanned Scan process 'audiodg.exe' - '0' Module(s) have been scanned Scan process 'winlogon.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'svchost.exe' - '0' Module(s) have been scanned Scan process 'lsm.exe' - '0' Module(s) have been scanned Scan process 'lsass.exe' - '0' Module(s) have been scanned Scan process 'services.exe' - '0' Module(s) have been scanned Scan process 'csrss.exe' - '0' Module(s) have been scanned Scan process 'wininit.exe' - '0' Module(s) have been scanned Scan process 'csrss.exe' - '0' Module(s) have been scanned Scan process 'smss.exe' - '0' Module(s) have been scanned 24 processes with 24 modules were scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0005 [NOTE] Please restart the search with Administrator rights Boot sector 'D:\' [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0005 [NOTE] Please restart the search with Administrator rights Boot sector 'L:\' [NOTE] No virus was found! [WARNING] The boot sector file could not be read! [WARNING] Error code: 0x0005 [NOTE] Please restart the search with Administrator rights Boot sector 'G:\' [NOTE] In the drive 'G:\' no data medium is inserted! Boot sector 'H:\' [NOTE] In the drive 'H:\' no data medium is inserted! Boot sector 'I:\' [NOTE] In the drive 'I:\' no data medium is inserted! Boot sector 'J:\' [NOTE] In the drive 'J:\' no data medium is inserted! Boot sector 'K:\' [NOTE] In the drive 'K:\' no data medium is inserted! Starting to scan the registry. The registry was scanned ( '20' files ). Starting the file scan: Begin scan in 'C:\' C:\hiberfil.sys [WARNING] The file could not be opened! C:\pagefile.sys [WARNING] The file could not be opened! Begin scan in 'D:\' Begin scan in 'L:\' Begin scan in 'G:\' Search path G:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'H:\' Search path H:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'I:\' Search path I:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'J:\' Search path J:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'K:\' Search path K:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'E:\' Search path E:\ could not be opened! Le périphérique n'est pas prêt. Begin scan in 'F:\' Search path F:\ could not be opened! Le périphérique n'est pas prêt. End of the scan: dimanche 10 février 2008 11:03 Used time: 27:03 min The scan has been done completely. 13345 Scanning directories 380959 Files were scanned 0 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 380959 Files not concerned 2632 Archives were scanned 2 Warnings 10 Notes

jlpjlp · Answer

quels sont tes problemes actuels?

didou · Answer

merci encore, mais j'ai reformaté,c'était plus simple,merci encore et bonne journée

jlpjlp · Answer

pour protéger gratos ton ordi

https://www.commentcamarche.net/telecharger/ 4 securite

mettre un antivirus

ANTIVIR (en anglais mais très efficace)
https://www.malekal.com/avira-free-security-antivirus-gratuit/ (merci Malekal)
-------------
des anti-espions :
AD AWARE + SPYBOT +/- si tea timer non active de spybot: WINDOWS DEFENDER
+/-
SPYWAREBLASTER pour immuniser le système contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...

Rq : spybot et ad-aware on sorti de nouvelles versions cette année vérifiez que vous avez la dernière version
--------
un pare feu :
celui de Windows ou mieux KERIO ou JETICO ou ZONE ALARM (mettre que le parefeu gratuit)

https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
https://manuelsdaide.com/contact/
http://www.open-files.com/forum/index.php?showtopic=29277
https://www.commentcamarche.net/telecharger/ 157 zonealarm

-----------

CCLEANER pour effacer les traces de surf

VirusWin32/Ursnif

45 réponses

Votre réponse

Newsletters