Fenetre spyware-secure intempestive
Résolu/Fermé
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
-
18 mai 2008 à 19:24
giacomino06 Messages postés 21 Date d'inscription dimanche 18 mai 2008 Statut Membre Dernière intervention 21 mai 2008 - 19 mai 2008 à 16:17
giacomino06 Messages postés 21 Date d'inscription dimanche 18 mai 2008 Statut Membre Dernière intervention 21 mai 2008 - 19 mai 2008 à 16:17
A voir également:
- Fenetre spyware-secure intempestive
- Anti spyware - Télécharger - Antivirus & Antimalwares
- Temu spyware - Guide
- Raccourci agrandir fenetre - Guide
- Hotel de la fenetre de la console ✓ - Forum Virus
- Fenetre privée - Guide
9 réponses
Utilisateur anonyme
18 mai 2008 à 19:25
18 mai 2008 à 19:25
salut
fais ca:
* Télécharger Combifix (by Subs) sur cette page :
* http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Enregistrez le sur le bureau
* Déconnectez vous d'internet et fermez toutes tes applications et programmes
* Double-cliquez sur combo-fix.exe
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée sous la racine: C:\Combofix.txt
Remarque : combo se charge de supprimer un certain nombre de fichiers infectés liés à bagle.
Il est impératif de télécharger combo par le lien donné précédemment ( version renommée ) ou alors de renommer vous même combo ( clic droit sur le fichier < renommer ), car sinon Combo sera totalement inefficace face à Bagle !
(vous pouver renomer combofix en n'importe quoi comme killer ou tuer etc...)
vous me poster le rapport
fais ca:
* Télécharger Combifix (by Subs) sur cette page :
* http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Enregistrez le sur le bureau
* Déconnectez vous d'internet et fermez toutes tes applications et programmes
* Double-cliquez sur combo-fix.exe
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée sous la racine: C:\Combofix.txt
Remarque : combo se charge de supprimer un certain nombre de fichiers infectés liés à bagle.
Il est impératif de télécharger combo par le lien donné précédemment ( version renommée ) ou alors de renommer vous même combo ( clic droit sur le fichier < renommer ), car sinon Combo sera totalement inefficace face à Bagle !
(vous pouver renomer combofix en n'importe quoi comme killer ou tuer etc...)
vous me poster le rapport
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
18 mai 2008 à 19:28
18 mai 2008 à 19:28
salut,
ok merci!
à tout de suite
ok merci!
à tout de suite
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
18 mai 2008 à 19:58
18 mai 2008 à 19:58
voila le rapport,
ComboFix 08-05-15.3 - jesus 2008-05-18 19:35:45.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.197 [GMT 2:00]
Endroit: D:\Documents and Settings\jesus\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
D:\WINDOWS\system32\_003961_.tmp.dll
D:\WINDOWS\system32\_003962_.tmp.dll
D:\WINDOWS\system32\_003963_.tmp.dll
D:\WINDOWS\system32\_003964_.tmp.dll
D:\WINDOWS\system32\_003971_.tmp.dll
D:\WINDOWS\system32\_003972_.tmp.dll
D:\WINDOWS\system32\_003973_.tmp.dll
D:\WINDOWS\system32\_003974_.tmp.dll
D:\WINDOWS\system32\_003976_.tmp.dll
D:\WINDOWS\system32\_003977_.tmp.dll
D:\WINDOWS\system32\_003980_.tmp.dll
D:\WINDOWS\system32\_003981_.tmp.dll
D:\WINDOWS\system32\_003984_.tmp.dll
D:\WINDOWS\system32\_003985_.tmp.dll
D:\WINDOWS\system32\_003987_.tmp.dll
D:\WINDOWS\system32\_003988_.tmp.dll
D:\WINDOWS\system32\_003990_.tmp.dll
D:\WINDOWS\system32\_003995_.tmp.dll
D:\WINDOWS\system32\_003997_.tmp.dll
D:\WINDOWS\system32\_003998_.tmp.dll
D:\WINDOWS\system32\_004000_.tmp.dll
D:\WINDOWS\system32\_004002_.tmp.dll
D:\WINDOWS\system32\_004003_.tmp.dll
D:\WINDOWS\system32\_004004_.tmp.dll
D:\WINDOWS\system32\_004005_.tmp.dll
D:\WINDOWS\system32\_004006_.tmp.dll
D:\WINDOWS\system32\_004009_.tmp.dll
D:\WINDOWS\system32\_004011_.tmp.dll
D:\WINDOWS\system32\_004012_.tmp.dll
D:\WINDOWS\system32\_004013_.tmp.dll
D:\WINDOWS\system32\_004017_.tmp.dll
D:\WINDOWS\system32\dfcaee4_g.dll
D:\WINDOWS\system32\nvs2.inf
d:\WINDOWS\system32\tqnppzzll.dat
d:\windows\system32\tqnppzzll.exe
d:\WINDOWS\system32\tqnppzzll_nav.dat
d:\WINDOWS\system32\tqnppzzll_navps.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ICF
-------\Service_ICF
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))
.
2008-05-18 19:35 . 2008-05-18 19:35 1,024 --ah----- D:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-05-17 17:55 . 2008-05-17 17:55 <REP> d-------- D:\Program Files\Canal
2008-05-17 17:52 . 2008-05-17 17:52 <REP> d-------- D:\Program Files\Fichiers communs\Adobe AIR
2008-05-17 17:51 . 2008-05-17 17:51 <REP> d-------- D:\Program Files\MSXML 6.0
2008-04-24 11:45 . 2004-08-19 16:09 221,184 --a------ D:\WINDOWS\system32\wmpns.dll
2008-04-24 11:41 . 2004-08-19 16:08 97,280 -----c--- D:\WINDOWS\system32\dllcache\dpcdll.dll
2008-04-24 11:40 . 2008-04-24 11:40 <REP> d-------- D:\WINDOWS\provisioning
2008-04-24 11:40 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\peernet
2008-04-24 11:40 . 2004-08-19 16:09 6,656 --a------ D:\WINDOWS\system32\SETFF1.tmp
2008-04-24 11:22 . 2004-08-19 16:09 1,036,288 --a------ D:\WINDOWS\SET4C3.tmp
2008-04-24 11:20 . 2004-08-19 16:09 1,097,728 --a------ D:\WINDOWS\system32\SET3DE.tmp
2008-04-24 11:19 . 2004-08-19 16:09 3,003,392 --a------ D:\WINDOWS\system32\SET32C.tmp
2008-04-24 11:18 . 2004-08-19 16:09 1,723,904 --a------ D:\WINDOWS\system32\SET2DA.tmp
2008-04-24 11:17 . 2004-08-19 16:09 8,440,320 --a------ D:\WINDOWS\system32\SET23A.tmp
2008-04-24 11:16 . 2004-08-19 16:09 731,136 --a------ D:\WINDOWS\system32\SET1D9.tmp
2008-04-24 11:15 . 2004-08-19 16:09 359,936 --a------ D:\WINDOWS\system32\SET194.tmp
2008-04-24 11:08 . 2004-07-17 11:40 19,528 --a------ D:\WINDOWS\[u]0[/u]02461_.tmp
2008-04-24 11:08 . 2004-08-03 22:43 15,872 --a------ D:\WINDOWS\system32\spupdsvc.exe
2008-04-24 11:05 . 2001-08-28 14:00 1,007,616 --------- D:\WINDOWS\system32\dllcache\conf.exe
2008-04-24 11:04 . 2001-08-28 14:00 4,186,256 --------- D:\WINDOWS\system32\dllcache\luna.mst
2008-04-24 11:03 . 2005-05-03 12:58 2,890,240 --a------ D:\WINDOWS\system32\msi.dll
2008-04-24 11:01 . 2001-08-28 14:00 1,985,920 --a------ D:\WINDOWS\system32\ntoskrnl.exe
2008-04-24 11:00 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\EHome
2008-04-24 10:00 . 2008-04-24 10:00 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-04-24 09:59 . 2008-04-24 09:59 <REP> d-------- D:\WINDOWS\system32\bits
2008-04-24 09:55 . 2007-07-30 19:19 549,720 --a------ D:\WINDOWS\system32\wuapi.dll
2008-04-24 09:55 . 2007-07-30 19:19 325,976 --a------ D:\WINDOWS\system32\wucltui.dll
2008-04-24 09:55 . 2007-07-30 19:19 216,408 --a------ D:\WINDOWS\system32\wuaucpl.cpl
2008-04-24 09:55 . 2007-07-30 19:19 43,352 --a------ D:\WINDOWS\system32\wups2.dll
2008-04-24 09:55 . 2007-07-30 19:19 38,232 --a------ D:\WINDOWS\system32\wucltui.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 33,624 --a------ D:\WINDOWS\system32\wups.dll
2008-04-24 09:55 . 2007-07-30 19:20 30,040 --a------ D:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-24 09:55 . 2007-07-30 19:19 30,040 --a------ D:\WINDOWS\system32\wuapi.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 21,336 --a------ D:\WINDOWS\system32\wuaueng.dll.mui
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-18 17:04 --------- d-----w D:\Program Files\eMule
2008-05-18 11:14 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-18 11:10 --------- d-----w D:\Documents and Settings\jesus\Application Data\AdobeUM
2008-04-14 15:06 --------- d-----w D:\Program Files\Navilog1
2008-04-14 14:54 --------- d-----w D:\Program Files\CCleaner
2008-04-12 11:59 --------- d-----w D:\Program Files\Java
2008-04-10 13:31 --------- d-----w D:\Program Files\Flash Slideshow Maker Professional
2008-04-10 13:31 --------- d-----w D:\Program Files\Color Schemer Studio
2008-04-10 13:30 --------- d-----w D:\Program Files\CleanUp!
2008-03-28 14:35 --------- d-----w D:\Documents and Settings\jesus\Application Data\AlertInfo
2008-03-28 14:28 --------- d-----w D:\Program Files\VS Revo Group
2008-03-27 10:25 81,920 -c--a-w D:\WINDOWS\system32\W32N50.dll
2008-03-27 10:25 17,134 -c--a-w D:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 19:06 --------- d-----w D:\Documents and Settings\jesus\Application Data\Samsung
2008-03-24 13:46 --------- d-----w D:\Program Files\Trend Micro
2008-02-15 18:33 2,293,848 ----a-w D:\Program Files\FLV PlayerFCSetup.exe
2008-01-11 16:08 1,244 ----a-w D:\Documents and Settings\jesus\Application Data\filterclsid.dat
2007-09-01 20:28 261,736 -c--a-w D:\Documents and Settings\jesus\Application Data\GDIPFONTCACHEV1.DAT
2006-05-24 14:43 278,528 -c--a-w D:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
------- Sigcheck -------
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\System32\NvCpl.dll" [2005-12-10 04:06 7311360]
"nwiz"="nwiz.exe" [2005-12-10 04:06 1519616 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\System32\NvMcTray.dll" [2005-12-10 04:06 86016]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"EoClock"="" []
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"EoEngine"="" []
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 14:00 13312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a--c--- 2005-06-07 00:46 57344 D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKey]
--a------ 2006-03-07 02:32 81920 D:\Program Files\HotKey\hotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 D:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itzpgjbhrw]
d:\windows\system32\itzpgjbhrw.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lhlryrfczq]
d:\windows\system32\lhlryrfczq.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2001-08-02 07:14 1077277 D:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 D:\Program Files\MSN Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 D:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 D:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
R1 aswSP;avast! Self Protection;D:\WINDOWS\System32\drivers\aswSP.sys [2008-05-16 01:20]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);D:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-01-24 15:38]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;D:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;D:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-01-24 15:38]
*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-18 19:43:14
Windows 5.1.2600 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-18 19:54:05 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-18 17:53:43
Pre-Run: 1,851,797,504 octets libres
Post-Run: 1,820,454,912 octets libres
197
ComboFix 08-05-15.3 - jesus 2008-05-18 19:35:45.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.197 [GMT 2:00]
Endroit: D:\Documents and Settings\jesus\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
D:\WINDOWS\system32\_003961_.tmp.dll
D:\WINDOWS\system32\_003962_.tmp.dll
D:\WINDOWS\system32\_003963_.tmp.dll
D:\WINDOWS\system32\_003964_.tmp.dll
D:\WINDOWS\system32\_003971_.tmp.dll
D:\WINDOWS\system32\_003972_.tmp.dll
D:\WINDOWS\system32\_003973_.tmp.dll
D:\WINDOWS\system32\_003974_.tmp.dll
D:\WINDOWS\system32\_003976_.tmp.dll
D:\WINDOWS\system32\_003977_.tmp.dll
D:\WINDOWS\system32\_003980_.tmp.dll
D:\WINDOWS\system32\_003981_.tmp.dll
D:\WINDOWS\system32\_003984_.tmp.dll
D:\WINDOWS\system32\_003985_.tmp.dll
D:\WINDOWS\system32\_003987_.tmp.dll
D:\WINDOWS\system32\_003988_.tmp.dll
D:\WINDOWS\system32\_003990_.tmp.dll
D:\WINDOWS\system32\_003995_.tmp.dll
D:\WINDOWS\system32\_003997_.tmp.dll
D:\WINDOWS\system32\_003998_.tmp.dll
D:\WINDOWS\system32\_004000_.tmp.dll
D:\WINDOWS\system32\_004002_.tmp.dll
D:\WINDOWS\system32\_004003_.tmp.dll
D:\WINDOWS\system32\_004004_.tmp.dll
D:\WINDOWS\system32\_004005_.tmp.dll
D:\WINDOWS\system32\_004006_.tmp.dll
D:\WINDOWS\system32\_004009_.tmp.dll
D:\WINDOWS\system32\_004011_.tmp.dll
D:\WINDOWS\system32\_004012_.tmp.dll
D:\WINDOWS\system32\_004013_.tmp.dll
D:\WINDOWS\system32\_004017_.tmp.dll
D:\WINDOWS\system32\dfcaee4_g.dll
D:\WINDOWS\system32\nvs2.inf
d:\WINDOWS\system32\tqnppzzll.dat
d:\windows\system32\tqnppzzll.exe
d:\WINDOWS\system32\tqnppzzll_nav.dat
d:\WINDOWS\system32\tqnppzzll_navps.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ICF
-------\Service_ICF
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))
.
2008-05-18 19:35 . 2008-05-18 19:35 1,024 --ah----- D:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-05-17 17:55 . 2008-05-17 17:55 <REP> d-------- D:\Program Files\Canal
2008-05-17 17:52 . 2008-05-17 17:52 <REP> d-------- D:\Program Files\Fichiers communs\Adobe AIR
2008-05-17 17:51 . 2008-05-17 17:51 <REP> d-------- D:\Program Files\MSXML 6.0
2008-04-24 11:45 . 2004-08-19 16:09 221,184 --a------ D:\WINDOWS\system32\wmpns.dll
2008-04-24 11:41 . 2004-08-19 16:08 97,280 -----c--- D:\WINDOWS\system32\dllcache\dpcdll.dll
2008-04-24 11:40 . 2008-04-24 11:40 <REP> d-------- D:\WINDOWS\provisioning
2008-04-24 11:40 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\peernet
2008-04-24 11:40 . 2004-08-19 16:09 6,656 --a------ D:\WINDOWS\system32\SETFF1.tmp
2008-04-24 11:22 . 2004-08-19 16:09 1,036,288 --a------ D:\WINDOWS\SET4C3.tmp
2008-04-24 11:20 . 2004-08-19 16:09 1,097,728 --a------ D:\WINDOWS\system32\SET3DE.tmp
2008-04-24 11:19 . 2004-08-19 16:09 3,003,392 --a------ D:\WINDOWS\system32\SET32C.tmp
2008-04-24 11:18 . 2004-08-19 16:09 1,723,904 --a------ D:\WINDOWS\system32\SET2DA.tmp
2008-04-24 11:17 . 2004-08-19 16:09 8,440,320 --a------ D:\WINDOWS\system32\SET23A.tmp
2008-04-24 11:16 . 2004-08-19 16:09 731,136 --a------ D:\WINDOWS\system32\SET1D9.tmp
2008-04-24 11:15 . 2004-08-19 16:09 359,936 --a------ D:\WINDOWS\system32\SET194.tmp
2008-04-24 11:08 . 2004-07-17 11:40 19,528 --a------ D:\WINDOWS\[u]0[/u]02461_.tmp
2008-04-24 11:08 . 2004-08-03 22:43 15,872 --a------ D:\WINDOWS\system32\spupdsvc.exe
2008-04-24 11:05 . 2001-08-28 14:00 1,007,616 --------- D:\WINDOWS\system32\dllcache\conf.exe
2008-04-24 11:04 . 2001-08-28 14:00 4,186,256 --------- D:\WINDOWS\system32\dllcache\luna.mst
2008-04-24 11:03 . 2005-05-03 12:58 2,890,240 --a------ D:\WINDOWS\system32\msi.dll
2008-04-24 11:01 . 2001-08-28 14:00 1,985,920 --a------ D:\WINDOWS\system32\ntoskrnl.exe
2008-04-24 11:00 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\EHome
2008-04-24 10:00 . 2008-04-24 10:00 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-04-24 09:59 . 2008-04-24 09:59 <REP> d-------- D:\WINDOWS\system32\bits
2008-04-24 09:55 . 2007-07-30 19:19 549,720 --a------ D:\WINDOWS\system32\wuapi.dll
2008-04-24 09:55 . 2007-07-30 19:19 325,976 --a------ D:\WINDOWS\system32\wucltui.dll
2008-04-24 09:55 . 2007-07-30 19:19 216,408 --a------ D:\WINDOWS\system32\wuaucpl.cpl
2008-04-24 09:55 . 2007-07-30 19:19 43,352 --a------ D:\WINDOWS\system32\wups2.dll
2008-04-24 09:55 . 2007-07-30 19:19 38,232 --a------ D:\WINDOWS\system32\wucltui.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 33,624 --a------ D:\WINDOWS\system32\wups.dll
2008-04-24 09:55 . 2007-07-30 19:20 30,040 --a------ D:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-24 09:55 . 2007-07-30 19:19 30,040 --a------ D:\WINDOWS\system32\wuapi.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 21,336 --a------ D:\WINDOWS\system32\wuaueng.dll.mui
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-18 17:04 --------- d-----w D:\Program Files\eMule
2008-05-18 11:14 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-18 11:10 --------- d-----w D:\Documents and Settings\jesus\Application Data\AdobeUM
2008-04-14 15:06 --------- d-----w D:\Program Files\Navilog1
2008-04-14 14:54 --------- d-----w D:\Program Files\CCleaner
2008-04-12 11:59 --------- d-----w D:\Program Files\Java
2008-04-10 13:31 --------- d-----w D:\Program Files\Flash Slideshow Maker Professional
2008-04-10 13:31 --------- d-----w D:\Program Files\Color Schemer Studio
2008-04-10 13:30 --------- d-----w D:\Program Files\CleanUp!
2008-03-28 14:35 --------- d-----w D:\Documents and Settings\jesus\Application Data\AlertInfo
2008-03-28 14:28 --------- d-----w D:\Program Files\VS Revo Group
2008-03-27 10:25 81,920 -c--a-w D:\WINDOWS\system32\W32N50.dll
2008-03-27 10:25 17,134 -c--a-w D:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 19:06 --------- d-----w D:\Documents and Settings\jesus\Application Data\Samsung
2008-03-24 13:46 --------- d-----w D:\Program Files\Trend Micro
2008-02-15 18:33 2,293,848 ----a-w D:\Program Files\FLV PlayerFCSetup.exe
2008-01-11 16:08 1,244 ----a-w D:\Documents and Settings\jesus\Application Data\filterclsid.dat
2007-09-01 20:28 261,736 -c--a-w D:\Documents and Settings\jesus\Application Data\GDIPFONTCACHEV1.DAT
2006-05-24 14:43 278,528 -c--a-w D:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
------- Sigcheck -------
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\System32\NvCpl.dll" [2005-12-10 04:06 7311360]
"nwiz"="nwiz.exe" [2005-12-10 04:06 1519616 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\System32\NvMcTray.dll" [2005-12-10 04:06 86016]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"EoClock"="" []
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"EoEngine"="" []
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 14:00 13312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a--c--- 2005-06-07 00:46 57344 D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKey]
--a------ 2006-03-07 02:32 81920 D:\Program Files\HotKey\hotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 D:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itzpgjbhrw]
d:\windows\system32\itzpgjbhrw.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lhlryrfczq]
d:\windows\system32\lhlryrfczq.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2001-08-02 07:14 1077277 D:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 D:\Program Files\MSN Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 D:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 D:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
R1 aswSP;avast! Self Protection;D:\WINDOWS\System32\drivers\aswSP.sys [2008-05-16 01:20]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);D:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-01-24 15:38]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;D:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;D:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-01-24 15:38]
*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-18 19:43:14
Windows 5.1.2600 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-18 19:54:05 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-18 17:53:43
Pre-Run: 1,851,797,504 octets libres
Post-Run: 1,820,454,912 octets libres
197
Utilisateur anonyme
18 mai 2008 à 20:05
18 mai 2008 à 20:05
ok
désinstalle avast puis mes antivir mes le a jour puis fais un scan et supprime tous se qu'il trouve (delete)
puis colle moi le log d'antivir
reglages pour antivir :
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
aussi clic sur guard puis coche scan archive puis tu decoche les 3 case en dessous puis ok
désinstalle avast puis mes antivir mes le a jour puis fais un scan et supprime tous se qu'il trouve (delete)
puis colle moi le log d'antivir
reglages pour antivir :
une fois antivir ouvert click surconfiguration et coche la case "expert mode" puis sur l´onglet scanner dans la fenetre du dessous tu va voir : rootkit search click sur le petit + pour deployer et coche la case a coté de ton disk dur
puis click sur configuration en haut a droite; dans la nouvelle fenetre a gauche >scanner > coche "scan all files" et en dessous >scanner priority = High
coche : allow stopping the scanner, comme cela tu peux faire une pause pendant le scan si tu le desir.
puis sur la droite coche les case suivantes :
scan boot sectors of selected drives
scan master boot sectors
scan memory
search foe rootkit before scan
decoche :
ignore off line files
toujours a gauche > scan > deploie > heuristique > macrovirus heuristic = coché et en dessous > win32 heuristic la case coché et high detection level
aussi clic sur guard puis coche scan archive puis tu decoche les 3 case en dessous puis ok
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
19 mai 2008 à 16:03
19 mai 2008 à 16:03
désolé pour l'attente, antivir a échoué 4 fois à l'install!
voilà le report :
Avira AntiVir Personal
Report file date: lundi 19 mai 2008 12:50
Scanning for 1276115 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PARTAGE
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 19:11:46
ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 17/05/2008 19:11:47
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 18/05/2008 19:12:43
AESCN.DLL : 8.1.0.18 119156 Bytes 18/05/2008 19:12:41
AERDL.DLL : 8.1.0.20 418165 Bytes 18/05/2008 19:12:40
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/05/2008 19:12:33
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/05/2008 19:12:27
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 18/05/2008 19:12:22
AEHELP.DLL : 8.1.0.14 115063 Bytes 18/05/2008 19:12:03
AEGEN.DLL : 8.1.0.21 303477 Bytes 18/05/2008 19:12:01
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/05/2008 19:11:56
AECORE.DLL : 8.1.0.29 168311 Bytes 18/05/2008 19:11:51
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: lundi 19 mai 2008 12:50
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\parameters
[INFO] The registry entry is invisible.
'40171' objects were checked, '14' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
24 processes with 24 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '30' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\RECYCLER\S-1-5-21-1229272821-492894223-839522115-1003\De6.zip
[0] Archive type: ZIP
--> Microsoft_Office_2003_Activation_Crack.exe
[DETECTION] Is the Trojan horse TR/StartPage.NX
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0420871.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0420872.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0421169.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422330.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422330.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422331.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422331.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422332.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422332.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422333.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422333.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422334.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422334.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422335.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422335.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422336.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422336.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422337.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422337.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422338.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422338.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422339.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422339.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422340.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422340.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422341.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422341.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422342.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422342.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422343.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422343.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422344.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422344.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422345.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422345.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422346.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422346.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422347.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422347.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422348.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422348.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422349.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422349.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422350.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422350.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422351.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422351.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422352.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422352.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422353.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422353.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422354.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422354.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422355.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422355.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422356.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422356.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422357.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422357.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422358.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422358.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422359.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422359.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422360.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422360.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422361.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422361.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422362.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422362.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422363.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422363.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422364.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422364.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422365.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422365.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422366.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422366.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422367.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422367.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422368.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422368.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422369.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422369.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422370.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422370.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422371.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422371.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422372.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422372.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422373.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422373.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422374.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422374.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422375.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422375.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422376.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422376.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422377.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422377.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422378.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422378.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422379.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422379.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422380.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422380.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422381.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422381.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422382.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422382.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422383.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422383.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422384.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422384.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422385.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422385.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422386.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422386.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422387.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422387.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422388.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422388.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422389.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422389.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422390.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422390.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422391.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422391.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422392.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422392.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422393.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422393.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422394.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422394.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Webdor.P Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422395.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422395.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422396.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422396.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422397.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422397.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422398.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422398.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422399.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422399.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422400.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422400.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422401.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422401.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422402.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422402.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422403.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422403.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422404.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422404.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422405.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422405.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422406.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422406.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422407.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422407.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422408.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422408.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422409.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422409.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422410.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422410.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422411.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422411.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422412.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422412.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422413.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422413.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422414.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422414.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422415.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422415.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426571.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426573.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426574.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426607.exe
[DETECTION] Is the Trojan horse TR/Dldr.Tuma.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428515.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428634.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428636.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428637.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428928.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430053.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430053.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430054.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430054.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430055.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430055.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430056.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430056.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430057.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430057.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430058.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430058.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430059.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430059.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430060.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430060.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430061.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430061.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430062.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430062.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430063.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430063.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430064.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430064.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430065.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430065.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430066.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430066.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430067.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430067.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430068.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430068.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430069.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430069.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430070.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430070.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430071.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430071.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430072.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430072.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430073.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430073.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430074.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430074.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430075.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430075.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430076.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430076.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430077.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430077.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430078.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430078.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430079.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430079.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430080.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430080.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430081.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430081.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430082.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430082.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430083.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430083.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430084.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430084.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430085.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430085.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430086.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430086.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430087.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430087.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430088.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430088.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430089.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430089.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430090.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430090.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430091.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430091.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430092.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430092.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430093.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430093.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430094.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430094.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430095.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430095.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430096.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430096.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430097.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430097.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430098.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430098.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430099.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430099.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430100.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430100.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430101.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430101.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430102.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_resto
voilà le report :
Avira AntiVir Personal
Report file date: lundi 19 mai 2008 12:50
Scanning for 1276115 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (plain) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: PARTAGE
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 17/05/2008 19:11:46
ANTIVIR3.VDF : 7.0.4.54 2048 Bytes 17/05/2008 19:11:47
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 18/05/2008 19:12:43
AESCN.DLL : 8.1.0.18 119156 Bytes 18/05/2008 19:12:41
AERDL.DLL : 8.1.0.20 418165 Bytes 18/05/2008 19:12:40
AEPACK.DLL : 8.1.1.5 364918 Bytes 18/05/2008 19:12:33
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 18/05/2008 19:12:27
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 18/05/2008 19:12:22
AEHELP.DLL : 8.1.0.14 115063 Bytes 18/05/2008 19:12:03
AEGEN.DLL : 8.1.0.21 303477 Bytes 18/05/2008 19:12:01
AEEMU.DLL : 8.1.0.6 430451 Bytes 18/05/2008 19:11:56
AECORE.DLL : 8.1.0.29 168311 Bytes 18/05/2008 19:11:51
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: d:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Start of the scan: lundi 19 mai 2008 12:50
Starting search for hidden objects.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aavmker4\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMon2\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP\parameters
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123$%&'()*+,-./0123
[INFO] The registry entry is invisible.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi\parameters
[INFO] The registry entry is invisible.
'40171' objects were checked, '14' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
24 processes with 24 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '30' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\RECYCLER\S-1-5-21-1229272821-492894223-839522115-1003\De6.zip
[0] Archive type: ZIP
--> Microsoft_Office_2003_Activation_Crack.exe
[DETECTION] Is the Trojan horse TR/StartPage.NX
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0420871.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0420872.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0421169.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422330.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422330.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422331.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422331.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422332.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422332.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422333.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422333.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422334.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422334.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422335.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422335.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422336.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422336.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422337.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422337.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422338.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422338.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422339.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422339.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422340.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422340.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422341.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422341.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422342.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422342.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422343.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422343.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422344.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422344.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422345.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422345.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422346.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422346.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422347.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422347.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422348.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422348.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422349.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422349.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422350.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422350.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422351.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422351.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422352.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422352.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422353.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422353.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422354.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422354.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422355.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422355.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422356.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422356.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422357.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422357.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422358.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422358.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422359.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422359.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422360.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422360.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422361.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422361.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422362.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422362.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422363.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422363.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422364.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422364.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422365.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422365.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422366.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422366.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422367.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422367.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422368.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422368.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422369.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422369.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422370.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422370.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422371.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422371.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422372.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422372.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422373.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422373.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422374.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422374.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422375.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422375.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422376.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422376.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422377.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422377.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422378.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422378.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422379.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422379.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422380.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422380.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422381.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422381.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422382.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422382.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422383.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422383.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422384.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422384.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422385.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422385.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422386.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422386.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422387.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422387.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422388.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422388.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422389.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422389.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422390.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422390.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422391.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422391.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422392.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422392.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422393.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422393.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422394.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422394.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Webdor.P Backdoor server programs
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422395.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422395.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422396.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422396.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422397.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422397.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422398.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422398.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422399.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422399.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422400.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422400.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422401.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422401.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422402.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422402.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422403.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422403.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422404.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422404.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422405.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422405.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422406.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422406.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422407.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422407.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422408.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422408.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422409.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422409.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422410.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422410.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422411.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422411.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422412.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422412.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422413.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422413.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422414.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422414.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422415.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0422415.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426571.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426573.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426574.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP65\A0426607.exe
[DETECTION] Is the Trojan horse TR/Dldr.Tuma.1
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428515.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428634.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428636.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.CO
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428637.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0428928.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430053.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430053.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430054.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430054.exe
[DETECTION] Contains detection pattern of the worm WORM/W32.Sircam.C
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430055.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430055.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430056.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430056.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430057.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430057.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430058.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430058.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430059.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430059.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430060.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430060.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430061.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430061.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430062.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430062.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430063.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430063.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430064.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430064.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430065.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430065.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430066.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430066.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430067.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430067.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430068.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430068.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430069.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430069.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430070.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430070.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430071.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430071.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430072.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430072.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430073.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430073.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430074.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430074.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430075.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430075.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430076.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430076.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430077.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430077.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430078.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430078.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430079.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430079.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430080.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430080.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430081.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430081.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430082.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430082.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430083.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430083.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430084.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430084.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430085.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430085.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430086.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430086.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430087.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430087.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430088.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430088.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430089.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430089.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430090.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430090.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430091.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430091.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430092.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430092.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430093.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430093.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430094.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430094.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430095.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430095.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430096.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430096.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430097.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430097.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430098.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430098.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430099.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430099.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430100.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430100.exe
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430101.EXE
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430101.EXE
[DETECTION] Contains detection pattern of the Windows virus W32/Bagle.inf
[NOTE] The file was deleted!
C:\System Volume Information\_restore{737B34B1-53DF-4CED-9BE3-092777BB9BB3}\RP67\A0430102.exe
[0] Archive type: HIDDEN
--> FIL\\\?\C:\System Volume Information\_resto
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
19 mai 2008 à 16:06
19 mai 2008 à 16:06
waw tous les virus j'espère que tu les a supprimer ou mis en quarantaine
télécharge hijackthis fais un scan et colle moi le log ici
télécharge hijackthis fais un scan et colle moi le log ici
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
19 mai 2008 à 16:08
19 mai 2008 à 16:08
ouais j'ai mis "delete pour tous"
voila mon hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:34, on 19/05/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\System32\drivers\CDAC11BA.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Program Files\Titan Poker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {F4130EE3-524C-45B2-A2DC-185C262809F9} (StachaImpEtq Control) - http://www.chargeur-online.com/ressources-stacha/StachaImpEtqProj1V150.cab
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
voila mon hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:08:34, on 19/05/2008
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\WINDOWS\System32\drivers\CDAC11BA.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Program Files\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - D:\Program Files\Titan Poker\casino.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - D:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://www.stylist4all.com/IE20020716/save/makeover.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {F4130EE3-524C-45B2-A2DC-185C262809F9} (StachaImpEtq Control) - http://www.chargeur-online.com/ressources-stacha/StachaImpEtqProj1V150.cab
O23 - Service: Adobe LM Service - Adobe Systems - D:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - D:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
Utilisateur anonyme
19 mai 2008 à 16:10
19 mai 2008 à 16:10
d'après le rapport tu na plus rien enfin !!
et mes a jour internet explorer
et mes a jour internet explorer
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
19 mai 2008 à 16:13
19 mai 2008 à 16:13
ok!
j'te remercie infiniment!
bonne journée
@+
j'te remercie infiniment!
bonne journée
@+
Utilisateur anonyme
19 mai 2008 à 16:12
19 mai 2008 à 16:12
et mes le service pack 3 de windows xp !!
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
19 mai 2008 à 16:16
19 mai 2008 à 16:16
ça marchera le pack3 sur une version XP piratée?
Utilisateur anonyme
19 mai 2008 à 16:16
19 mai 2008 à 16:16
non
giacomino06
Messages postés
21
Date d'inscription
dimanche 18 mai 2008
Statut
Membre
Dernière intervention
21 mai 2008
19 mai 2008 à 16:17
19 mai 2008 à 16:17
merci,
@+
@+
18 mai 2008 à 20:03
voila le rapport de combofix
ComboFix 08-05-15.3 - jesus 2008-05-18 19:35:45.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.0.1252.1.1036.18.197 [GMT 2:00]
Endroit: D:\Documents and Settings\jesus\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Conditions générales.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Confidentialité.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
D:\Documents and Settings\jesus\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
D:\WINDOWS\system32\_003961_.tmp.dll
D:\WINDOWS\system32\_003962_.tmp.dll
D:\WINDOWS\system32\_003963_.tmp.dll
D:\WINDOWS\system32\_003964_.tmp.dll
D:\WINDOWS\system32\_003971_.tmp.dll
D:\WINDOWS\system32\_003972_.tmp.dll
D:\WINDOWS\system32\_003973_.tmp.dll
D:\WINDOWS\system32\_003974_.tmp.dll
D:\WINDOWS\system32\_003976_.tmp.dll
D:\WINDOWS\system32\_003977_.tmp.dll
D:\WINDOWS\system32\_003980_.tmp.dll
D:\WINDOWS\system32\_003981_.tmp.dll
D:\WINDOWS\system32\_003984_.tmp.dll
D:\WINDOWS\system32\_003985_.tmp.dll
D:\WINDOWS\system32\_003987_.tmp.dll
D:\WINDOWS\system32\_003988_.tmp.dll
D:\WINDOWS\system32\_003990_.tmp.dll
D:\WINDOWS\system32\_003995_.tmp.dll
D:\WINDOWS\system32\_003997_.tmp.dll
D:\WINDOWS\system32\_003998_.tmp.dll
D:\WINDOWS\system32\_004000_.tmp.dll
D:\WINDOWS\system32\_004002_.tmp.dll
D:\WINDOWS\system32\_004003_.tmp.dll
D:\WINDOWS\system32\_004004_.tmp.dll
D:\WINDOWS\system32\_004005_.tmp.dll
D:\WINDOWS\system32\_004006_.tmp.dll
D:\WINDOWS\system32\_004009_.tmp.dll
D:\WINDOWS\system32\_004011_.tmp.dll
D:\WINDOWS\system32\_004012_.tmp.dll
D:\WINDOWS\system32\_004013_.tmp.dll
D:\WINDOWS\system32\_004017_.tmp.dll
D:\WINDOWS\system32\dfcaee4_g.dll
D:\WINDOWS\system32\nvs2.inf
d:\WINDOWS\system32\tqnppzzll.dat
d:\windows\system32\tqnppzzll.exe
d:\WINDOWS\system32\tqnppzzll_nav.dat
d:\WINDOWS\system32\tqnppzzll_navps.dat
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_ICF
-------\Service_ICF
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))
.
2008-05-18 19:35 . 2008-05-18 19:35 1,024 --ah----- D:\WINDOWS\system32\config\systemprofile\ntuser.dat.LOG
2008-05-17 17:55 . 2008-05-17 17:55 <REP> d-------- D:\Program Files\Canal
2008-05-17 17:52 . 2008-05-17 17:52 <REP> d-------- D:\Program Files\Fichiers communs\Adobe AIR
2008-05-17 17:51 . 2008-05-17 17:51 <REP> d-------- D:\Program Files\MSXML 6.0
2008-04-24 11:45 . 2004-08-19 16:09 221,184 --a------ D:\WINDOWS\system32\wmpns.dll
2008-04-24 11:41 . 2004-08-19 16:08 97,280 -----c--- D:\WINDOWS\system32\dllcache\dpcdll.dll
2008-04-24 11:40 . 2008-04-24 11:40 <REP> d-------- D:\WINDOWS\provisioning
2008-04-24 11:40 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\peernet
2008-04-24 11:40 . 2004-08-19 16:09 6,656 --a------ D:\WINDOWS\system32\SETFF1.tmp
2008-04-24 11:22 . 2004-08-19 16:09 1,036,288 --a------ D:\WINDOWS\SET4C3.tmp
2008-04-24 11:20 . 2004-08-19 16:09 1,097,728 --a------ D:\WINDOWS\system32\SET3DE.tmp
2008-04-24 11:19 . 2004-08-19 16:09 3,003,392 --a------ D:\WINDOWS\system32\SET32C.tmp
2008-04-24 11:18 . 2004-08-19 16:09 1,723,904 --a------ D:\WINDOWS\system32\SET2DA.tmp
2008-04-24 11:17 . 2004-08-19 16:09 8,440,320 --a------ D:\WINDOWS\system32\SET23A.tmp
2008-04-24 11:16 . 2004-08-19 16:09 731,136 --a------ D:\WINDOWS\system32\SET1D9.tmp
2008-04-24 11:15 . 2004-08-19 16:09 359,936 --a------ D:\WINDOWS\system32\SET194.tmp
2008-04-24 11:08 . 2004-07-17 11:40 19,528 --a------ D:\WINDOWS\[u]0[/u]02461_.tmp
2008-04-24 11:08 . 2004-08-03 22:43 15,872 --a------ D:\WINDOWS\system32\spupdsvc.exe
2008-04-24 11:05 . 2001-08-28 14:00 1,007,616 --------- D:\WINDOWS\system32\dllcache\conf.exe
2008-04-24 11:04 . 2001-08-28 14:00 4,186,256 --------- D:\WINDOWS\system32\dllcache\luna.mst
2008-04-24 11:03 . 2005-05-03 12:58 2,890,240 --a------ D:\WINDOWS\system32\msi.dll
2008-04-24 11:01 . 2001-08-28 14:00 1,985,920 --a------ D:\WINDOWS\system32\ntoskrnl.exe
2008-04-24 11:00 . 2008-04-24 11:46 <REP> d-------- D:\WINDOWS\EHome
2008-04-24 10:00 . 2008-04-24 10:00 1,374 --a------ D:\WINDOWS\imsins.BAK
2008-04-24 09:59 . 2008-04-24 09:59 <REP> d-------- D:\WINDOWS\system32\bits
2008-04-24 09:55 . 2007-07-30 19:19 549,720 --a------ D:\WINDOWS\system32\wuapi.dll
2008-04-24 09:55 . 2007-07-30 19:19 325,976 --a------ D:\WINDOWS\system32\wucltui.dll
2008-04-24 09:55 . 2007-07-30 19:19 216,408 --a------ D:\WINDOWS\system32\wuaucpl.cpl
2008-04-24 09:55 . 2007-07-30 19:19 43,352 --a------ D:\WINDOWS\system32\wups2.dll
2008-04-24 09:55 . 2007-07-30 19:19 38,232 --a------ D:\WINDOWS\system32\wucltui.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 33,624 --a------ D:\WINDOWS\system32\wups.dll
2008-04-24 09:55 . 2007-07-30 19:20 30,040 --a------ D:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-24 09:55 . 2007-07-30 19:19 30,040 --a------ D:\WINDOWS\system32\wuapi.dll.mui
2008-04-24 09:55 . 2007-07-30 19:18 21,336 --a------ D:\WINDOWS\system32\wuaueng.dll.mui
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-18 17:04 --------- d-----w D:\Program Files\eMule
2008-05-18 11:14 --------- d-----w D:\Program Files\Fichiers communs\Adobe
2008-05-18 11:10 --------- d-----w D:\Documents and Settings\jesus\Application Data\AdobeUM
2008-04-14 15:06 --------- d-----w D:\Program Files\Navilog1
2008-04-14 14:54 --------- d-----w D:\Program Files\CCleaner
2008-04-12 11:59 --------- d-----w D:\Program Files\Java
2008-04-10 13:31 --------- d-----w D:\Program Files\Flash Slideshow Maker Professional
2008-04-10 13:31 --------- d-----w D:\Program Files\Color Schemer Studio
2008-04-10 13:30 --------- d-----w D:\Program Files\CleanUp!
2008-03-28 14:35 --------- d-----w D:\Documents and Settings\jesus\Application Data\AlertInfo
2008-03-28 14:28 --------- d-----w D:\Program Files\VS Revo Group
2008-03-27 10:25 81,920 -c--a-w D:\WINDOWS\system32\W32N50.dll
2008-03-27 10:25 17,134 -c--a-w D:\WINDOWS\system32\PCANDIS5.sys
2008-03-26 19:06 --------- d-----w D:\Documents and Settings\jesus\Application Data\Samsung
2008-03-24 13:46 --------- d-----w D:\Program Files\Trend Micro
2008-02-15 18:33 2,293,848 ----a-w D:\Program Files\FLV PlayerFCSetup.exe
2008-01-11 16:08 1,244 ----a-w D:\Documents and Settings\jesus\Application Data\filterclsid.dat
2007-09-01 20:28 261,736 -c--a-w D:\Documents and Settings\jesus\Application Data\GDIPFONTCACHEV1.DAT
2006-05-24 14:43 278,528 -c--a-w D:\Program Files\Fichiers communs\FDEUnInstaller.exe
.
------- Sigcheck -------
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="D:\WINDOWS\System32\NvCpl.dll" [2005-12-10 04:06 7311360]
"nwiz"="nwiz.exe" [2005-12-10 04:06 1519616 D:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="D:\WINDOWS\System32\NvMcTray.dll" [2005-12-10 04:06 86016]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"EoClock"="" []
"NeroFilterCheck"="D:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"EoEngine"="" []
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS\System32\CTFMON.EXE" [2001-08-28 14:00 13312]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= DivXa32.acm
[HKLM\~\startupfolder\D:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=D:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=D:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
--a--c--- 2005-06-07 00:46 57344 D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
D:\Program Files\eoRezo\EoEngine.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKey]
--a------ 2006-03-07 02:32 81920 D:\Program Files\HotKey\hotkey.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-09-26 14:42 267064 D:\Program Files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\itzpgjbhrw]
d:\windows\system32\itzpgjbhrw.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
D:\WINDOWS\system32\dumprep 0 -k
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lhlryrfczq]
d:\windows\system32\lhlryrfczq.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2001-08-02 07:14 1077277 D:\Program Files\Messenger\msmsgs.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-01-19 12:55 5674352 D:\Program Files\MSN Messenger\MsnMsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 D:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-06-29 06:24 286720 D:\Program Files\QuickTime\qttask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
D:\Program Files\Search Settings\SearchSettings.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
--a------ 2007-08-31 16:46 1460560 D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
R1 aswSP;avast! Self Protection;D:\WINDOWS\System32\drivers\aswSP.sys [2008-05-16 01:20]
S3 ss_bus;Samsung Mobile USB Device 1.0 driver (WDM);D:\WINDOWS\System32\DRIVERS\ss_bus.sys [2005-01-24 15:38]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;D:\WINDOWS\System32\DRIVERS\ss_mdfl.sys [2005-01-24 15:38]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;D:\WINDOWS\System32\DRIVERS\ss_mdm.sys [2005-01-24 15:38]
*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-18 19:43:14
Windows 5.1.2600 NTFS
Balayage processus cach‚s ...
Balayage cach‚ autostart entries ...
Balayage des fichiers cach‚s ...
Scan termin‚ avec succŠs
Les fichiers cach‚s: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\wdfmgr.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-18 19:54:05 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-18 17:53:43
Pre-Run: 1,851,797,504 octets libres
Post-Run: 1,820,454,912 octets libres
197