Sujet Précédent Sujet Suivant

Win 32 worm bagle

Fermé
get27 Messages postés 15 Date d'inscription lundi 11 février 2008 Statut Membre Dernière intervention 13 février 2008 - 11 févr. 2008 à 13:53
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 - 14 févr. 2008 à 20:25
Bonjour,

Je suis nouveau sur le forum. Depuis quelques jours, mon anti virus, Avast, ne démarre plus ainsi que les autres logiciel comme spybot et Windows Defender (Je suis sur VISTA).

J'ai beaucoup cherché sur différents forum et il y a tellement d'infos, et qui ont l'air d'être très personnalisées selon la config de chacun que je m'en remet à vous pour m'aider.

Merci d'avance. (J'attend votre demande pour diffuser un rapport de scan)

Get27
A voir également:

29 réponses

Précédent
  • 1
  • 2
Réponse 21 / 29
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
12 févr. 2008 à 15:42
Ah excuse j´avais pas fais gaffe, oups ;-)

prends zone alarm :

https://www.generation-nt.com/zonealarm-vista-checkpoint-firewall-telecharger-actualite-42256.html

https://www.zonealarm.com/software/free-firewall

https://www.malekal.com/tutoriel-zonealarm-firewall/

@+
0
Réponse 22 / 29
get27 Messages postés 15 Date d'inscription lundi 11 février 2008 Statut Membre Dernière intervention 13 février 2008
12 févr. 2008 à 20:58
AntiVir PersonalEdition Classic
Report file date: 2008-02-12 18:37

Scanning for 1100436 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: SYSTEM
Computer name: PC_DES_CHATS

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 13:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 16:07:36
ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 2008-02-08 16:07:36
ANTIVIR3.VDF : 7.0.2.125 54784 Bytes 2008-02-12 16:07:36
AVEWIN32.DLL : 7.6.0.65 3240448 Bytes 2008-02-12 16:07:36
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-02-12 16:07:36
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 08:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-02-12 18:37

Starting search for hidden objects.
'58523' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'OUTLOOK.EXE' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexStoreSvr.exe' - '1' Module(s) have been scanned
Scan process 'NMIndexingService.exe' - '1' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '1' Module(s) have been scanned
Scan process 'KHALMNPR.exe' - '1' Module(s) have been scanned
Scan process 'KEM.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '1' Module(s) have been scanned
Scan process 'CTSyncU.exe' - '1' Module(s) have been scanned
Scan process 'NMBgMonitor.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'YahooMessenger.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
Scan process 'CTCheck.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'GrooveMonitor.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'dragdiag.exe' - '1' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'NBService.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
63 processes with 63 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[NOTE] No virus was found!
Master boot sector HD1
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
[NOTE] Please restart the search with Administrator rights
Master boot sector HD2
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
[NOTE] Please restart the search with Administrator rights
Master boot sector HD3
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
[NOTE] Please restart the search with Administrator rights
Master boot sector HD4
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
[NOTE] Please restart the search with Administrator rights
Master boot sector HD5
[NOTE] No virus was found!
[WARNING] The boot sector file could not be read!
[WARNING] Error code: 0x0015
[NOTE] Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '12' files ).


Starting the file scan:

Begin scan in 'C:\' <VISTA>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Muestras\FLEC006.EXE.Muestra EliBagle v10.97
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102581984.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102862375.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102991015.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\103008640.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\104084562.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\117179515.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\117478953.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\117601437.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\117617296.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\122228750.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\131809156.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\132212281.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\132216281.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\136754078.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146788890.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146829953.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146847578.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14788187.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14830296.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14960312.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\151304015.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\15264687.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\15283046.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\161064609.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\161392093.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\161447890.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\161468875.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\175666250.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\176180062.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\180341421.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\183031.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\190905796.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\194940062.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\203156.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\205065218.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\205164750.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\205537906.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\209535171.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\210734.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\212078.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\219808343.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\220160296.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\220178484.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\224187609.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\234420375.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\234795906.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\238866343.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\243984.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\246859.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\249047890.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\249439750.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\253448031.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\268025375.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\278290750.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\282569953.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\292892656.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29599484.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29648875.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\297112812.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29899515.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29920109.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\311681203.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\326215359.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\340773500.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\344937.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\355371781.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\399100187.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\413680109.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\428285203.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44071046.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\442797484.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44297328.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44495968.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44513234.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\457365765.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\471911546.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\486424718.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\500956203.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\515517046.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\52094062.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\544982015.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\559851562.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\586609.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\58745906.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59129515.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59182375.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59556234.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\638296.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\73620906.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\73734312.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\73749937.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\73788953.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\74456765.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\87952531.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\88345328.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\89503578.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\System Volume Information\SystemRestore\FRStaging\Users\Les Chats\AppData\Roaming\m\flec006.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\System Volume Information\SystemRestore\FRStaging\Windows\System32\drivers\srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[INFO] The file was deleted!
Begin scan in 'D:\' <A graver>
D:\System Volume Information\_restore{87763945-402F-481C-AFDD-268B9E84853A}\RP775\A0151134.dll
[DETECTION] Is the Trojan horse TR/Crypt.T.519
[INFO] The file was deleted!
Begin scan in 'E:\' <Mes documents>
E:\Nouveau dossier (2)\eMule\Incoming\Interactive JPEG Optimizer 7.01.zip
[0] Archive type: ZIP
--> Interactive JPEG Optimizer 7.01.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
E:\Nouveau dossier (2)\eMule\Incoming\JPEG Wizard 2.4 [Cracked].zip
[0] Archive type: ZIP
--> JPEG Wizard 2.4 [Cracked].exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
E:\Nouveau dossier (2)\eMule\Incoming\Interactive JPEG Optimizer 7.01\Interactive JPEG Optimizer 7.01.exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!
E:\Nouveau dossier (2)\eMule\Incoming\JPEG Wizard 2.4 [Cracked]\JPEG Wizard 2.4 [Cracked].exe
[DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
[INFO] The file was deleted!


End of the scan: 2008-02-12 19:51
Used time: 1:14:10 min

The scan has been done completely.

12846 Scanning directories
342771 Files were scanned
106 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
106 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
342665 Files not concerned
5191 Archives were scanned
2 Warnings
0 Notes
58523 Objects were scanned with rootkit scan
0 Hidden objects were found
0
Réponse 23 / 29
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
12 févr. 2008 à 21:44
Re,

Comment va ton pc?

Arretes de prendre des programmes crackés sur e_mule!!!

@+
0
Réponse 24 / 29
get27 Messages postés 15 Date d'inscription lundi 11 février 2008 Statut Membre Dernière intervention 13 février 2008
13 févr. 2008 à 08:49
Ben pour l'instant il fonctionne plutôt bien.
C'est vrai qu'il est risqué de récupéré des programmes crackés sur la mule mais bon il y en a tellement que pour pouvoir les tester en version officielle.....bref j'invente rien.
Comment se fait-il d'ailleurs que l'antivirus n'ait pas détecté les virus contenu dans ces fichiers crackés?

Sinon dois faire d'autres choses pour m'assurer que Bagle soit totalement éradiqué de mon PC? Et promis, à l'avenir, je ferai plus attention aux sources de mes programmes ;-))

Merci pour l'aide.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 29
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
13 févr. 2008 à 21:03
salut get27,

l´antivirus que tu avais "avast" ne detecte pas grand chose, quand a antivir il va les detecter a l´ouverture des fichiers zippés et stopper l´infection; mais ca ne veut pas dire qu´il faille telecharger tout et n´importe quoi...

si bagle etait encore present tu n´aurais pas pu installer antivir, alors pour moi c´est ok.

Tu as bien instalé zone alarm?

fais ceci :

Désactive ta restauration système:
pour cela :
Click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration système;
coche la case désactiver la restauration systèm et applique.
puis redemarre le pc et click droit sur poste de travail, dans l´arborescence sur propriétés;
dans la nouvelle fenettre click sur l´onglet restauration systèm
décoche la case désactiver la restauration systèm et applique.

et

Télécharge ToolsCleaner sur ton bureau.
--> http://www.commentcamarche.net/telecharger/telechargement 34055291 toolsclean(...)
# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

@+
0
Réponse 26 / 29
congeler2
14 févr. 2008 à 19:13
salut voila un rapport de scan avec ELIBAGLA si quequ'un peut me lire merci windows me rend malade


Thu Feb 14 18:51:41 2008
EliBagle v11.00 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.

Thu Feb 14 18:51:48 2008
EliBagle v11.00 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6561
Nº Total de Ficheros: 62424
Nº de Ficheros Analizados: 10379
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0

Thu Feb 14 18:57:58 2008
EliBagle v11.00 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 6561
Nº Total de Ficheros: 62424
Nº de Ficheros Analizados: 10379
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 0
0
Réponse 27 / 29
congeler2
14 févr. 2008 à 19:17
help aidez-moi
0
Réponse 28 / 29
congeler2
14 févr. 2008 à 19:28
re je suis sous xp sp2 ,probleme de virus ou fichier infecter,j'aimerais l'aide d'une ame charitable ras le bol tout ces virus
0
Réponse 29 / 29
g!rly Messages postés 18209 Date d'inscription vendredi 17 août 2007 Statut Contributeur Dernière intervention 30 novembre 2014 406
14 févr. 2008 à 20:25
salut,

fais ceci :

Télécharge combofix.exe (par sUBs) sur ton Bureau.

-> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.


Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

@+

tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0

Discussions similaires

Voxbone ? qui est-ce ?
fanfan54 -
djakool4 -

158 réponses
svp 32Gb est il egal a 32Go??
William Fernand -
nemrod18 -

3 réponses