Sujet Précédent Sujet Suivant

C'est la catastrophe!!!

samich Messages postés 77 Statut Membre -  
dou-l Messages postés 2871 Statut Membre -
Bonjour,

je possède un ordinateur portable processeur athlon 1.8ghz, windows xp sp2
depuis quelques temps, je n'ai plus accès à ccleaner, antivir et spybot... impossible d'ouvrir ces programmes!

de plus, recemment, windows m'a averti de la presence d'un trojan win32 par le rapport d'erreur (car l'ordinateur a planté, avec ecran bleu, ecriture violette et mechant bruit...)

pour couronner le tout, impossible d'aller en mode sans echec pour enlever ce trojan!!!

alors pour moi, c'est l'impasse. svp au secours!!!!

57 réponses

Précédent
Réponse 41 / 57
samich Messages postés 77 Statut Membre 3
 
du moins je me souviens plus et je l'ai supprimé!!
0
Réponse 42 / 57
samich Messages postés 77 Statut Membre 3
 
Sun Apr 20 18:15:43 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun Apr 20 18:15:47 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 4208
Nº Total de Ficheros: 39330
Nº de Ficheros Analizados: 6558
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sun Apr 20 18:20:41 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sun Apr 20 18:20:46 2008
EliBagle v11.28 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad E:\

Nº Total de Directorios: 331
Nº Total de Ficheros: 3166
Nº de Ficheros Analizados: 212
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
0
Réponse 43 / 57
samich Messages postés 77 Statut Membre 3
 
du coup, il a rien trouvé!!!!

mais que faire???
0
Réponse 44 / 57
dou-l Messages postés 2871 Statut Membre 61
 
refait combofix stp
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 45 / 57
samich Messages postés 77 Statut Membre 3
 
ComboFix 08-04-18.3 - alcacer eric 2008-04-20 19:04:00.3 - NTFSx86
Endroit: C:\Documents and Settings\alcacer eric\Bureau\Combo-Fix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-20 to 2008-04-20 ))))))))))))))))))))))))))))))))))))
.

2008-04-20 17:34 . 2008-04-20 17:34 <REP> d-------- C:\WINDOWS\LastGood
2008-04-20 17:29 . 2008-04-20 19:08 198,688 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-20 17:29 . 2008-04-20 17:29 32 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-20 17:22 . 2008-04-20 17:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-04-20 17:22 . 2008-04-02 21:07 75,248 --a------ C:\WINDOWS\zllsputility.exe
2008-04-20 17:22 . 2008-04-02 21:08 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2008-04-20 17:22 . 2008-04-02 21:08 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2008-04-20 17:22 . 2008-04-02 21:08 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2008-04-20 17:22 . 2008-04-02 21:08 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2008-04-20 17:22 . 2008-04-20 17:26 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-04-20 17:20 . 2008-04-20 17:20 <REP> d-------- C:\Program Files\Zone Labs
2008-04-20 17:19 . 2008-04-20 19:02 <REP> d-------- C:\WINDOWS\Internet Logs
2008-04-19 13:48 . 2008-04-20 17:11 <REP> d-------- C:\Program Files\Trend Micro
2008-04-14 10:12 . 2008-04-14 10:12 360,064 --a------ C:\WINDOWS\system32\drivers\TCPIP.SYS.ORIGINAL
2008-04-11 18:56 . 2008-04-14 09:55 <REP> d-------- C:\Documents and Settings\alcacer eric\Application Data\BitTorrent
2008-04-11 18:55 . 2008-04-11 18:55 <REP> d-------- C:\Program Files\DNA
2008-04-11 18:55 . 2008-04-11 19:04 <REP> d-------- C:\Program Files\BitTorrent
2008-04-11 18:55 . 2008-04-20 19:01 <REP> d-------- C:\Documents and Settings\alcacer eric\Application Data\DNA
2008-04-08 15:46 . 2008-04-08 15:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-03-29 15:04 . 2008-03-29 15:04 <REP> d-------- C:\Program Files\SoundinDepth.com
2008-03-29 15:04 . 2005-08-27 03:38 1,435,272 --a------ C:\WINDOWS\system32\Flash.ocx
2008-03-29 15:04 . 2002-03-04 13:27 1,140,472 --a------ C:\WINDOWS\system32\IGUltraGrid20.ocx
2008-03-29 15:04 . 2003-11-19 14:59 512,688 --a------ C:\WINDOWS\system32\XceedCry.dll
2008-03-29 15:04 . 2001-07-28 13:50 265,753 --a------ C:\WINDOWS\system32\AS-Exp2.ocx
2008-03-29 15:04 . 2004-03-09 00:00 131,856 --a------ C:\WINDOWS\system32\MSADODC.ocx
2008-03-29 15:04 . 1999-01-26 20:36 11,012 --a------ C:\WINDOWS\system32\threadapi.tlb
2008-03-29 15:03 . 2000-07-15 06:00 101,888 --a------ C:\WINDOWS\system32\VB6STKIT.DLL

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-19 12:56 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-17 20:26 --------- d-----w C:\Program Files\eMule
2008-04-17 17:02 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-14 08:12 360,064 ----a-w C:\WINDOWS\system32\drivers\TCPIP.SYS
2008-04-14 08:12 360,064 ----a-w C:\WINDOWS\system32\dllcache\TCPIP.SYS
2008-04-07 17:38 --------- d-----w C:\Program Files\Google
2008-04-07 15:34 --------- d-----w C:\Program Files\DivX
2008-04-07 15:19 --------- d-----w C:\Program Files\Wallpaper
2008-04-04 17:51 --------- d-----w C:\Documents and Settings\alcacer eric\Application Data\LimeWire
2008-04-02 19:07 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2008-03-26 13:57 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ------w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ------w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ------w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-16 09:02 474,624 ------w C:\WINDOWS\system32\dllcache\shlwapi.dll
2008-02-16 09:02 152,064 ------w C:\WINDOWS\system32\dllcache\cdfview.dll
2008-02-16 09:02 1,495,040 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-02-16 09:02 1,056,768 ------w C:\WINDOWS\system32\dllcache\danim.dll
2008-02-16 09:02 1,024,000 ------w C:\WINDOWS\system32\dllcache\browseui.dll
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2005-11-26 13:27 0 -c--a-w C:\Documents and Settings\alcacer eric\Application Data\wklnhst.dat
.

------- Sigcheck -------

2004-08-05 10:00 14336 1bd6c2f707a275cb7c16fd99fe0f31ca C:\WINDOWS\system32\svchost.exe

2004-08-05 10:00 82944 bc41f51a39d3b255805fdb759b7814ae C:\WINDOWS\system32\ws2_32.dll

2005-05-25 21:07 359936 63fdfea54eb53de2d863ee454937ce1e C:\WINDOWS\$hf_mig$\KB893066\SP2QFE\tcpip.sys
2006-01-13 19:07 360448 5562cc0a47b2aef06d3417b733f3c195 C:\WINDOWS\$hf_mig$\KB913446\SP2QFE\tcpip.sys
2006-04-20 14:18 360576 b2220c618b42a2212a59d91ebd6fc4b4 C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53 360832 64798ecfa43d78c7178375fcdd16d8c8 C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2008-04-14 10:12 360064 ed06c31200714e734118f9a47f5df5ce C:\WINDOWS\system32\dllcache\TCPIP.SYS
2008-04-14 10:12 360064 ed06c31200714e734118f9a47f5df5ce C:\WINDOWS\system32\drivers\TCPIP.SYS

2004-08-05 10:00 506368 d2de785aeab0bb8ca4c14a8a199dbe4e C:\WINDOWS\system32\winlogon.exe

2004-08-05 10:00 182912 558635d3af1c7546d26067d5d9b6959e C:\WINDOWS\system32\drivers\ndis.sys

2004-08-05 10:00 29056 4448006b6bc60e6c027932cfc38d6855 C:\WINDOWS\system32\drivers\ip6fw.sys

2004-08-05 10:00 15360 5584247b568c2e53934873f4b655fe6a C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 10:00 15360]
"BitTorrent DNA"="C:\Program Files\DNA\btdna.exe" [2008-04-11 18:55 288576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-12-21 22:05 344064]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-11-05 14:52 233534]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-19 14:34 262401]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-04-02 21:07 919016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 10:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMBalloonTip"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\BitTorrent\\bittorrent.exe"=

R2 litsgt;litsgt;C:\WINDOWS\system32\DRIVERS\litsgt.sys [2005-11-07 22:34]
R2 tansgt;tansgt;C:\WINDOWS\system32\DRIVERS\tansgt.sys [2005-11-07 22:33]
R3 HSFHWATI;HSFHWATI;C:\WINDOWS\system32\DRIVERS\HSFHWATI.sys [2004-06-10 16:59]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187B.sys [2006-12-26 08:58]

*Newly Created Service* - CATCHME
*Newly Created Service* - KLIF
*Newly Created Service* - SRESCAN
*Newly Created Service* - VSMON
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-20 17:06:01 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-20 19:07:09
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????7?7?5?6??????? ?,?B?????????????hLC? ??????

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-04-20 19:10:09
ComboFix-quarantined-files.txt 2008-04-20 17:09:53
ComboFix2.txt 2008-04-20 15:56:41

Pre-Run: 22,572,732,416 octets libres
Post-Run: 22,553,706,496 octets libres

142 --- E O F --- 2008-04-20 15:39:31
0
Réponse 46 / 57
dou-l Messages postés 2871 Statut Membre 61
 
hum

vire antivir et essaye de le réinstaller !!
0
Réponse 47 / 57
samich Messages postés 77 Statut Membre 3
 
j'ai reinstalle antivir et ca marche nickel...

la je dois y aller, mais je te tiens au courant!!!

bonne soirée
0
Réponse 48 / 57
dou-l Messages postés 2871 Statut Membre 61
 
ok on en a pas finit !! a+
0
Réponse 49 / 57
samich Messages postés 77 Statut Membre 3
 
salut dou-l

antivir et spybot sont reinstallé et marche trés bien...

alors tout va bien???
0
Réponse 50 / 57
samich Messages postés 77 Statut Membre 3
 
AIE!!!!!!!!

je viens de faire une analyse avec antivir, il vient de trouver 73 virus... tous sont des trojans du nom de bagle!!!! je les ai mis en quarantaine...
0
Réponse 51 / 57
dou-l Messages postés 2871 Statut Membre 61
 
ok on verra poste le rapport a la fin :::!!!!!
0
Réponse 52 / 57
samich Messages postés 77 Statut Membre 3
 
Avira AntiVir Personal
Report file date: mardi 22 avril 2008 15:07

Scanning for 1227832 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PC180281974527

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 19:08:10
ANTIVIR3.VDF : 7.0.3.195 472576 Bytes 21/04/2008 18:47:32
Engineversion : 8.1.0.32
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.26 233850 Bytes 20/04/2008 19:08:49
AESCN.DLL : 8.1.0.14 119156 Bytes 20/04/2008 19:08:46
AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
AEPACK.DLL : 8.1.1.2 364917 Bytes 20/04/2008 19:08:45
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 20/04/2008 19:08:36
AEHEUR.DLL : 8.1.0.18 1167735 Bytes 20/04/2008 19:08:33
AEHELP.DLL : 8.1.0.14 115063 Bytes 20/04/2008 19:08:24
AEGEN.DLL : 8.1.0.17 299380 Bytes 20/04/2008 19:08:23
AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
AECORE.DLL : 8.1.0.27 168310 Bytes 20/04/2008 19:08:20
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mardi 22 avril 2008 15:07

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'atiptaxx.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
27 processes with 27 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '26' files ).

Starting the file scan:

Begin scan in 'C:\' <ROUGE>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163183.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.NI
[NOTE] The file was moved to '483ee920.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163184.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.NI
[NOTE] The file was moved to '483ee926.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163206.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.NI
[NOTE] The file was moved to '483ee92c.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163213.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee92f.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163214.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee931.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163215.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee933.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163232.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee935.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163236.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee938.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163237.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee93a.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163291.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee93d.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163295.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee940.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163296.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee943.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP364\A0163297.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee946.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP365\A0163326.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee94e.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0163337.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee953.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0163338.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee955.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0163339.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee957.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0163343.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee95a.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164291.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee95c.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164295.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee95e.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164532.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee974.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164536.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee977.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164554.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee979.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164558.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee97d.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164610.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee981.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164614.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee983.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164631.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee985.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP366\A0164635.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee987.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP367\A0164655.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee98b.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP367\A0164659.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
[NOTE] The file was moved to '483ee98d.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164674.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee991.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164675.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee996.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164682.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9a2.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164684.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9a4.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164685.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9a7.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164686.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9a9.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164693.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9ac.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164694.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9af.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164695.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9b1.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164696.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9b5.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164697.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9b9.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164707.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9bc.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164714.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9bf.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164715.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9c1.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164716.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9c4.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164723.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9c7.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164737.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9ca.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164741.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9cc.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164753.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9d0.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164754.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9d2.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164760.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9d5.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164761.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9d8.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164786.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9dc.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164787.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9df.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164806.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9e2.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164807.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9e4.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164813.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9e7.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164814.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9e9.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164820.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9ec.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164821.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9ef.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164827.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9f2.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164828.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9f4.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164834.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9f7.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164840.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483ee9fa.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164841.exe
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[NOTE] The file was moved to '483ee9fc.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164849.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483ee9ff.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164851.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[NOTE] The file was moved to '483eea02.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164859.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483eea04.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164860.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483eea06.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164862.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '483eea09.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164863.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '483eea25.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164910.scr
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483eea2a.qua'!
C:\System Volume Information\_restore{B8687C25-491C-4B92-A950-D228172F494F}\RP368\A0164911.exe
[DETECTION] Is the Trojan horse TR/Agent.684032.3
[NOTE] The file was moved to '483eea2d.qua'!
Begin scan in 'E:\' <DIABLE>

End of the scan: mardi 22 avril 2008 15:53
Used time: 46:14 min

The scan has been done completely.

4712 Scanning directories
182301 Files were scanned
73 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
73 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
182228 Files not concerned
6682 Archives were scanned
1 Warnings
73 Notes
0
Réponse 53 / 57
dou-l Messages postés 2871 Statut Membre 61
 
ok vide la quarantaine d'antivir et dit tes soucis actuel !
0
Réponse 54 / 57
samich Messages postés 77 Statut Membre 3
 
ok tout les fichiers en quarantaine ont ete supprimé;

sinon, j'ai pas l'impression d'avoir d'autres soucis, mais c peut etre une mauvaise impression!!!!
0
Réponse 55 / 57
dou-l Messages postés 2871 Statut Membre 61
 
lesquels ?
0
Réponse 56 / 57
samich Messages postés 77 Statut Membre 3
 
ce n'est qu'une impression!!!!

je laisse passer quelques temps et je te tiens au courant...
0
Réponse 57 / 57
dou-l Messages postés 2871 Statut Membre 61
 
ok mais dit si tu veux !!

a+ et bon surf j'espere
0

Discussions similaires

Catastrophe kylie jenner challenge
Lolittata -
ClaraDemarti -

5 réponses
film catastrophe guerre nucléaire mondiale
cyrilledu85 -
Dugenou -

40 réponses