Sujet Précédent Sujet Suivant

Probleme virus, worm et trojan

Résolu/Fermé
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009 - 9 juil. 2008 à 11:35
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009 - 7 août 2008 à 15:46
Bonjour,
Depuis deux jours j'ai un problème dans mon pc, je suis arriver à le scanner en ligne avec active scan sur le site de panda. J'ai eu le message comme quoi j'ai w32/Bagle RR worm et w32/Bagle SP worm et je ne sais pas ce qu'il faut faire pour les supprimer. surtout que mon pc refuse d'installer tout les anti virus. Quelqu'un pourrait il m'aider ?
D'avance merci
Marina
A voir également:

43 réponses

Réponse 1 / 43
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
9 juil. 2008 à 14:44
* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse

___________


colle un rapport hijackthis

http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download

manuel :

https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html


Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.

ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste

Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."




voilà E.T finira

bonne suite
1
Réponse 2 / 43
lecristal Messages postés 961 Date d'inscription samedi 31 mars 2007 Statut Membre Dernière intervention 9 août 2022 18
9 juil. 2008 à 11:40
bonjour

une chose
il ne faut 1 seul anti virus par PC--
pas plus

tu peux faire des scans en ligne
pas de probleme


Malheureusement nous ne vivons plus sur le passé.
Foncés, la vie est si courte.
0
Réponse 3 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 11:52
Je viens de telecharger combofix pour scanner mon pc mais je ne sais plus effectuer aucun fichier .exe. Que dois je faire ?
Marina
0
Réponse 4 / 43
E..T Messages postés 6087 Date d'inscription vendredi 1 février 2008 Statut Contributeur Dernière intervention 3 mars 2024 426
9 juil. 2008 à 11:59
Bonjour tout le monde Marina106
Fais ce qui suit :

* Télécharge MalwareByte's Anti-Malware (by RubbeR DuckY) :

* http://www.commentcamarche.net/telecharger/telecharger 34055379 malwarebyte s anti malware
* Installe le programme sur le bureau :

o S'il manque le fichier COMCTL32.OCX, vous pourrez le télécharger ici

* Faites les mises à jour (clic sur Mises à jour puis Recherche de mises à jour)

* Démarre en mode sans échec

* Lance le MalwareByte's Anti-Malware, cliquez sur Exécuter un examen complet puis Rechercher et sélectionnez tous tes disques durs

* Une fois le scan terminé, cliquez sur supprimer (si un message demande à redémarrer le PC, acceptez !)

* Un rapport sera généré, enregistre le de manière à le retrouver et poste le ici.

@++
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 12:57
J'ai scaner mon pc avec le programme malware et voici le message que je reçois uen fois le scan terminé.
Malwarebytes' Anti-Malware 1.20
Version de la base de données: 933
Windows 5.1.2600 Service Pack 2

12:50:48 9/07/2008
mbam-log-7-9-2008 (12-50-30).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 114907
Temps écoulé: 14 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 329

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Marina\Application Data\m (Trojan.Agent) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Marina\Local Settings\Temp\ginstall.dll (Adware.WebHancer) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1021640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\102843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\103343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1035093.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10351593.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10357156.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10361484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10386375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10390640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10393015.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10414640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10426093.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10466671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10480250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10499843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10507421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10511734.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1051578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10523296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10539406.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10540296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10545609.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10548687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10556421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10560750.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10580125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10581531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10587375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10589984.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10599093.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\10603671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1104484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1108640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\111140.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1119437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1120375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1129218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\114671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1191062.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1209046.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\122250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\122390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\122640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1229734.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\123078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\123171.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1235484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1250125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1255015.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1263671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1273109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\129343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1293609.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1302750.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1334859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1369625.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1372031.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1374250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1378890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1385140.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1394718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1396062.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1414125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1424531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1428640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1436656.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1454843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1457109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1466296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1488031.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\149796.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\153765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1539015.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1550906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1559109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1580250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\165718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1673734.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1694109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1724812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1735046.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1748125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1768875.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1778937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\179265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1794390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\1872265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\205406.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2065781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\209421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2098359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2176968.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2265812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2317078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2571484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2577375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2580375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2613125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2620937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\266718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2697250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\273765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\278359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2788421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2793390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2796578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2799515.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2803359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\280578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2828953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2833703.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\283453.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2837218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2839390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2841531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2872109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2878031.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\288000.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2882843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2893562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\291312.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2914984.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\294187.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2945109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2945437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2964640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2983890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2988718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\2998953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3014125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3047656.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3055000.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\306625.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\313953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\321453.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\321781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3226468.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\325421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3263734.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\328515.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\332203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\339453.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3400234.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3407390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3411203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\344093.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3442109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3448625.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3452703.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3482078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3488796.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3492906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\352109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3524656.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\353296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\354578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\357890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3579484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3588781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3598796.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3619718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\362437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3635265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3658437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\369718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\370859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\373343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\375343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\378859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\380125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\381343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\381390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\383515.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\383812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\386906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\392484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\393812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\393828.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\394562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3974562.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3981312.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\3984218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4010953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4011640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4017843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4020125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\402765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4055125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4060390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4062468.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\408484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4092296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4098328.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4100078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4134343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\414296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\4146250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\416078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\419578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\422015.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\422578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\429343.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\441953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\443625.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\455078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\459218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\462359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\462406.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\467250.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\476921.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\477593.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\480000.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\481546.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\482078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\489484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5197859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\520937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5214875.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5219390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5226421.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5242656.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\526812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\529046.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\533953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\547312.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\563453.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\565890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\579484.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\5907390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\605843.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\60890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\61296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\62218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6235437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\62812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\63062.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6358265.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6394203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\63953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\64750.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\65687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\65703.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\66109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\66625.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6684531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\66906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6694359.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\6728109.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\68812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\69640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\70406.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\71062.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\71140.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\71171.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\73531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\73953.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\74218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7530531.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7539046.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7552375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7557968.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7576890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7615828.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7647781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7727765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\77375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\77765.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\778671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\78078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\788968.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\791203.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7922234.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\7939687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\80234.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\805890.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\815437.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\81671.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\819125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\82640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\827125.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\83468.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\835812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\83718.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\847640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\861937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\86921.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8732078.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8737500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8742546.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8771781.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8779171.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8781375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8786812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8801375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8814968.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\881500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8818015.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\882281.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\8828375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\89703.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\899859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\94375.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\961687.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9823093.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9828968.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9832390.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9841171.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9846468.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\98640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9864218.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9867640.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9871578.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9881812.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9888906.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9904296.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9909984.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9912500.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9921937.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\9928859.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\downld\99578.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Marina\Application Data\m\data.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Marina\Application Data\m\list.oct (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Marina\Application Data\m\srvlist.oct (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> No action taken.
C:\WINDOWS\system32\mdelk.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\wintems.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> No action taken.
C:\Documents and Settings\Marina\Application Data\m\flec006.exe (Trojan.Agent) -> No action taken.
Merci pour l'aide
Marina
0
Réponse 6 / 43
E..T Messages postés 6087 Date d'inscription vendredi 1 février 2008 Statut Contributeur Dernière intervention 3 mars 2024 426
9 juil. 2008 à 13:00
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 329

Il y a du boulot ;-)

Je prépare la suite !
@++
0
lecristal Messages postés 961 Date d'inscription samedi 31 mars 2007 Statut Membre Dernière intervention 9 août 2022 18
9 juil. 2008 à 13:01
+1 avec ET
0
Réponse 7 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 13:27
Voici l'autre message ue j'obtiens après avoir supprimés les fichiers infectés. J'ai essayé de réinstallé un programme anti virus mais c'est impossible.


Malwarebytes' Anti-Malware 1.20
Version de la base de données: 933
Windows 5.1.2600 Service Pack 2

13:00:32 9/07/2008
mbam-log-7-9-2008 (13-00-32).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 114907
Temps écoulé: 14 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 329

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{4937d5d1-2039-409a-bd83-fec9b39b2356} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{caf9d798-c659-4b9b-8e19-ee27c3d04ee7} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\bhonew.bho.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marina\Application Data\m (Trojan.Agent) -> Delete on reboot.

Fichier(s) infecté(s):
C:\Documents and Settings\Marina\Local Settings\Temp\ginstall.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1021640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\102843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\103343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1035093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10351593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10357156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10361484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10386375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10390640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10393015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10414640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10426093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10466671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10480250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10499843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10507421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10511734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1051578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10523296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10539406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10540296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10545609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10548687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10556421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10560750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10580125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10581531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10587375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10589984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10599093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\10603671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1104484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1108640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\111140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1119437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1120375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1129218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\114671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1191062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1209046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\122250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\122390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\122640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1229734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\123078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\123171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1235484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1250125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1255015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1263671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1273109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\129343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1293609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1302750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1334859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1369625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1372031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1374250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1378890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1385140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1394718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1396062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1414125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1424531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1428640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1436656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1454843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1457109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1466296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1488031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\149796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\153765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1539015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1550906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1559109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1580250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\165718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1673734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1694109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1724812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1735046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1748125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1768875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1778937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\179265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1794390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\1872265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\205406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2065781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\209421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2098359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2176968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2265812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2317078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2571484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2577375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2580375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2613125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2620937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\266718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2697250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\273765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\278359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2788421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2793390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2796578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2799515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2803359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\280578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2828953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2833703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\283453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2837218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2839390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2841531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2872109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2878031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\288000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2882843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2893562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\291312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2914984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\294187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2945109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2945437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2964640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2983890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2988718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\2998953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3014125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3047656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3055000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\306625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\313953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\321453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\321781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3226468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\325421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3263734.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\328515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\332203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\339453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3400234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3407390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3411203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\344093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3442109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3448625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3452703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3482078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3488796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3492906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\352109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3524656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\353296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\354578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\357890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3579484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3588781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3598796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3619718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\362437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3635265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3658437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\369718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\370859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\373343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\375343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\378859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\380125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\381343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\381390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\383515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\383812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\386906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\392484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\393812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\393828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\394562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3974562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3981312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\3984218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4010953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4011640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4017843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4020125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\402765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4055125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4060390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4062468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\408484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4092296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4098328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4100078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4134343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\414296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\4146250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\416078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\419578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\422015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\422578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\429343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\441953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\443625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\455078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\459218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\462359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\462406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\467250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\476921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\477593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\480000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\481546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\482078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\489484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5197859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\520937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5214875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5219390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5226421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5242656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\526812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\529046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\533953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\547312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\563453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\565890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\579484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\5907390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\605843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\60890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\61296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\62218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6235437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\62812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\63062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6358265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6394203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\63953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\64750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\65687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\65703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\66109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\66625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6684531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\66906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6694359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\6728109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\68812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\69640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\70406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\71062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\71140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\71171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\73531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\73953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\74218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7530531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7539046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7552375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7557968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7576890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7615828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7647781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7727765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\77375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\77765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\778671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\78078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\788968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\791203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7922234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\7939687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\80234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\805890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\815437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\81671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\819125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\82640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\827125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\83468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\835812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\83718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\847640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\861937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\86921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8732078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8737500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8742546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8771781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8779171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8781375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8786812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8801375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8814968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\881500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8818015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\882281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\8828375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\89703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\899859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\94375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\961687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9823093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9828968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9832390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9841171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9846468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\98640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9864218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9867640.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9871578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9881812.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9888906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9904296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9909984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9912500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9921937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\9928859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\downld\99578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marina\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marina\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Marina\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\srosa.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mdelk.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\drivers\hldrrr.exe (Rootkit.Agent) -> Delete on reboot.
C:\Documents and Settings\Marina\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
Merci
A+
0
Réponse 8 / 43
E..T Messages postés 6087 Date d'inscription vendredi 1 février 2008 Statut Contributeur Dernière intervention 3 mars 2024 426
9 juil. 2008 à 13:50
Désoler marina je dois partir ;-)
On voit ça se soir et ne fais rien si tu n'es pas sur !!
@++
0
Réponse 9 / 43
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
9 juil. 2008 à 14:08
slt,pour avancer E.T





Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

-----------


* Téléchargez ELIBAGLA en bas de cette page http://www.zonavirus.com/datos/descargas/95/elibagla.asp
* Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, placez le sur votre bureau.
* Double-cliquez dessus pour l'ouvrir
* Assurez-vous que dans le menu déroulant Unidad, vous avez bien C:\
* Vérifiquez aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente est bien cochée
* Cliquez sur le bouton Explorar pour lancer l'analyse
0
Réponse 10 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 14:42
J'ai installé combofix et voici le rapport

ComboFix 08-07-08.7 - Marina 2008-07-09 14:29:30.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1653 [GMT 2:00]
Endroit: C:\Documents and Settings\Marina\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\drivers\mdelk.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Service_srosa


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-06-09 to 2008-07-09 ))))))))))))))))))))))))))))))))))))
.

2008-07-09 14:23 . 2008-07-09 14:23 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2008-07-09 14:09 . 2008-07-09 14:09 <REP> d-------- C:\Program Files\ESET
2008-07-09 12:26 . 2008-07-09 12:26 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-07-09 12:26 . 2008-07-09 12:26 <REP> d-------- C:\Documents and Settings\Marina\Application Data\Malwarebytes
2008-07-09 12:26 . 2008-07-09 12:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-09 12:26 . 2008-07-07 17:35 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-07-09 12:26 . 2008-07-07 17:35 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-07-09 10:24 . 2008-07-09 10:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-07-09 10:10 . 2008-07-09 10:10 <REP> d-------- C:\Documents and Settings\Marina\Application Data\AVGTOOLBAR
2008-07-09 10:09 . 2008-07-09 10:09 <REP> d-------- C:\Program Files\AVG
2008-07-09 10:09 . 2008-07-09 10:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-07-09 10:09 . 2008-07-09 10:09 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll
2008-07-09 10:09 . 2008-07-09 10:09 23,296 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-07-08 20:18 . 2008-07-08 21:30 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2008-07-08 20:11 . 2008-07-08 20:11 <REP> d-------- C:\Program Files\BillP Studios
2008-07-08 20:11 . 2008-07-08 20:11 <REP> d-------- C:\Documents and Settings\Marina\Application Data\WinPatrol
2008-07-08 18:28 . 2008-07-08 18:28 <REP> d-------- C:\WINDOWS\Vbox
2008-07-08 18:28 . 2008-07-08 18:28 <REP> d-------- C:\WINDOWS\avxoscan
2008-07-08 18:28 . 2008-07-08 18:28 <REP> d-------- C:\Program Files\Symantec
2008-07-08 16:11 . 2008-07-08 18:29 <REP> d-------- C:\Program Files\Fichiers communs\Symantec Shared
2008-07-08 15:37 . 2008-07-08 18:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2008-07-08 12:04 . 2008-07-08 18:28 <REP> d-------- C:\Program Files\XoftSpy
2008-07-08 11:42 . 2008-07-08 11:42 2,994,176 --a------ C:\WINDOWS\autodll.dll
2008-07-07 20:46 . 2008-06-19 17:24 28,544 --a------ C:\WINDOWS\system32\drivers\pavboot.sys
2008-07-07 20:45 . 2008-07-07 20:45 <REP> d-------- C:\Program Files\Panda Security
2008-07-07 19:38 . 2008-07-07 19:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ParetoLogic Anti-Spyware
2008-07-07 12:42 . 2008-07-07 12:42 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-07-07 11:03 . 2008-07-09 13:28 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-07-07 10:13 . 2008-07-07 10:13 <REP> d-------- C:\Clear Voice
2008-06-30 12:51 . 2008-06-30 12:51 <REP> d-------- C:\Program Files\Audacity
2008-06-28 11:52 . 2008-06-28 11:52 <REP> d-------- C:\Program Files\Oxemis
2008-06-28 11:46 . 2008-06-28 11:46 <REP> d-------- C:\Program Files\Oxilog
2008-06-25 11:28 . 2008-06-25 11:32 <REP> d-------- C:\Program Files\coolpro2
2008-06-25 11:12 . 2008-06-25 11:12 <REP> d-------- C:\Documents and Settings\Marina\Application Data\Sony
2008-06-25 11:11 . 2008-06-25 11:11 <REP> d-------- C:\Program Files\Sony Setup
2008-06-25 11:11 . 2001-10-19 15:40 665,424 --a------ C:\WINDOWS\system32\wmv8dmoe.dll
2008-06-25 11:11 . 2002-10-09 13:21 566,272 --a------ C:\WINDOWS\system32\wmvdmoe.dll
2008-06-25 11:11 . 2001-10-19 15:40 438,608 --a------ C:\WINDOWS\system32\wmv8dmod.dll
2008-06-25 11:11 . 2001-10-19 03:05 285,184 --a------ C:\WINDOWS\system32\wmidx2.ocx
2008-06-25 11:11 . 2008-06-25 11:11 156,910 --a------ C:\WINDOWS\WMSysPr8.prx
2008-06-25 11:05 . 2008-06-25 11:05 29 --a------ C:\WINDOWS\wordpad.ini
2008-06-25 11:04 . 2008-06-25 11:30 <REP> d-------- C:\Documents and Settings\Marina\Application Data\Syntrillium
2008-06-25 11:03 . 2008-06-25 11:24 <REP> d-------- C:\Program Files\Cool2000
2008-06-14 17:59 . 2008-06-14 19:59 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-09 08:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-08 16:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 13:26 --------- d-----w C:\Program Files\eMule
2008-07-05 21:01 196,608 ----a-w C:\WINDOWS\system32\drivers\nStandard.bin
2008-06-29 11:35 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-06-25 09:11 --------- d-----w C:\Program Files\Sony
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\drivers\bthport.sys
2002-08-30 12:00 520,192 --sha-w C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 10:42 202088]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 15:34 868352]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 18:43 8466432]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 18:43 81920]
"ASUSGamerOSD"="C:\Program Files\ASUS\GamerOSD\GamerOSD.exe" [2007-07-12 11:03 380928]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-02-02 13:25 98304]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-03-11 08:08 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg30.dll
"VIDC.PIM1"= pclepim1.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\RM.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\Studio.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\PMSRegisterFile.exe"=
"C:\\Program Files\\Pinnacle\\Studio 10\\programs\\umi.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\messenger\\msmsgs.exe"=

R0 pavboot;pavboot;C:\WINDOWS\system32\drivers\pavboot.sys [2008-06-19 17:24]
R3 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb.sys [2007-07-12 11:03]
R3 P1120VID;Creative WebCam NX Ultra;C:\WINDOWS\system32\DRIVERS\P1120Vid.sys [2004-01-12 10:51]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 09:30]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2007-07-12 11:03]
S3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-07-09 10:09]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-07-09 10:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c636185b-e21e-11dc-b887-0015af3ed329}]
\Shell\AutoRun\command - F:\InstallTomTomHOME.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-07-08 16:00:00 C:\WINDOWS\Tasks\Pareto UNS.job"
- C:\Program Files\Fichiers communs\ParetoLogic\UUS\UUS.dll\Pareto_Update.exe
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-DU Meter - C:\WINDOWS\system32\DUMeter.exe
HKCU-Run-swg - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
HKLM-Run-PCLEUSBTip - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
HKLM-Run-egui - C:\Program Files\ESET\ESET Smart Security\egui.exe


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-09 14:32:35
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wbem\wmiadap.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-07-09 14:37:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-07-09 12:37:20

Pre-Run: 62,279,061,504 octets libres
Post-Run: 64,563,433,472 octets libres

153 --- E O F --- 2008-06-22 14:54:39
Merci
0
Réponse 11 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 15:13
Voici le rapport du programme
Logfile of HijackThis v1.99.1
Scan saved at 15:10:38, on 9/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
J'attends pour la suite. Merci, sans votre aide je serais vraiment perdue
Marina
0
Réponse 12 / 43
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
9 juil. 2008 à 15:19
colle aussi le rapport elibaga

et reinstalle ton antivirus et dis nous si il fonctionne

bonne suite avec E.T
0
Réponse 13 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 15:23
Voici l'autre rapport
Wed Jul 09 14:48:41 2008
EliBagle v11.57 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Wed Jul 09 14:49:06 2008
EliBagle v11.57 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\MDELK.EXE.VIR --> Eliminado Bagle.dldr

Nº Total de Directorios: 4694
Nº Total de Ficheros: 63965
Nº de Ficheros Analizados: 11755
Nº de Ficheros Infectados: 1
Nº de Ficheros Limpiados: 1

Wed Jul 09 14:54:30 2008
EliBagle v11.57 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):

Wed Jul 09 14:54:35 2008
EliBagle v11.57 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 8 de Julio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 4694
Nº Total de Ficheros: 63894
Nº de Ficheros Analizados: 11754
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Je réinstalle maintenant un anti virus
a+
Marina
0
Réponse 14 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
9 juil. 2008 à 15:42
Voilà, j'ai enfin réinstallé un anti virus. J'ai mis nod32 mais je ne sais pas si c'est un bon programme. Le principal c'est que mon pc est protégé de nouveau contre les virus. Suite au rapport de hijack est ce que je dois encore supprimer des fichiers ?
Merci à tout ceux qui m'ont aidé pour ce problème
A tout de suite
Marina
0
Réponse 15 / 43
E..T Messages postés 6087 Date d'inscription vendredi 1 février 2008 Statut Contributeur Dernière intervention 3 mars 2024 426
10 juil. 2008 à 11:03
Salut,
Poste un log hijack pour voir ou ça en est ;-)
A plus
0
Réponse 16 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
10 juil. 2008 à 11:10
salut
Je viens juste de démarrer mon pc. HIer j'avais installé nod32 comme antivirus mais j'ai dû le désinstaller, le programme déconnait à chaque démarrage de pc, je viens d'installer bitdefender. Je fais le nécessaire pour le hijack.
A tout de suite
A+
0
Réponse 17 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
10 juil. 2008 à 11:31
Salut
Voici le résultat du hijack

Logfile of HijackThis v1.99.1
Scan saved at 11:29, on 2008-07-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Qu'est ce que je dois faire ?
A+
0
Réponse 18 / 43
E..T Messages postés 6087 Date d'inscription vendredi 1 février 2008 Statut Contributeur Dernière intervention 3 mars 2024 426
10 juil. 2008 à 11:44
Refais un scan avec malewarebyte's et poste le.

oh ta version hijack n'est pas bonne !
Désinstalle l'ancienne et Clique sur ce lien
http://www.trendsecure.com/portal/en-US/threat_analytics/HJTInstall.exe
pour télécharger le fichier d'installation d'HijackThis.

Scan avec malewarebyte's et ensuite
Repost un log hijack avec la bonne version
@+
0
Réponse 19 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
10 juil. 2008 à 11:55
Voici le resultat du hijack. Pour le moment je scanne avec malwarebyte's
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53, on 2008-07-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender9\vsserv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Softwin\BitDefender9\bdmcon.exe
C:\Program Files\Softwin\BitDefender9\bdoesrv.exe
C:\program files\softwin\bitdefender9\bdnagent.exe
C:\Program Files\Softwin\BitDefender9\bdswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fwww.msn.be%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ASUSGamerOSD] C:\Program Files\ASUS\GamerOSD\GamerOSD.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"
O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender9\bdnagent.exe"
O4 - HKLM\..\Run: [BDSwitchAgent] "C:\Program Files\Softwin\BitDefender9\bdswitch.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.zebulon.fr/scan8/oscan8.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner371420.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe (file missing)
O23 - Service: Eset Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender9\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
0
Réponse 20 / 43
Marina106 Messages postés 31 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 2 avril 2009
10 juil. 2008 à 11:59
Voici le resultat deu scan.
Malwarebytes' Anti-Malware 1.20
Version de la base de données: 933
Windows 5.1.2600 Service Pack 2

11:58:55 2008-07-10
mbam-log-7-10-2008 (11-58-55).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 113847
Temps écoulé: 24 minute(s), 7 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
A tout de suite
0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Comment supprimer le virus Trojan
vitsou -
vitsou -

18 réponses
Aide pour un virus
cerise92700 -
MisteryBean -

41 réponses
Trojan impossible à supprimer!
Gridouu -
Malekal_morte- -

12 réponses