Se connecter / S'enregistrer
Votre question

rapport elibagle un peu d'aide svp?[résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Avril 2008 09:52:47

bonjour,
voilà mon problème : mon antivirus ne marche plus et impossible d'en installer un nouveau : il me dit ***.exe n'est pas une application win 32 valide. et ça pour toute nouvelle application que j'essaye de mettre. j'ai juste réussi à mettre un parfeu! !

j'ai téléchargé elibagle et j'ai essayé de scanner mais il a fait qu'un tit bout avant de planter
voici le rapport :

Wed Apr 16 09:22:17 2008
EliBagle v11.26 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\EDWIGE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\EDWIGE\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle

Wed Apr 16 09:22:59 2008
EliBagle v11.26 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
C:\DOCUMENTS AND SETTINGS\EDWIGE\APPLICATION DATA\M\FLEC006.EXE --> Bagle Acceso Denegado.


si quelque'un pouvait me donner un coup de main svp

de plus mon ordi ne veut plus ouvrir les clés usb, il les détecte mais veut les formater ...et ne lit plus les cd...

je dois etre trufée de virus faut vite que je mette un antivirus mais ça marche pas

merci d'avance pour votre aide

Autres pages sur : rapport elibagle aide svp resolu

16 Avril 2008 10:56:25

Bonjour,

On va régler tout ça mais ne prends pas d'initiatives personnelles et suis à la lettre mes instructions ;) 

Citation :
Infection BAGLE


Si tu es sous Vista, désactive l'uac : http://bibou0007.com/tutos-f45/tutorial-desactiver-l-ua...

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : http://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

;) 
16 Avril 2008 13:32:45

re bonjour,
petite info j'ai windows XP pro

j'ai fait le scan, voici le résultat

ComboFix 08-04-15.4 - Edwige 2008-04-16 11:41:56.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.135 [GMT 2:00]
Endroit: C:\Documents and Settings\Edwige\Bureau\killbagle.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Chritiane\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\Edwige\Application Data\m\shared
C:\Documents and Settings\Edwige\Application Data\m\shared\[LiveStream].kaspersky.ver.6.keygen.16.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\3D_Realistic_Fireplace_Screen_Saver_2.3.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\AbsoluteControl_1.72.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\AceKeyboard_1.00_With_Crack.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Aces_Omaha_-_No_Limit_1.3.8.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Active_Config_1.0_(Patch).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Adorage_for_Movie_Maker_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\AFlashTop_1.00.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Amigos_Spanish_4.6.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Ancestral_Author_2.6_Crack.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Atrise_ToTXT_1.0.1_(With_Crack).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\AudioIndex_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Avex_DVD_to_PSP_Video_Suite_4_build_05.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\avg.AntiSpyware-setup-7.5.0.50.+.crak.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Backup_Outlook_Express_2.0_Cracked.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Base_Feeder_for_Recipes_3.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Bill_Serial_Port_Monitor_3.0T.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Butterflied_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Complete_Macbeth_Interactive_1.1_(Key+Serial).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Complex_Shift_Schedules_for_25_People_6.31.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\ControlCenter_1.5.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Cool_Audio_Extractor_1.26.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Create_Message_Pro_1.00_Cracked.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Cryptus_2005_9.2.0.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\CSD_The_Librarian_1.020_Alpha.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Cyclone_Photo_Album_2.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DB_Comparer_2006_for_SQL_Server_2.1.0.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DBComp_1.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DBScripter_for_Oracle_1.13.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DFX_for_Winamp_7.5.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Divnine_Divinity_Living_Dead_movie.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Dobry_Backuper_1.5_v154.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DockStudioXP_2.1.0.144.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Draw_Pad_0.8.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\DriveImage_XML_1.21.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\E-book_Microsoft_Excel_XP_(Spanish)_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\eSpace_Analyst_2.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Event_Monitoring_1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Ewido.Anti-Spyware.v4.0.0.172c_Patch.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Extreme_Thumbnail_Generator_1.9.1.5_Cracked.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\EZ_Backup_Outlook_Pro_4.7_(Key).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\FileFilter_2.194.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Fingerfox_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Flanker_demo_2.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0_[Cracked].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\FlashMath_1.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\GoBinder_2006.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\GOTE_Screen_Capture_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Great_Feng_Shui_1.0.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Hard_Drive_Mechanic_1.0_Serial.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Hot_Video_to_iPod_Converter_2.0_Crack.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\I-TV++_Platinium_1.4.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Infinity_1.3.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Interest_1.01.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\JetDat_2.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Kr4ck3r_II_2.0.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Launcher_2.5.6.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\LcCartas_(French)_3.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\lcsutil_3.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Linguata_Bulgarian_4.6.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Ma_Tirelire_1.0.7.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Magic_Notes_3.4.0.7142_[Key].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Manycam_2.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\MatrixSolver_1.0.8.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\MB_Free_Life_Path_Period_Number_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\MH_Password_Generator_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Micro_C_68HC16_Development_System_2.16l.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Minisebran_1.10.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Movie_Player_ActiveX_Control_2.5_[Serial].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\MSN_Snatcher_1.3.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Multi_Web_Search_Toolbar_4.5.122.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Natural_Fat_Loss_2.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Nicole_The_Desktop_Singer_1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Ordix_Aviser_2.10_Serial.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\OZ_Postcode_4.2.4_Key+Serial.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Paper_Grains_Collection_1.0.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Paraben's_SIM_Card_Seizure_1.0.2599.33141.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Physics_Mechanics_Labs_2.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Pi_Saver_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Pics_Print_3.14.1.416.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Picture_of_the_Day_1.3.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Postscript_to_Text_Converter_2.0_(Key+Serial).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Power_Equipment_1.03_(With_Crack).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Progress_Planner_Professional_1.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Puzzle_Championship_Scenic_Edition_1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\QuoteWerks_Corporate_Edition_4.0_build_22_Serial.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Synth_2.5.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Remote_Installer_1.3.78.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\RemoteIE_2.5.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Remove_Windows_Messenger_1.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Roller_0.47.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\RssDownloader_1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Secret_Messenger_2.1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Senlab_2.0.1.8.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\SID_Mixer_InDepth_1.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\SMURLLabel_component.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Speed_Video_Converter_3.0.25.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\SpicyByte_Screensaver_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\spinnSaucer_0.8.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\SprinN_Lite_eng_3.0_[Crack].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Stipple_Studio_2.2.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\StylePad_1.4.2_[Key].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Survivor_Parody_Screensaver_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Symantec.Norton.Regcleaner.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\TheAstrologer2Go_1.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Theophilos_3.1.6.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Tiny_Message_1.2_[KeyGen].zip
C:\Documents and Settings\Edwige\Application Data\m\shared\TradeBuilder_Professional_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\UltimateDefrag_1.27.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Universal_Software_Oscilloscope_Library_1.0.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\USB_Vault_1.02.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\V_The_File_Viewer_2002.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\VCL_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Website_Image_Extractor_2.0_(Cracked).zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Word_Seeker_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\World_Population_1.0.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\WriteEZ_1.73.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\X-Win32_8.0.2122.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\XP_Registry_Cleaner_2.05.zip
C:\Documents and Settings\Edwige\Application Data\m\shared\Z100_Portland_Radio_JL_1.0.zip
C:\Documents and Settings\Edwige\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\Edwige\new.txt
C:\Documents and Settings\Patrick\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\14562609.exe
C:\WINDOWS\system32\drivers\down\14596375.exe
C:\WINDOWS\system32\drivers\down\14606265.exe
C:\WINDOWS\system32\drivers\down\14617859.exe
C:\WINDOWS\system32\drivers\down\14618046.exe
C:\WINDOWS\system32\drivers\down\14685687.exe
C:\WINDOWS\system32\drivers\down\14689250.exe
C:\WINDOWS\system32\drivers\down\14699609.exe
C:\WINDOWS\system32\drivers\down\14720125.exe
C:\WINDOWS\system32\drivers\down\14731156.exe
C:\WINDOWS\system32\drivers\down\14740109.exe
C:\WINDOWS\system32\drivers\down\14748593.exe
C:\WINDOWS\system32\drivers\down\14750812.exe
C:\WINDOWS\system32\drivers\down\14775046.exe
C:\WINDOWS\system32\drivers\down\14777468.exe
C:\WINDOWS\system32\drivers\down\14788578.exe
C:\WINDOWS\system32\drivers\down\14792859.exe
C:\WINDOWS\system32\drivers\down\14796843.exe
C:\WINDOWS\system32\drivers\down\14803765.exe
C:\WINDOWS\system32\drivers\down\14811906.exe
C:\WINDOWS\system32\drivers\down\14814421.exe
C:\WINDOWS\system32\drivers\down\14826906.exe
C:\WINDOWS\system32\drivers\down\14858718.exe
C:\WINDOWS\system32\drivers\down\14864171.exe
C:\WINDOWS\system32\drivers\down\14868296.exe
C:\WINDOWS\system32\drivers\down\14883078.exe
C:\WINDOWS\system32\drivers\down\14970890.exe
C:\WINDOWS\system32\drivers\down\14977734.exe
C:\WINDOWS\system32\drivers\down\15040796.exe
C:\WINDOWS\system32\drivers\down\15079437.exe
C:\WINDOWS\system32\drivers\down\15088000.exe
C:\WINDOWS\system32\drivers\down\15094140.exe
C:\WINDOWS\system32\drivers\down\15100718.exe
C:\WINDOWS\system32\drivers\down\15117562.exe
C:\WINDOWS\system32\drivers\down\15135453.exe
C:\WINDOWS\system32\drivers\down\15162203.exe
C:\WINDOWS\system32\drivers\down\15169062.exe
C:\WINDOWS\system32\drivers\down\15205406.exe
C:\WINDOWS\system32\drivers\down\15215671.exe
C:\WINDOWS\system32\drivers\down\15245687.exe
C:\WINDOWS\system32\drivers\down\15261046.exe
C:\WINDOWS\system32\drivers\down\15275218.exe
C:\WINDOWS\system32\drivers\down\15308000.exe
C:\WINDOWS\system32\drivers\down\15322562.exe
C:\WINDOWS\system32\drivers\down\15349234.exe
C:\WINDOWS\system32\drivers\down\15366421.exe
C:\WINDOWS\system32\drivers\down\15400531.exe
C:\WINDOWS\system32\drivers\down\15405656.exe
C:\WINDOWS\system32\drivers\down\15418046.exe
C:\WINDOWS\system32\drivers\down\15426453.exe
C:\WINDOWS\system32\drivers\down\15431406.exe
C:\WINDOWS\system32\drivers\down\15449328.exe
C:\WINDOWS\system32\drivers\down\15505390.exe
C:\WINDOWS\system32\drivers\down\15530031.exe
C:\WINDOWS\system32\drivers\down\15531328.exe
C:\WINDOWS\system32\drivers\down\15583812.exe
C:\WINDOWS\system32\drivers\down\15638390.exe
C:\WINDOWS\system32\drivers\down\15697468.exe
C:\WINDOWS\system32\drivers\down\17364250.exe
C:\WINDOWS\system32\drivers\down\17372578.exe
C:\WINDOWS\system32\drivers\down\17386515.exe
C:\WINDOWS\system32\drivers\down\17420296.exe
C:\WINDOWS\system32\drivers\down\17428562.exe
C:\WINDOWS\system32\drivers\down\17441843.exe
C:\WINDOWS\system32\drivers\down\17453531.exe
C:\WINDOWS\system32\drivers\down\17458453.exe
C:\WINDOWS\system32\drivers\down\17481656.exe
C:\WINDOWS\system32\drivers\down\17492750.exe
C:\WINDOWS\system32\drivers\down\17495906.exe
C:\WINDOWS\system32\drivers\down\17506703.exe
C:\WINDOWS\system32\drivers\down\17532750.exe
C:\WINDOWS\system32\drivers\down\17568968.exe
C:\WINDOWS\system32\drivers\down\17572015.exe
C:\WINDOWS\system32\drivers\down\29739281.exe
C:\WINDOWS\system32\drivers\down\30258031.exe
C:\WINDOWS\system32\drivers\down\30263687.exe
C:\WINDOWS\system32\drivers\down\30300968.exe
C:\WINDOWS\system32\drivers\down\30418671.exe
C:\WINDOWS\system32\drivers\down\30465765.exe
C:\WINDOWS\system32\drivers\down\30479140.exe
C:\WINDOWS\system32\drivers\down\30522812.exe
C:\WINDOWS\system32\drivers\down\30524906.exe
C:\WINDOWS\system32\drivers\down\30587625.exe
C:\WINDOWS\system32\drivers\down\30609984.exe
C:\WINDOWS\system32\drivers\down\30671125.exe
C:\WINDOWS\system32\drivers\down\30671140.exe
C:\WINDOWS\system32\drivers\down\30714906.exe
C:\WINDOWS\system32\drivers\down\30728093.exe
C:\WINDOWS\system32\drivers\down\30728390.exe
C:\WINDOWS\system32\drivers\down\30760843.exe
C:\WINDOWS\system32\drivers\down\30767359.exe
C:\WINDOWS\system32\drivers\down\30789250.exe
C:\WINDOWS\system32\drivers\down\30807453.exe
C:\WINDOWS\system32\drivers\down\30845140.exe
C:\WINDOWS\system32\drivers\down\30877921.exe
C:\WINDOWS\system32\drivers\down\30906500.exe
C:\WINDOWS\system32\drivers\down\30910421.exe
C:\WINDOWS\system32\drivers\down\30914031.exe
C:\WINDOWS\system32\drivers\down\30917859.exe
C:\WINDOWS\system32\drivers\down\30922062.exe
C:\WINDOWS\system32\drivers\down\30945171.exe
C:\WINDOWS\system32\drivers\down\30954156.exe
C:\WINDOWS\system32\drivers\down\31034640.exe
C:\WINDOWS\system32\drivers\down\31074453.exe
C:\WINDOWS\system32\drivers\down\35547562.exe
C:\WINDOWS\system32\drivers\down\35566546.exe
C:\WINDOWS\system32\drivers\down\35570921.exe
C:\WINDOWS\system32\drivers\down\35596687.exe
C:\WINDOWS\system32\drivers\down\35606984.exe
C:\WINDOWS\system32\drivers\down\35636015.exe
C:\WINDOWS\system32\drivers\down\35637484.exe
C:\WINDOWS\system32\drivers\down\35647640.exe
C:\WINDOWS\system32\drivers\down\35652000.exe
C:\WINDOWS\system32\drivers\down\35655937.exe
C:\WINDOWS\system32\drivers\down\35659796.exe
C:\WINDOWS\system32\drivers\down\35674000.exe
C:\WINDOWS\system32\drivers\down\35700250.exe
C:\WINDOWS\system32\drivers\down\35702859.exe
C:\WINDOWS\system32\drivers\down\35707000.exe
C:\WINDOWS\system32\drivers\down\35711078.exe
C:\WINDOWS\system32\drivers\down\35721453.exe
C:\WINDOWS\system32\drivers\down\35727593.exe
C:\WINDOWS\system32\drivers\down\35769421.exe
C:\WINDOWS\system32\drivers\down\35786796.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Service_srosa


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-16 to 2008-04-16 ))))))))))))))))))))))))))))))))))))
.

2008-04-15 17:29 . 2008-03-29 19:23 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-04-15 17:29 . 2008-03-29 19:35 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-04-15 17:29 . 2008-01-17 17:34 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-04-15 17:29 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-15 17:29 . 2008-03-29 19:27 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-04-15 17:29 . 2008-03-29 19:26 26,944 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-04-15 17:29 . 2008-03-29 19:29 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-04-15 17:29 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-04-15 17:28 . 2008-03-29 19:45 1,146,232 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-04-15 17:28 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-04-15 17:11 . 2008-04-15 17:11 <REP> d-------- C:\Program Files\Sunbelt Software
2008-04-15 17:10 . 2008-04-15 17:10 27,833,176 --a------ C:\bitdefender_free_v10.exe
2008-04-15 17:07 . 2008-04-15 17:09 <REP> d-------- C:\parefeu
2008-04-15 08:31 . 2008-04-16 10:02 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-04-15 08:20 . 2008-04-15 08:19 36,711,661 --a------ C:\WINDOWS\LPT$VPN.217
2008-04-15 08:18 . 2008-04-15 08:19 <REP> d-------- C:\WINDOWS\AU_Temp
2008-04-15 08:18 . 2008-04-15 08:19 36,711,661 --a------ C:\WINDOWS\VPTNFILE.217
2008-04-14 18:12 . 2008-04-15 16:19 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-14 14:31 . 2008-04-15 08:21 <REP> d-------- C:\WINDOWS\report
2008-04-14 14:30 . 2008-04-14 14:37 <REP> d-------- C:\WINDOWS\AU_Backup
2008-04-14 14:30 . 2008-04-14 14:30 1,947,387 --a------ C:\WINDOWS\tsc.ptn
2008-04-14 14:30 . 2008-04-15 08:19 1,213,784 --a------ C:\WINDOWS\vsapi32.dll
2008-04-14 14:30 . 2008-04-14 14:30 333,576 --a------ C:\WINDOWS\TSC.exe
2008-04-14 14:30 . 2008-04-15 08:19 91,744 --a------ C:\WINDOWS\BPMNT.dll
2008-04-14 14:30 . 2008-04-14 14:30 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2008-04-14 14:22 . 2008-04-14 14:22 <REP> d-------- C:\WINDOWS\AU_Log
2008-04-14 14:22 . 2008-04-15 08:18 170 --a------ C:\WINDOWS\GetServer.ini
2008-04-14 14:20 . 2008-04-15 08:26 823 --a------ C:\WINDOWS\TSC.INI
2008-04-14 14:19 . 2008-04-14 14:19 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2008-04-14 14:19 . 2008-04-14 14:19 286,720 --a------ C:\WINDOWS\PATCH.EXE
2008-04-14 14:19 . 2008-04-14 14:19 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2008-04-14 14:17 . 2008-04-15 14:17 <REP> d-------- C:\Program Files\Panda Security
2008-04-13 13:41 . 2008-04-13 13:41 <REP> d-------- C:\Documents and Settings\Edwige\Application Data\AVGTOOLBAR
2008-04-13 12:25 . 2008-04-13 12:25 <REP> d-------- C:\Documents and Settings\Chritiane\Application Data\AVGTOOLBAR
2008-04-13 12:23 . 2008-04-14 09:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-13 12:23 . 2008-04-13 12:23 45,568 --a------ C:\WINDOWS\system32\avgfwdx.dll
2008-04-13 12:23 . 2008-04-13 12:23 22,528 --a------ C:\WINDOWS\system32\drivers\avgfwdx.sys
2008-04-10 13:48 . 2008-04-10 13:48 268 --ah----- C:\sqmdata05.sqm
2008-04-10 13:48 . 2008-04-10 13:48 244 --ah----- C:\sqmnoopt05.sqm
2008-04-10 08:20 . 2008-04-10 08:20 244 --ah----- C:\sqmnoopt04.sqm
2008-04-10 08:20 . 2008-04-10 08:20 232 --ah----- C:\sqmdata04.sqm
2008-04-06 19:41 . 2008-04-06 19:41 268 --ah----- C:\sqmdata03.sqm
2008-04-06 19:41 . 2008-04-06 19:41 244 --ah----- C:\sqmnoopt03.sqm
2008-03-30 14:52 . 2008-03-31 18:23 <REP> d-------- C:\Documents and Settings\Patrick\Application Data\EoRezo
2008-03-30 09:34 . 2008-03-30 09:34 <REP> d-------- C:\Documents and Settings\Chritiane\Application Data\ItsLabel
2008-03-30 09:32 . 2008-03-31 18:23 <REP> d-------- C:\Program Files\EoRezo
2008-03-30 09:32 . 2008-03-31 18:23 <REP> d-------- C:\Documents and Settings\Chritiane\Application Data\EoRezo
2008-03-29 20:41 . 2008-03-29 20:41 244 --ah----- C:\sqmnoopt02.sqm
2008-03-29 20:41 . 2008-03-29 20:41 232 --ah----- C:\sqmdata02.sqm
2008-03-23 11:20 . 2008-03-23 11:20 268 --ah----- C:\sqmdata01.sqm
2008-03-23 11:20 . 2008-03-23 11:20 244 --ah----- C:\sqmnoopt01.sqm

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-15 18:11 --------- d-----w C:\Program Files\RamBoost XP
2008-04-15 07:20 --------- d-----w C:\Program Files\Imperial Casino
2008-04-15 07:20 --------- d-----w C:\Program Files\GV Crazy Queen Casino
2008-04-15 07:08 --------- d-----w C:\Program Files\Casino Fantasy
2008-04-12 06:31 --------- d-----w C:\Documents and Settings\Chritiane\Application Data\LimeWire
2008-03-14 12:50 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-14 12:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-13 19:46 --------- d-----w C:\Documents and Settings\Patrick\Application Data\Free Spider TreeCardGames
2008-03-08 21:31 --------- d-----w C:\Program Files\Java
2008-03-05 05:12 --------- d-----w C:\Program Files\Google
2008-03-04 18:39 --------- d-----w C:\Program Files\Matroska Pack
2008-03-02 20:19 --------- d-----w C:\Program Files\GameHouse
2008-02-20 16:15 --------- d-----w C:\Documents and Settings\Edwige\Application Data\LimeWire
2008-02-17 20:47 --------- d-----w C:\Documents and Settings\Edwige\Application Data\Free Spider TreeCardGames
2008-02-17 19:15 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-17 19:09 --------- d-----w C:\Program Files\ReflexiveArcade
2008-02-17 14:33 --------- d-----w C:\Documents and Settings\Edwige\Application Data\funkitron
2008-02-17 14:28 --------- d-----w C:\Program Files\orange
2008-02-16 18:20 --------- d-----w C:\Program Files\Micro Application
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [ ]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-10-09 11:28 139264]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [ ]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2003-04-14 20:05 1498032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-03-31 16:50 180269]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-09 02:17 35328]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"AtiPTA"="atiptaxx.exe" [2000-07-26 01:53 180224 C:\WINDOWS\system32\atiptaxx.exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-01 16:51 257088]
"AdslTaskBar"="stmctrl.dll" [2003-06-06 10:32 151552 C:\WINDOWS\system32\stmctrl.dll]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1175536523\ee\AOLSoftware.exe" [2006-11-17 15:16 50736]
"EoEngine"="" []
"ItsTV"="C:\Program Files\EoRezo\EoWeather\ItsTV.exe" [ ]
"EoWeather"="" []

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="C:\WINDOWS\system32\run.cmd" [2006-02-14 11:24 248]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 16:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisablePagingExecutive"=dword:00000001
"SecondLevelDataCache"=dword:00000200

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"D:\\EMULE\\emule.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"D:\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\1175536523\\ee\\aolsoftware.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"4662:TCP"= 4662:TCP:Emule
"4672:UDP"= 4672:UDP:Emule

R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 09:56]
R3 Avgfwdx;Avgfwdx;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-04-13 12:23]
R3 SiS7012;Service for AC'97 Sample Driver (WDM);C:\WINDOWS\system32\drivers\sis7012.sys [2004-11-03 14:14]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2003-06-10 16:32]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2003-06-20 16:19]
S3 Avgfwfd;AVG network filter service;C:\WINDOWS\system32\DRIVERS\avgfwdx.sys [2008-04-13 12:23]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 18:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 19:08]
S4 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 09:56]

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-16 12:45:38
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 1

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-16 12:54:37 - machine was rebooted [Edwige]
ComboFix-quarantined-files.txt 2008-04-16 10:54:22

Pre-Run: 1,296,498,688 octets libres
Post-Run: 1,570,648,064 octets libres
.
2008-04-16 10:25:23 --- E O F ---


bon courage et merci d'avance
Contenus similaires
16 Avril 2008 13:59:32

Re,

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

    ;) 
    16 Avril 2008 18:43:06

    ça y est je viens enfin de finir le scan avec kaspersky ça fait peur lol

    voici le résultat
    KASPERSKY ON-LINE SCANNER REPORT
    Wednesday, April 16, 2008 6:39:10 PM
    Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 16/04/2008
    Enregistrements dans la base antivirus Kaspersky : 636441


    Paramètres d'analyse
    Analyser avec la base antivirus suivante standard
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    A:\
    C:\
    D:\
    E:\
    F:\

    Statistiques de l'analyse
    Total d'objets analysés 77750
    Nombre de virus trouvés 9
    Nombre d'objets infectés 300 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 03:42:30

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\ph L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\ACS\1.0\variable L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\APP10334.LST L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\APP10395.LST L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\Apps.Lst L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\Diction.lst L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\main.idx L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\sap.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\spool.lst L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\STYLE.LST L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\sysnews.lst L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\idb\Toolbar.lst L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\organize\CACHE\superloulo01 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\organize\superlouloue L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\organize\superlouloue.abi L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\organize\superlouloue.aby L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\ShopAssist\DataStore\global\clientcache.adb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\C_AOL 9.0\ShopAssist\DataStore\users\Superlouloue.adb L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\storage\cache.db L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\storage\server.lock L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\storage\stderr.txt L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\AOL\storage\stdout.txt L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a016a8fac89d6508c80cc603a283b09c_a04b211f-0457-4bc6-961a-abedbab255c1 L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Ahead\Nero Home\bl.db L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Ahead\Nero Home\is2.db L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\AOL\UserProfiles\All Users\cls\common.cls L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Historique\History.IE5\MSHist012008041620080417\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\ntuser.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\Edwige\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\3D_Realistic_Fireplace_Screen_Saver_2.3.zip.vir/3D_Realistic_Fireplace_Screen_Saver_2.3.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\3D_Realistic_Fireplace_Screen_Saver_2.3.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AbsoluteControl_1.72.zip.vir/AbsoluteControl_1.72.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AbsoluteControl_1.72.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AceKeyboard_1.00_With_Crack.zip.vir/AceKeyboard_1.00_With_Crack.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AceKeyboard_1.00_With_Crack.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Aces_Omaha_-_No_Limit_1.3.8.zip.vir/Aces_Omaha_-_No_Limit_1.3.8.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Aces_Omaha_-_No_Limit_1.3.8.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Active_Config_1.0_(Patch).zip.vir/Active_Config_1.0_(Patch).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Active_Config_1.0_(Patch).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Adorage_for_Movie_Maker_1.0.zip.vir/Adorage_for_Movie_Maker_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Adorage_for_Movie_Maker_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AFlashTop_1.00.zip.vir/AFlashTop_1.00.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AFlashTop_1.00.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.zip.vir/Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amigos_Spanish_4.6.zip.vir/Amigos_Spanish_4.6.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amigos_Spanish_4.6.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ancestral_Author_2.6_Crack.zip.vir/Ancestral_Author_2.6_Crack.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ancestral_Author_2.6_Crack.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.zip.vir/Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Atrise_ToTXT_1.0.1_(With_Crack).zip.vir/Atrise_ToTXT_1.0.1_(With_Crack).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Atrise_ToTXT_1.0.1_(With_Crack).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AudioIndex_1.0.zip.vir/AudioIndex_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AudioIndex_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Avex_DVD_to_PSP_Video_Suite_4_build_05.zip.vir/Avex_DVD_to_PSP_Video_Suite_4_build_05.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Avex_DVD_to_PSP_Video_Suite_4_build_05.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\avg.AntiSpyware-setup-7.5.0.50.+.crak.zip.vir/avg.AntiSpyware-setup-7.5.0.50.+.crak.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\avg.AntiSpyware-setup-7.5.0.50.+.crak.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Backup_Outlook_Express_2.0_Cracked.zip.vir/Backup_Outlook_Express_2.0_Cracked.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Backup_Outlook_Express_2.0_Cracked.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Base_Feeder_for_Recipes_3.0.zip.vir/Base_Feeder_for_Recipes_3.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Base_Feeder_for_Recipes_3.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Bill_Serial_Port_Monitor_3.0T.zip.vir/Bill_Serial_Port_Monitor_3.0T.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Bill_Serial_Port_Monitor_3.0T.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Butterflied_1.0.zip.vir/Butterflied_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Butterflied_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.zip.vir/CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complete_Macbeth_Interactive_1.1_(Key+Serial).zip.vir/Complete_Macbeth_Interactive_1.1_(Key+Serial).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complete_Macbeth_Interactive_1.1_(Key+Serial).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complex_Shift_Schedules_for_25_People_6.31.zip.vir/Complex_Shift_Schedules_for_25_People_6.31.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complex_Shift_Schedules_for_25_People_6.31.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\ControlCenter_1.5.zip.vir/ControlCenter_1.5.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\ControlCenter_1.5.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cool_Audio_Extractor_1.26.zip.vir/Cool_Audio_Extractor_1.26.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cool_Audio_Extractor_1.26.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Create_Message_Pro_1.00_Cracked.zip.vir/Create_Message_Pro_1.00_Cracked.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Create_Message_Pro_1.00_Cracked.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cryptus_2005_9.2.0.0.zip.vir/Cryptus_2005_9.2.0.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cryptus_2005_9.2.0.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CSD_The_Librarian_1.020_Alpha.zip.vir/CSD_The_Librarian_1.020_Alpha.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CSD_The_Librarian_1.020_Alpha.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cyclone_Photo_Album_2.0.zip.vir/Cyclone_Photo_Album_2.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cyclone_Photo_Album_2.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBComp_1.1.zip.vir/DBComp_1.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBComp_1.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBScripter_for_Oracle_1.13.zip.vir/DBScripter_for_Oracle_1.13.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBScripter_for_Oracle_1.13.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DB_Comparer_2006_for_SQL_Server_2.1.0.1.zip.vir/DB_Comparer_2006_for_SQL_Server_2.1.0.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DB_Comparer_2006_for_SQL_Server_2.1.0.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DFX_for_Winamp_7.5.zip.vir/DFX_for_Winamp_7.5.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DFX_for_Winamp_7.5.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Divnine_Divinity_Living_Dead_movie.zip.vir/Divnine_Divinity_Living_Dead_movie.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Divnine_Divinity_Living_Dead_movie.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Dobry_Backuper_1.5_v154.zip.vir/Dobry_Backuper_1.5_v154.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Dobry_Backuper_1.5_v154.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DockStudioXP_2.1.0.144.zip.vir/DockStudioXP_2.1.0.144.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DockStudioXP_2.1.0.144.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Draw_Pad_0.8.zip.vir/Draw_Pad_0.8.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Draw_Pad_0.8.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DriveImage_XML_1.21.zip.vir/DriveImage_XML_1.21.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DriveImage_XML_1.21.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\E-book_Microsoft_Excel_XP_(Spanish)_1.0.zip.vir/E-book_Microsoft_Excel_XP_(Spanish)_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\E-book_Microsoft_Excel_XP_(Spanish)_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\eSpace_Analyst_2.0.zip.vir/eSpace_Analyst_2.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\eSpace_Analyst_2.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Event_Monitoring_1.zip.vir/Event_Monitoring_1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Event_Monitoring_1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ewido.Anti-Spyware.v4.0.0.172c_Patch.zip.vir/Ewido.Anti-Spyware.v4.0.0.172c_Patch.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ewido.Anti-Spyware.v4.0.0.172c_Patch.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Extreme_Thumbnail_Generator_1.9.1.5_Cracked.zip.vir/Extreme_Thumbnail_Generator_1.9.1.5_Cracked.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Extreme_Thumbnail_Generator_1.9.1.5_Cracked.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\EZ_Backup_Outlook_Pro_4.7_(Key).zip.vir/EZ_Backup_Outlook_Pro_4.7_(Key).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\EZ_Backup_Outlook_Pro_4.7_(Key).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FileFilter_2.194.zip.vir/FileFilter_2.194.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FileFilter_2.194.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Fingerfox_1.0.zip.vir/Fingerfox_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Fingerfox_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flanker_demo_2.0.zip.vir/Flanker_demo_2.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flanker_demo_2.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FlashMath_1.2.zip.vir/FlashMath_1.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FlashMath_1.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0_[Cracked].zip.vir/Flash_Horizontal_Menu_Wizard_2.0_[Cracked].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0_[Cracked].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GoBinder_2006.zip.vir/GoBinder_2006.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GoBinder_2006.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GOTE_Screen_Capture_1.0.zip.vir/GOTE_Screen_Capture_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GOTE_Screen_Capture_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Great_Feng_Shui_1.0.2.zip.vir/Great_Feng_Shui_1.0.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Great_Feng_Shui_1.0.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hard_Drive_Mechanic_1.0_Serial.zip.vir/Hard_Drive_Mechanic_1.0_Serial.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hard_Drive_Mechanic_1.0_Serial.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hot_Video_to_iPod_Converter_2.0_Crack.zip.vir/Hot_Video_to_iPod_Converter_2.0_Crack.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hot_Video_to_iPod_Converter_2.0_Crack.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\I-TV++_Platinium_1.4.zip.vir/I-TV++_Platinium_1.4.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\I-TV++_Platinium_1.4.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Infinity_1.3.1.zip.vir/Infinity_1.3.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Infinity_1.3.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Interest_1.01.zip.vir/Interest_1.01.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Interest_1.01.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\JetDat_2.0.zip.vir/JetDat_2.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\JetDat_2.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Kr4ck3r_II_2.0.0.zip.vir/Kr4ck3r_II_2.0.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Kr4ck3r_II_2.0.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Launcher_2.5.6.zip.vir/Launcher_2.5.6.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Launcher_2.5.6.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\LcCartas_(French)_3.1.zip.vir/LcCartas_(French)_3.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\LcCartas_(French)_3.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\lcsutil_3.zip.vir/lcsutil_3.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\lcsutil_3.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Linguata_Bulgarian_4.6.zip.vir/Linguata_Bulgarian_4.6.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Linguata_Bulgarian_4.6.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Magic_Notes_3.4.0.7142_[Key].zip.vir/Magic_Notes_3.4.0.7142_[Key].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Magic_Notes_3.4.0.7142_[Key].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Manycam_2.1.zip.vir/Manycam_2.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Manycam_2.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MatrixSolver_1.0.8.zip.vir/MatrixSolver_1.0.8.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MatrixSolver_1.0.8.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ma_Tirelire_1.0.7.zip.vir/Ma_Tirelire_1.0.7.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ma_Tirelire_1.0.7.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MB_Free_Life_Path_Period_Number_1.0.zip.vir/MB_Free_Life_Path_Period_Number_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MB_Free_Life_Path_Period_Number_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MH_Password_Generator_1.0.zip.vir/MH_Password_Generator_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MH_Password_Generator_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.zip.vir/Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Micro_C_68HC16_Development_System_2.16l.zip.vir/Micro_C_68HC16_Development_System_2.16l.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Micro_C_68HC16_Development_System_2.16l.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Minisebran_1.10.zip.vir/Minisebran_1.10.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Minisebran_1.10.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movie_Player_ActiveX_Control_2.5_[Serial].zip.vir/Movie_Player_ActiveX_Control_2.5_[Serial].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movie_Player_ActiveX_Control_2.5_[Serial].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).zip.vir/Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MSN_Snatcher_1.3.zip.vir/MSN_Snatcher_1.3.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MSN_Snatcher_1.3.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.zip.vir/MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Multi_Web_Search_Toolbar_4.5.122.zip.vir/Multi_Web_Search_Toolbar_4.5.122.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Multi_Web_Search_Toolbar_4.5.122.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Natural_Fat_Loss_2.0.zip.vir/Natural_Fat_Loss_2.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Natural_Fat_Loss_2.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Nicole_The_Desktop_Singer_1.zip.vir/Nicole_The_Desktop_Singer_1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Nicole_The_Desktop_Singer_1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ordix_Aviser_2.10_Serial.zip.vir/Ordix_Aviser_2.10_Serial.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ordix_Aviser_2.10_Serial.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\OZ_Postcode_4.2.4_Key+Serial.zip.vir/OZ_Postcode_4.2.4_Key+Serial.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\OZ_Postcode_4.2.4_Key+Serial.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paper_Grains_Collection_1.0.1.zip.vir/Paper_Grains_Collection_1.0.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paper_Grains_Collection_1.0.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paraben's_SIM_Card_Seizure_1.0.2599.33141.zip.vir/Paraben's_SIM_Card_Seizure_1.0.2599.33141.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paraben's_SIM_Card_Seizure_1.0.2599.33141.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Physics_Mechanics_Labs_2.1.zip.vir/Physics_Mechanics_Labs_2.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Physics_Mechanics_Labs_2.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pics_Print_3.14.1.416.zip.vir/Pics_Print_3.14.1.416.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pics_Print_3.14.1.416.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Picture_of_the_Day_1.3.zip.vir/Picture_of_the_Day_1.3.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Picture_of_the_Day_1.3.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pi_Saver_1.0.zip.vir/Pi_Saver_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pi_Saver_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Postscript_to_Text_Converter_2.0_(Key+Serial).zip.vir/Postscript_to_Text_Converter_2.0_(Key+Serial).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Postscript_to_Text_Converter_2.0_(Key+Serial).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Power_Equipment_1.03_(With_Crack).zip.vir/Power_Equipment_1.03_(With_Crack).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Power_Equipment_1.03_(With_Crack).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Progress_Planner_Professional_1.2.zip.vir/Progress_Planner_Professional_1.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Progress_Planner_Professional_1.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Puzzle_Championship_Scenic_Edition_1.zip.vir/Puzzle_Championship_Scenic_Edition_1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Puzzle_Championship_Scenic_Edition_1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\QuoteWerks_Corporate_Edition_4.0_build_22_Serial.zip.vir/QuoteWerks_Corporate_Edition_4.0_build_22_Serial.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\QuoteWerks_Corporate_Edition_4.0_build_22_Serial.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.zip.vir/Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Synth_2.5.zip.vir/Rainbow_Synth_2.5.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Synth_2.5.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RemoteIE_2.5.zip.vir/RemoteIE_2.5.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RemoteIE_2.5.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remote_Installer_1.3.78.zip.vir/Remote_Installer_1.3.78.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remote_Installer_1.3.78.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remove_Windows_Messenger_1.2.zip.vir/Remove_Windows_Messenger_1.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remove_Windows_Messenger_1.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Roller_0.47.1.zip.vir/Roller_0.47.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Roller_0.47.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RssDownloader_1.zip.vir/RssDownloader_1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RssDownloader_1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Secret_Messenger_2.1.zip.vir/Secret_Messenger_2.1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Secret_Messenger_2.1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Senlab_2.0.1.8.zip.vir/Senlab_2.0.1.8.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Senlab_2.0.1.8.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SID_Mixer_InDepth_1.2.zip.vir/SID_Mixer_InDepth_1.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SID_Mixer_InDepth_1.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SMURLLabel_component.zip.vir/SMURLLabel_component.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SMURLLabel_component.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Speed_Video_Converter_3.0.25.zip.vir/Speed_Video_Converter_3.0.25.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Speed_Video_Converter_3.0.25.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SpicyByte_Screensaver_1.0.zip.vir/SpicyByte_Screensaver_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SpicyByte_Screensaver_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\spinnSaucer_0.8.zip.vir/spinnSaucer_0.8.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\spinnSaucer_0.8.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SprinN_Lite_eng_3.0_[Crack].zip.vir/SprinN_Lite_eng_3.0_[Crack].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SprinN_Lite_eng_3.0_[Crack].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Stipple_Studio_2.2.zip.vir/Stipple_Studio_2.2.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Stipple_Studio_2.2.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\StylePad_1.4.2_[Key].zip.vir/StylePad_1.4.2_[Key].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\StylePad_1.4.2_[Key].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Survivor_Parody_Screensaver_1.0.zip.vir/Survivor_Parody_Screensaver_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Survivor_Parody_Screensaver_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec.Norton.Regcleaner.zip.vir/Symantec.Norton.Regcleaner.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec.Norton.Regcleaner.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.zip.vir/Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TheAstrologer2Go_1.zip.vir/TheAstrologer2Go_1.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TheAstrologer2Go_1.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Theophilos_3.1.6.zip.vir/Theophilos_3.1.6.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Theophilos_3.1.6.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Tiny_Message_1.2_[KeyGen].zip.vir/Tiny_Message_1.2_[KeyGen].exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Tiny_Message_1.2_[KeyGen].zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TradeBuilder_Professional_1.0.zip.vir/TradeBuilder_Professional_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TradeBuilder_Professional_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\UltimateDefrag_1.27.zip.vir/UltimateDefrag_1.27.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\UltimateDefrag_1.27.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Universal_Software_Oscilloscope_Library_1.0.0.zip.vir/Universal_Software_Oscilloscope_Library_1.0.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Universal_Software_Oscilloscope_Library_1.0.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\USB_Vault_1.02.zip.vir/USB_Vault_1.02.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\USB_Vault_1.02.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\VCL_1.0.zip.vir/VCL_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\VCL_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\V_The_File_Viewer_2002.zip.vir/V_The_File_Viewer_2002.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\V_The_File_Viewer_2002.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Website_Image_Extractor_2.0_(Cracked).zip.vir/Website_Image_Extractor_2.0_(Cracked).exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Website_Image_Extractor_2.0_(Cracked).zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.zip.vir/Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Word_Seeker_1.0.zip.vir/Word_Seeker_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Word_Seeker_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\World_Population_1.0.zip.vir/World_Population_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\World_Population_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\WriteEZ_1.73.zip.vir/WriteEZ_1.73.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\WriteEZ_1.73.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\X-Win32_8.0.2122.zip.vir/X-Win32_8.0.2122.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\X-Win32_8.0.2122.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\XP_Registry_Cleaner_2.05.zip.vir/XP_Registry_Cleaner_2.05.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\XP_Registry_Cleaner_2.05.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Z100_Portland_Radio_JL_1.0.zip.vir/Z100_Portland_Radio_JL_1.0.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Z100_Portland_Radio_JL_1.0.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\[LiveStream].kaspersky.ver.6.keygen.16.zip.vir/[LiveStream].kaspersky.ver.6.keygen.16.exe Infecté : Trojan-Downloader.Win32.Bagle.nk ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\[LiveStream].kaspersky.ver.6.keygen.16.zip.vir ZIP: infecté - 1 ignoré

    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m.vir\flec006.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14562609.exe.vir Infecté : Trojan-Downloader.Win32.Bagle.ij ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14596375.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14618046.exe.vir Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14689250.exe.vir Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14748593.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14775046.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14858718.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\17364250.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29739281.exe.vir Infecté : Trojan-Downloader.Win32.Bagle.ij ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\30258031.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\30418671.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\35547562.exe.vir Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\35566546.exe.vir Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip/srosa.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip/wintems.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip/mdelk.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip/hldrrr.exe Infecté : Trojan-Downloader.Win32.Bagle.jw ignoré

    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip ZIP: infecté - 4 ignoré

    C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infecté : Trojan-Downloader.Win32.Bagle.hp ignoré

    C:\QooBox\Quarantine\Registry_backups\Service_srosa.reg.dat Infecté : Trojan-Downloader.Win32.Bagle.hp ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP187\A0075687.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP187\A0075706.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP187\A0075755.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP187\A0075900.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP188\A0076152.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP188\A0076199.sys Infecté : Trojan-Downloader.Win32.Bagle.jx ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076360.exe Infecté : Trojan-Downloader.Win32.Bagle.ij ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076361.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076364.exe Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076366.exe Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076372.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076374.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076383.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076420.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076437.exe Infecté : Trojan-Downloader.Win32.Bagle.ij ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076438.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076441.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076468.exe Infecté : Trojan-PSW.Win32.Agent.xd ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP189\A0076469.exe Infecté : Email-Worm.Win32.Bagle.of ignoré

    C:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP190\change.log L'objet est verrouillé ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\EventCache\{8982A7F5-FD02-4273-A2D8-69FEBA256567}.bin L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Antiviru.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    D:\Christiane\ma musique\new\03 Track 3.wma Infecté : Trojan-Downloader.WMA.Wimad.l ignoré

    D:\Christiane\ma musique\the do\song for lovers.mp3 Infecté : Trojan-Downloader.WMA.Wimad.n ignoré

    D:\EMULE\config\cancelled.met L'objet est verrouillé ignoré

    D:\EMULE\config\clients.met L'objet est verrouillé ignoré

    D:\EMULE\config\emfriends.met L'objet est verrouillé ignoré

    D:\EMULE\config\known.met L'objet est verrouillé ignoré

    D:\EMULE\config\known2_64.met L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\- Calogero - Mélodie en sous sol (Album complet 'Pomme C' 192kbs).wma L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\11 - Repose ton âme.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\35-Enfance Et Musique- L'oiseau Et La Bulle 75 Chansons, Comptines Et Jeux De Doigts Enfants.wav L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArtSmall.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{0A156E95-269C-4EF1-A11F-9062BC6FB9DB}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{0A156E95-269C-4EF1-A11F-9062BC6FB9DB}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{310E80A0-2BE1-4DBB-8CD2-6DE974E8AB3A}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{310E80A0-2BE1-4DBB-8CD2-6DE974E8AB3A}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{3EA66DA3-22B0-42EB-8ABE-3CAD8A516D5E}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{3EA66DA3-22B0-42EB-8ABE-3CAD8A516D5E}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{5498A9AB-CAC4-4FA9-99FE-B162ACD183CE}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{5498A9AB-CAC4-4FA9-99FE-B162ACD183CE}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{57119E29-FE4D-464F-86D0-94B956E6A800}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{57119E29-FE4D-464F-86D0-94B956E6A800}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{B3EEA3F4-1FAA-481A-85F5-FDFB5FC9E2A2}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{B3EEA3F4-1FAA-481A-85F5-FDFB5FC9E2A2}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{BB266AE6-813A-4C3C-B356-E7DEE0E27CA6}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{BB266AE6-813A-4C3C-B356-E7DEE0E27CA6}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{C3BF315A-B6DF-4A7F-A020-52E59DB5A0C6}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{C3BF315A-B6DF-4A7F-A020-52E59DB5A0C6}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{C59250EE-9F30-448E-8ED6-DD012B8A1B29}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{C59250EE-9F30-448E-8ED6-DD012B8A1B29}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{F61760B4-F551-4029-80F1-4C9536FA5742}_Large.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\AlbumArt_{F61760B4-F551-4029-80F1-4C9536FA5742}_Small.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Avast.Antivirus.Pro.v4.7.892.FR.Incl-Keygen.rar L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Bénabar_Reprise des négociations_01. Le Dîner.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Bénabar_Reprise des négociations_06. La Berceuse.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Bénabar_Reprise des négociations_07. Les Epices Du Souk Du Caire.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Bénabar_Reprise des négociations_12. Le Cahier De Solfège.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\01-calogero-pomme_c.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\06-calogero-me_dit_elle.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\07-Calogero_-_Sans_L'Amour.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\09-calogero-melodies_en_sous_sol.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\Calogero - Je sais.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\Calogero - Le Saut De L'ange.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\Calogero - Pomme C - 03 - game_over.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\calojero\Calogero - Pomme C - 04 - suis_je_assez_clair.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incomin
    16 Avril 2008 22:20:36

    Re,

    Le rapport est incomplet, il ne tient pas en un seul message.

    Poste la suite en plusieurs messages si nécessaire.

    ;) 
    17 Avril 2008 07:56:31

    oups j'avais pas fait attention ...

    voilà la suite

    D:\EMULE\Incoming1\comptines\Les Poppys - Tous Les Animaux Du Monde.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\comptines\Mamadou Avait Mal Aux Dents.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Duo Dinámico - El final del verano.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Folder.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\00-jean_michel_jarre-teo_and_tea-promo-cd-2007-cover-emf.jpg L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\01-jean_michel_jarre-fresh_news-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\02-jean_michel_jarre-teo_and_tea-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\03-jean_michel_jarre-beautiful_agony-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\04-jean_michel_jarre-touch_to_remember-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\05-jean_michel_jarre-ok_do_it_fast-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\06-jean_michel_jarre-partners_in_crime_1-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\07-jean_michel_jarre-partners_in_crime_2-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\08-jean_michel_jarre-chatterbox-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\09-jean_michel_jarre-in_the_mood_for_you-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\10-jean_michel_jarre-gossip-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\11-jean_michel_jarre-vintage-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\12-jean_michel_jarre-melancholic_rodeo-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\Jean_Michel_Jarre-Teo_And_Tea-PROMO-CD-2007-eMF\13-jean_michel_jarre-teo_and_tea_4.00_am-emf.mp3 L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Keygen.Avast.Antivirus.Pro.v4.7.892.Fr.zip L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\les mysterieuses citees d'or rip-dvd 4 (divx) episodes 25 a 31 par crackeur fou.avi L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Les mystérieuses citées d'or (9-16).avi L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\les mystérieuses citées d'or rip-dvd 1 (divx) épisodes 1 à 8 par crackeur fou.avi L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\les mystérieuses citées d'or rip-dvd 3 (divx) épisodes 17 à 24 par crackeur fou.avi L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Mes plus belles chansons d'enfant - 08 - Ah, les crocodiles.wav L'objet est verrouillé ignoré

    D:\EMULE\Incoming1\Thumbs.db L'objet est verrouillé ignoré

    D:\EMULE\Temp\003.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\006.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\011.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\012.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\013.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\015.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\020.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\021.part.met L'objet est verrouillé ignoré

    D:\EMULE\Temp\036.part.met L'objet est verrouillé ignoré

    D:\EMULE\Thumbs.db L'objet est verrouillé ignoré

    D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    D:\System Volume Information\_restore{E5C42924-7684-44DF-AADE-53BE89EB8BA0}\RP190\change.log L'objet est verrouillé ignoré

    Analyse terminée.


    voilà voilà... et merci encore
    17 Avril 2008 11:56:35

    Re,

    1) Supprimes les fichiers/dossiers en gras suivants :

    D:\Christiane\ma musique\new\03 Track 3.wma
    D:\Christiane\ma musique\the do\song for lovers.mp3

    2) Refais un scan avec ELIBAGLA et poste-moi le rapport.

    3) Désinstalle/réinstalle TOUS tes logiciels de protection. Redémarre le PC et dis-moi s'ils fonctionnent correctement.

    ;) 


    17 Avril 2008 11:57:02

    Re,

    1) Supprimes les fichiers/dossiers en gras suivants :

    D:\Christiane\ma musique\new\03 Track 3.wma
    D:\Christiane\ma musique\the do\song for lovers.mp3

    2) Refais un scan avec ELIBAGLA et poste-moi le rapport.

    3) Désinstalle/réinstalle TOUS tes logiciels de protection. Redémarre le PC et dis-moi s'ils fonctionnent correctement.

    ;) 


    17 Avril 2008 14:03:59

    re

    voici mon rapport elibagla


    Thu Apr 17 13:34:07 2008
    EliBagle v11.27 (c)2008 S.G.H. / Satinfo S.L.
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando Unidad C:\
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m.vir\FLEC006.EXE --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14596375.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14748593.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14775046.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14858718.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\17364250.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\30258031.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\30418671.EXE.VIR --> Eliminado Bagle
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\35566546.EXE.VIR --> Eliminado Bagle

    Nº Total de Directorios: 5626
    Nº Total de Ficheros: 48680
    Nº de Ficheros Analizados: 8703
    Nº de Ficheros Infectados: 9
    Nº de Ficheros Limpiados: 9



    Thu Apr 17 13:52:31 2008
    EliBagle v11.27 (c)2008 S.G.H. / Satinfo S.L.
    ----------------------------------------------
    Lista de Acciones (por Exploración):
    Explorando Unidad D:\

    Nº Total de Directorios: 1479
    Nº Total de Ficheros: 26984
    Nº de Ficheros Analizados: 504
    Nº de Ficheros Infectados: 0
    Nº de Ficheros Limpiados: 0


    voili voilou

    mici encore ;-)
    17 Avril 2008 15:11:48

    Re, Fais la suite ;) 
    17 Avril 2008 17:41:29

    coucou me revoilà

    alors j'ai enlevé et réinstallé mes protections
    j'ai pas mis de parefeu car y'en a un avec windows....
    par contre j'ai remis mon antivirus avec succès et j'ai fait un scan au redémarrage qui a duré au moins 2h45 et qui a trouvé encore plein de virus que j'ai mis en quarentaine ne sachant trop quoi en faire...

    mes clés usb fonctionnent et mes cd aussi

    c'est à toi que je dois tout ça
    mille merci! ! ! mon pc remarche et est à nouveau protégé c'est génial

    juste encore te demander ton avis j'ai un programme de nettoyage qui vire touts les fichiers qui servent à rien je crois, ça s'appelle "Ccleaner" on m'a installé ça, faut que je m'en serve de temps en temps ou une bonne défragmentation et un nettoyage de disque suffisent? j'm'y connais pas trop

    merci encore

    MERCI ! ! ! ;-)
    17 Avril 2008 19:03:08

    Re,

    Attends, il faut maintenant finaliser la désinfection. Je répondrai à tes questions après ;) 

    Télécharge puis installe Hijackthis (Trend Micro)
    Poste ensuite un rapport dans ta prochaine réponse.
    AIDE : Comment utiliser Hijackthis v2.0.2

    ;) 
    18 Avril 2008 07:59:08

    bonjour,

    voici mon rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 07:54:46, on 18/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\AOL 9.0\waol.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\atiptaxx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\AOL\1175536523\ee\AOLSoftware.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\AOL 9.0\shellmon.exe
    C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://emule-project.net/home/perl/help.cgi?l=13
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1175536523\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0C338B03-052B-4922-90DD-28A7963AD675}: NameServer = 84.103.237.147 86.64.145.147
    O17 - HKLM\System\CCS\Services\Tcpip\..\{840AF268-394F-402B-911B-5CFF1B78C11F}: NameServer = 205.188.146.145
    O17 - HKLM\System\CS1\Services\Tcpip\..\{0C338B03-052B-4922-90DD-28A7963AD675}: NameServer = 84.103.237.147 86.64.145.147
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 9537 bytes


    bon courage ;-)
    18 Avril 2008 11:35:11

    Re,

    Télécharge SystemScan de la team SuspectFile
  • double-clique dessus (Ignore les alertes de ton antivirus s'il y en a.)
  • Clique sur Unselect all
  • Coche uniquement cette case
    -Recent Files, days old 60 days
  • Puis clique sur scan now, soit patient.
  • Une fois qu'il aura terminé, un rapport va s'ouvrir. Poste-le en entier.

    C:\Program Files\EoRezo\EoWeather\ItsTV.exe > tu connais ce programme ?

    ;) 
    18 Avril 2008 13:45:48

    coucou


    je ne connais pas le fichier C:\Program Files\EoRezo\EoWeather\ItsTV.exe ; je ne sais pas ce que c'est...

    ça y est j'ai fait le scan, ça a été super rapide

    voici le résultat :


    SystemScan - www.suspectfile.com - ver. 3.5.5 (code: holifay & bReAkdOWn)

    Running on: Windows XP PROFESSIONAL Edition, Service Pack 2 (2600.5.1)
    System directory: C:\WINDOWS
    SystemScan file: C:\Documents and Settings\Edwige\Bureau\sys2408.exe
    Running in: User mode
    Date: 18/04/2008
    Time: 13:39:01

    Output limited to:
    -Recent files

    ===================== RECENT FILES =====================

    Showing files newer than 60 days

    ----- recent files in C:\
    23/02/2008 18:41:32 244 byte 55 days old -- sqmnoopt00.sqm
    23/02/2008 18:41:32 268 byte 55 days old -- sqmdata00.sqm
    23/03/2008 11:20:59 268 byte 26 days old -- sqmdata01.sqm
    23/03/2008 11:20:59 244 byte 26 days old -- sqmnoopt01.sqm
    29/03/2008 20:41:34 232 byte 20 days old -- sqmdata02.sqm
    29/03/2008 20:41:34 244 byte 20 days old -- sqmnoopt02.sqm
    06/04/2008 19:41:16 244 byte 12 days old -- sqmnoopt03.sqm
    06/04/2008 19:41:16 268 byte 12 days old -- sqmdata03.sqm
    10/04/2008 08:20:25 244 byte 8 days old -- sqmnoopt04.sqm
    10/04/2008 08:20:25 232 byte 8 days old -- sqmdata04.sqm
    10/04/2008 13:48:20 268 byte 8 days old -- sqmdata05.sqm
    10/04/2008 13:48:20 244 byte 8 days old -- sqmnoopt05.sqm
    15/04/2008 08:26:59 22209707 byte 3 days old -- xscan.txt
    15/04/2008 17:10:08 27833176 byte 3 days old -- bitdefender_free_v10.exe
    15/04/2008 17:26:32 (DIR) 0 byte 3 days old -- antivurus
    16/04/2008 12:54:41 30959 byte 2 days old -- ComboFix.txt
    16/04/2008 12:54:41 (DIR) 0 byte 2 days old -- QooBox
    16/04/2008 14:58:14 244 byte 2 days old -- sqmnoopt06.sqm
    16/04/2008 14:58:14 232 byte 2 days old -- sqmdata06.sqm
    17/04/2008 07:47:03 (DIR) 0 byte 1 days old -- WINDOWS
    17/04/2008 13:13:31 (DIR) 0 byte 1 days old -- RECYCLER
    17/04/2008 14:11:48 1544 byte 1 days old -- InfoSat.txt
    17/04/2008 14:19:56 (DIR) 0 byte 1 days old -- avastantivir
    17/04/2008 17:56:23 (DIR) 0 byte 1 days old -- TEMP
    18/04/2008 07:44:43 335544320 byte 0 days old -- pagefile.sys
    18/04/2008 07:53:52 (DIR) 0 byte 0 days old -- Program Files

    ----- recent files in C:\WINDOWS\
    09/03/2008 20:09:08 72 byte 40 days old -- MediaManager.INI
    09/03/2008 20:22:37 33042 byte 40 days old -- CDPLAYER.INI
    14/03/2008 18:08:37 116 byte 35 days old -- NeroDigital.ini
    30/03/2008 11:44:03 0 byte 19 days old -- setuperr.log
    12/04/2008 17:51:36 180 byte 6 days old -- setupact.log
    12/04/2008 18:03:44 (DIR) 0 byte 6 days old -- Registration
    13/04/2008 12:22:51 (DIR) 0 byte 5 days old -- WinSxS
    14/04/2008 11:13:57 1000 byte 4 days old -- cddabase.ini
    14/04/2008 11:14:58 25 byte 4 days old -- WinOnCD.ini
    14/04/2008 11:20:51 3416 byte 4 days old -- wmsetup.log
    14/04/2008 14:01:00 (DIR) 0 byte 4 days old -- Temp
    14/04/2008 14:19:49 286720 byte 4 days old -- PATCH.EXE
    14/04/2008 14:19:50 507904 byte 4 days old -- TMUPDATE.DLL
    14/04/2008 14:19:50 69689 byte 4 days old -- UNZIP.DLL
    14/04/2008 14:22:42 (DIR) 0 byte 4 days old -- AU_Log
    14/04/2008 14:30:22 71749 byte 4 days old -- hcextoutput.dll
    14/04/2008 14:30:22 333576 byte 4 days old -- TSC.exe
    14/04/2008 14:30:23 1947387 byte 4 days old -- tsc.ptn
    14/04/2008 14:37:15 (DIR) 0 byte 4 days old -- AU_Backup
    15/04/2008 08:18:03 170 byte 3 days old -- GetServer.ini
    15/04/2008 08:19:06 36711661 byte 3 days old -- VPTNFILE.217
    15/04/2008 08:19:06 36711661 byte 3 days old -- LPT$VPN.217
    15/04/2008 08:19:06 91744 byte 3 days old -- BPMNT.dll
    15/04/2008 08:19:09 1213784 byte 3 days old -- vsapi32.dll
    15/04/2008 08:19:10 (DIR) 0 byte 3 days old -- AU_Temp
    15/04/2008 08:21:01 (DIR) 0 byte 3 days old -- report
    15/04/2008 08:26:59 823 byte 3 days old -- TSC.INI
    15/04/2008 16:19:35 54156 byte 3 days old -- QTFont.qfn
    16/04/2008 06:46:53 (DIR) 0 byte 2 days old -- Fonts
    16/04/2008 10:02:00 (DIR) 0 byte 2 days old -- BDOSCAN8
    16/04/2008 12:02:37 (DIR) 0 byte 2 days old -- erdnt
    16/04/2008 12:16:07 (DIR) 0 byte 2 days old -- Debug
    16/04/2008 12:45:19 227 byte 2 days old -- system.ini
    16/04/2008 14:12:57 134147 byte 2 days old -- setupapi.log
    16/04/2008 14:12:57 (DIR) 0 byte 2 days old -- Downloaded Program Files
    17/04/2008 06:57:41 (DIR) 0 byte 1 days old -- $NtUninstallKB945553$
    17/04/2008 06:57:52 7862 byte 1 days old -- KB945553.log
    17/04/2008 06:57:58 (DIR) 0 byte 1 days old -- $NtUninstallKB944338$
    17/04/2008 06:58:02 7713 byte 1 days old -- KB944338.log
    17/04/2008 06:59:58 (DIR) 0 byte 1 days old -- $NtUninstallKB948590$
    17/04/2008 07:00:01 7889 byte 1 days old -- KB948590.log
    17/04/2008 07:01:50 (DIR) 0 byte 1 days old -- $NtUninstallKB941693$
    17/04/2008 07:02:01 8162 byte 1 days old -- KB941693.log
    17/04/2008 07:02:20 (DIR) 0 byte 1 days old -- $NtUninstallKB947864$
    17/04/2008 07:02:30 4062 byte 1 days old -- updspapi.log
    17/04/2008 07:02:40 15337 byte 1 days old -- KB947864.log
    17/04/2008 07:02:40 1374 byte 1 days old -- imsins.BAK
    17/04/2008 07:06:53 (DIR) 0 byte 1 days old -- $hf_mig$
    17/04/2008 07:06:55 (DIR) 0 byte 1 days old -- $NtUninstallKB948881$
    17/04/2008 07:07:02 11156 byte 1 days old -- msmqinst.log
    17/04/2008 07:07:05 37096 byte 1 days old -- FaxSetup.log
    17/04/2008 07:07:05 1374 byte 1 days old -- imsins.log
    17/04/2008 07:07:05 16926 byte 1 days old -- tsoc.log
    17/04/2008 07:07:05 1866 byte 1 days old -- tabletoc.log
    17/04/2008 07:07:05 7348 byte 1 days old -- ntdtcsetup.log
    17/04/2008 07:07:05 18696 byte 1 days old -- ocgen.log
    17/04/2008 07:07:05 12161 byte 1 days old -- KB948881.log
    17/04/2008 07:07:05 2550 byte 1 days old -- MedCtrOC.log
    17/04/2008 07:07:05 12122 byte 1 days old -- comsetup.log
    17/04/2008 07:07:05 39219 byte 1 days old -- iis6.log
    17/04/2008 07:07:05 (DIR) 0 byte 1 days old -- inf
    17/04/2008 13:18:38 (DIR) 0 byte 1 days old -- system32
    17/04/2008 13:18:50 (DIR) 0 byte 1 days old -- Installer
    18/04/2008 07:26:27 32540 byte 0 days old -- SchedLgU.Txt
    18/04/2008 07:44:48 2048 byte 0 days old -- bootstat.dat
    18/04/2008 07:45:09 50 byte 0 days old -- wiaservc.log
    18/04/2008 07:45:12 159 byte 0 days old -- wiadebug.log
    18/04/2008 07:45:48 0 byte 0 days old -- 0.log
    18/04/2008 13:13:42 354427 byte 0 days old -- WindowsUpdate.log
    18/04/2008 13:30:54 715 byte 0 days old -- win.ini
    18/04/2008 13:39:01 (DIR) 0 byte 0 days old -- Prefetch

    ----- recent files in C:\WINDOWS\Downloaded Program Files\

    ----- recent files in C:\WINDOWS\system\

    ----- recent files in C:\WINDOWS\system32\
    20/02/2008 07:35:05 148992 byte 58 days old -- dnsapi.dll
    20/02/2008 07:35:05 45568 byte 58 days old -- dnsrslvr.dll
    20/02/2008 08:51:00 282624 byte 58 days old -- gdi32.dll
    24/02/2008 13:06:24 (DIR) 0 byte 54 days old -- NtmsData
    08/03/2008 23:31:06 0 byte 41 days old -- jupdate-1.6.0_05-b13.log
    20/03/2008 10:09:22 1845376 byte 29 days old -- win32k.sys
    25/03/2008 21:36:39 (DIR) 0 byte 24 days old -- Restore
    29/03/2008 19:23:22 95608 byte 20 days old -- AvastSS.scr
    29/03/2008 19:45:49 1146232 byte 20 days old -- aswBoot.exe
    06/04/2008 07:56:20 19836024 byte 12 days old -- MRT.exe
    12/04/2008 18:03:45 (DIR) 0 byte 6 days old -- wbem
    12/04/2008 18:05:41 2206 byte 6 days old -- wpa.dbl
    13/04/2008 12:23:27 45568 byte 5 days old -- avgfwdx.dll
    16/04/2008 12:03:27 (DIR) 0 byte 2 days old -- config
    16/04/2008 12:47:11 775210 byte 2 days old -- PerfStringBackup.INI
    16/04/2008 12:47:20 39992 byte 2 days old -- perfc009.dat
    16/04/2008 12:47:20 48616 byte 2 days old -- perfc00C.dat
    16/04/2008 12:47:20 367658 byte 2 days old -- perfh00C.dat
    16/04/2008 12:47:20 311604 byte 2 days old -- perfh009.dat
    16/04/2008 14:12:53 (DIR) 0 byte 2 days old -- Kaspersky Lab
    17/04/2008 07:02:32 (DIR) 0 byte 1 days old -- dllcache
    17/04/2008 07:44:06 259840 byte 1 days old -- FNTCACHE.DAT
    17/04/2008 13:18:37 (DIR) 0 byte 1 days old -- drivers
    17/04/2008 14:21:09 3121 byte 1 days old -- CONFIG.NT
    17/04/2008 23:02:07 (DIR) 0 byte 1 days old -- CatRoot2
    18/04/2008 13:30:36 12890 byte 0 days old -- ATMfraxx.GID

    ----- recent files in C:\WINDOWS\system32\drivers\
    29/03/2008 19:26:52 26944 byte 20 days old -- aavmker4.sys
    29/03/2008 19:27:33 42912 byte 20 days old -- aswTdi.sys
    29/03/2008 19:29:08 23152 byte 20 days old -- aswRdr.sys
    29/03/2008 19:31:34 75856 byte 20 days old -- aswSP.sys
    29/03/2008 19:35:21 94544 byte 20 days old -- aswmon2.sys
    29/03/2008 19:35:49 20560 byte 20 days old -- aswFsBlk.sys
    13/04/2008 12:23:27 22528 byte 5 days old -- avgfwdx.sys
    16/04/2008 12:44:56 (DIR) 0 byte 2 days old -- etc

    ----- recent files in C:\WINDOWS\temp\
    14/04/2008 13:58:20 (DIR) 0 byte 4 days old -- KAV6Upgrade

    ----- recent files in C:\Program Files\
    02/03/2008 22:19:38 (DIR) 0 byte 47 days old -- GameHouse
    04/03/2008 20:39:10 (DIR) 0 byte 45 days old -- Matroska Pack
    05/03/2008 07:12:34 (DIR) 0 byte 44 days old -- Google
    08/03/2008 23:31:25 (DIR) 0 byte 41 days old -- Java
    31/03/2008 18:23:13 (DIR) 0 byte 18 days old -- EoRezo
    15/04/2008 09:08:55 (DIR) 0 byte 3 days old -- Casino Fantasy
    15/04/2008 09:20:21 (DIR) 0 byte 3 days old -- GV Crazy Queen Casino
    15/04/2008 09:20:37 (DIR) 0 byte 3 days old -- Imperial Casino
    15/04/2008 14:17:46 (DIR) 0 byte 3 days old -- Panda Security
    15/04/2008 17:11:45 (DIR) 0 byte 3 days old -- Sunbelt Software
    16/04/2008 09:39:01 (DIR) 0 byte 2 days old -- Fichiers communs
    17/04/2008 07:02:29 (DIR) 0 byte 1 days old -- Internet Explorer
    17/04/2008 14:20:20 (DIR) 0 byte 1 days old -- Alwil Software
    17/04/2008 21:15:04 (DIR) 0 byte 1 days old -- RamBoost XP
    18/04/2008 07:53:52 (DIR) 0 byte 0 days old -- Trend Micro

    ----- recent files in C:\Program Files\Fichiers communs\
    14/03/2008 14:50:25 (DIR) 0 byte 35 days old -- WindowsLiveInstaller
    13/04/2008 12:22:52 (DIR) 0 byte 5 days old -- Microsoft Shared

    ----- recent files in C:\Documents and Settings\Edwige\Application Data\
    20/02/2008 18:15:50 (DIR) 0 byte 58 days old -- LimeWire
    13/04/2008 13:41:26 (DIR) 0 byte 5 days old -- AVGTOOLBAR
    14/04/2008 09:53:52 (DIR) 0 byte 4 days old -- Microsoft

    ----- recent files in C:\DOCUME~1\Edwige\LOCALS~1\Temp\
    17/04/2008 14:21:14 (DIR) 0 byte 1 days old -- _avast4_
    17/04/2008 17:19:07 16384 byte 1 days old -- ~DFD469.tmp
    17/04/2008 18:03:49 1117552 byte 1 days old -- XG4K23HD.emf
    18/04/2008 13:14:22 3528 byte 0 days old -- LVCOMSX.LOG
    18/04/2008 13:19:17 2072 byte 0 days old -- jusched.log
    18/04/2008 13:31:06 4 byte 0 days old -- PMShared
    18/04/2008 13:37:42 51 byte 0 days old -- systemscan.ini
    18/04/2008 13:37:45 16384 byte 0 days old -- ~DF7B91.tmp
    18/04/2008 13:37:46 (DIR) 0 byte 0 days old -- nsz61C.tmp

    ==========================================
    Scan completed in 0,2 minutes
    End of report


    ~~~~~~~~~~~~~~~~~~~~~-----CREDITS-----~~~~~~~~~~~~~~~~~~~~~
    SystemScan uses some freeware tools that remain property of their authors:

    * SteelWerX Registry Console Tool, Who Am I (Bobby Flekman: www.xs4all.nl/~fstaal01) --> "Registry scan", "PC accounts "
    * dumphive (Markus Stephany)--> "Registry scan"
    * Listdlls (M.Russinovich, B.Cogswell: www.sysinternals.com) --> "Loaded modules"
    * Catchme & MBR Rootkit detector (gmer: www.gmer.net) --> "Hidden objects", "Alternate Data Streams" & "Master Boot Record"
    ---> NOTE: SystemScan integrates "The Avenger" from Swandog46 (http://swandog46.geekstogo.com) to allow you to remove malwares found in this log

    Thanks to all of them for their hard work


    qu'est-ce que ça dit???


    18 Avril 2008 15:03:40

    Re,

    Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

    Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
    Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

    Télécharge et installe Antivir. (tuto)
    Pourquoi changer ? : Avast! vs Antivir
    mais aussi:
    14 antivirus au banc d'essai
    Citation :
    Antivir : le plus efficace des gratuits

    Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.

    ;) 
    21 Avril 2008 14:04:47

    bonjour, désolé de ne répondre que maintenant mais je n'étais pas là ce week end...et je serai aussi absente mardi et mercredi

    voici le rapport d'antivir que j'ai effectué ce matin



    Avira AntiVir Personal
    Report file date: lundi 21 avril 2008 10:40

    Scanning for 1219418 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Boot mode: Save mode
    Username: Edwige
    Computer name: CHIPS

    Version information:
    BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
    AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:56
    AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:37
    LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:23
    LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:40
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
    ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 13:08:58
    ANTIVIR2.VDF : 7.0.3.156 795136 Bytes 11/04/2008 08:20:40
    ANTIVIR3.VDF : 7.0.3.190 353280 Bytes 21/04/2008 08:20:47
    Engineversion : 8.1.0.32
    AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:21
    AESCRIPT.DLL : 8.1.0.26 233850 Bytes 21/04/2008 08:21:14
    AESCN.DLL : 8.1.0.14 119156 Bytes 21/04/2008 08:21:12
    AERDL.DLL : 8.1.0.19 418164 Bytes 07/04/2008 15:34:44
    AEPACK.DLL : 8.1.1.2 364917 Bytes 21/04/2008 08:21:10
    AEOFFICE.DLL : 8.1.0.18 192890 Bytes 21/04/2008 08:21:05
    AEHEUR.DLL : 8.1.0.18 1167735 Bytes 21/04/2008 08:21:03
    AEHELP.DLL : 8.1.0.14 115063 Bytes 21/04/2008 08:20:54
    AEGEN.DLL : 8.1.0.17 299380 Bytes 21/04/2008 08:20:53
    AEEMU.DLL : 8.1.0.5 430450 Bytes 07/04/2008 15:34:43
    AECORE.DLL : 8.1.0.27 168310 Bytes 21/04/2008 08:20:50
    AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:53
    AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:50
    AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:47
    AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:49
    AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
    AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:31
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
    SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:39
    NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
    RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:25
    RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:11

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: on
    Scan boot sector.................: on
    Boot sectors.....................: C:, D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: lundi 21 avril 2008 10:40

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    10 processes with 10 modules were scanned

    Starting master boot sector scan:
    Master boot sector HD0
    [INFO] No virus was found!
    Master boot sector HD1
    [INFO] No virus was found!

    Start scanning boot sectors:
    Boot sector 'C:\'
    [INFO] No virus was found!
    Boot sector 'D:\'
    [INFO] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '31' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\QooBox\Quarantine\catchme2008-04-16_120008.65.zip
    [0] Archive type: ZIP
    --> srosa.sys
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    --> wintems.exe
    [DETECTION] Is the Trojan horse TR/Bagle.Gen.B
    --> mdelk.exe
    [DETECTION] Is the Trojan horse TR/Bagle.Gen.B
    --> hldrrr.exe
    [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
    [NOTE] The file was moved to '48805abf.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\3D_Realistic_Fireplace_Screen_Saver_2.3.zip.vir
    [0] Archive type: ZIP
    --> 3D_Realistic_Fireplace_Screen_Saver_2.3.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5aa5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AbsoluteControl_1.72.zip.vir
    [0] Archive type: ZIP
    --> AbsoluteControl_1.72.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487f5ac5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AceKeyboard_1.00_With_Crack.zip.vir
    [0] Archive type: ZIP
    --> AceKeyboard_1.00_With_Crack.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715ac8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Aces_Omaha_-_No_Limit_1.3.8.zip.vir
    [0] Archive type: ZIP
    --> Aces_Omaha_-_No_Limit_1.3.8.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715ace.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Active_Config_1.0_(Patch).zip.vir
    [0] Archive type: ZIP
    --> Active_Config_1.0_(Patch).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805acf.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Adorage_for_Movie_Maker_1.0.zip.vir
    [0] Archive type: ZIP
    --> Adorage_for_Movie_Maker_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487b5ad0.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AFlashTop_1.00.zip.vir
    [0] Archive type: ZIP
    --> AFlashTop_1.00.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48785ab3.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.zip.vir
    [0] Archive type: ZIP
    --> Amazing_3D_Aquarium_-_Chaetodontoplus_Fish_Pack_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5adb.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Amigos_Spanish_4.6.zip.vir
    [0] Archive type: ZIP
    --> Amigos_Spanish_4.6.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755adc.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ancestral_Author_2.6_Crack.zip.vir
    [0] Archive type: ZIP
    --> Ancestral_Author_2.6_Crack.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5add.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.zip.vir
    [0] Archive type: ZIP
    --> Antivirus.Mcafee.Viruscan.8.0i.Enterprise.Fr.Complet.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805ade.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Atrise_ToTXT_1.0.1_(With_Crack).zip.vir
    [0] Archive type: ZIP
    --> Atrise_ToTXT_1.0.1_(With_Crack).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5ae5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\AudioIndex_1.0.zip.vir
    [0] Archive type: ZIP
    --> AudioIndex_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48705ae7.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Avex_DVD_to_PSP_Video_Suite_4_build_05.zip.vir
    [0] Archive type: ZIP
    --> Avex_DVD_to_PSP_Video_Suite_4_build_05.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715ae8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\avg.AntiSpyware-setup-7.5.0.50.+.crak.zip.vir
    [0] Archive type: ZIP
    --> avg.AntiSpyware-setup-7.5.0.50.+.crak.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48735aea.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Backup_Outlook_Express_2.0_Cracked.zip.vir
    [0] Archive type: ZIP
    --> Backup_Outlook_Express_2.0_Cracked.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5ad5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Base_Feeder_for_Recipes_3.0.zip.vir
    [0] Archive type: ZIP
    --> Base_Feeder_for_Recipes_3.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487f5ad6.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Bill_Serial_Port_Monitor_3.0T.zip.vir
    [0] Archive type: ZIP
    --> Bill_Serial_Port_Monitor_3.0T.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48785adf.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Butterflied_1.0.zip.vir
    [0] Archive type: ZIP
    --> Butterflied_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805aec.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.zip.vir
    [0] Archive type: ZIP
    --> CanoScan_LiDE_30_ScanGear_CS-U_7.0.3.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5ad8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complete_Macbeth_Interactive_1.1_(Key+Serial).zip.vir
    [0] Archive type: ZIP
    --> Complete_Macbeth_Interactive_1.1_(Key+Serial).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48795ae7.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Complex_Shift_Schedules_for_25_People_6.31.zip.vir
    [0] Archive type: ZIP
    --> Complex_Shift_Schedules_for_25_People_6.31.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '49e79318.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\ControlCenter_1.5.zip.vir
    [0] Archive type: ZIP
    --> ControlCenter_1.5.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5ae9.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cool_Audio_Extractor_1.26.zip.vir
    [0] Archive type: ZIP
    --> Cool_Audio_Extractor_1.26.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487b5aea.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Create_Message_Pro_1.00_Cracked.zip.vir
    [0] Archive type: ZIP
    --> Create_Message_Pro_1.00_Cracked.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715aed.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cryptus_2005_9.2.0.0.zip.vir
    [0] Archive type: ZIP
    --> Cryptus_2005_9.2.0.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48855aee.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\CSD_The_Librarian_1.020_Alpha.zip.vir
    [0] Archive type: ZIP
    --> CSD_The_Librarian_1.020_Alpha.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48505ad0.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Cyclone_Photo_Album_2.0.zip.vir
    [0] Archive type: ZIP
    --> Cyclone_Photo_Album_2.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5af7.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBComp_1.1.zip.vir
    [0] Archive type: ZIP
    --> DBComp_1.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '484f5ac1.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DBScripter_for_Oracle_1.13.zip.vir
    [0] Archive type: ZIP
    --> DBScripter_for_Oracle_1.13.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '485f5ac2.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DB_Comparer_2006_for_SQL_Server_2.1.0.1.zip.vir
    [0] Archive type: ZIP
    --> DB_Comparer_2006_for_SQL_Server_2.1.0.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5ac3.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DFX_for_Winamp_7.5.zip.vir
    [0] Archive type: ZIP
    --> DFX_for_Winamp_7.5.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48645ac8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Divnine_Divinity_Living_Dead_movie.zip.vir
    [0] Archive type: ZIP
    --> Divnine_Divinity_Living_Dead_movie.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48825aeb.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Dobry_Backuper_1.5_v154.zip.vir
    [0] Archive type: ZIP
    --> Dobry_Backuper_1.5_v154.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486e5af2.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DockStudioXP_2.1.0.144.zip.vir
    [0] Archive type: ZIP
    --> DockStudioXP_2.1.0.144.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5af3.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Draw_Pad_0.8.zip.vir
    [0] Archive type: ZIP
    --> Draw_Pad_0.8.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5af7.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\DriveImage_XML_1.21.zip.vir
    [0] Archive type: ZIP
    --> DriveImage_XML_1.21.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755af8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\E-book_Microsoft_Excel_XP_(Spanish)_1.0.zip.vir
    [0] Archive type: ZIP
    --> E-book_Microsoft_Excel_XP_(Spanish)_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486e5ab4.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\eSpace_Analyst_2.0.zip.vir
    [0] Archive type: ZIP
    --> eSpace_Analyst_2.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487c5adb.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Event_Monitoring_1.zip.vir
    [0] Archive type: ZIP
    --> Event_Monitoring_1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715aff.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ewido.Anti-Spyware.v4.0.0.172c_Patch.zip.vir
    [0] Archive type: ZIP
    --> Ewido.Anti-Spyware.v4.0.0.172c_Patch.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b00.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Extreme_Thumbnail_Generator_1.9.1.5_Cracked.zip.vir
    [0] Archive type: ZIP
    --> Extreme_Thumbnail_Generator_1.9.1.5_Cracked.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805b02.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\EZ_Backup_Outlook_Pro_4.7_(Key).zip.vir
    [0] Archive type: ZIP
    --> EZ_Backup_Outlook_Pro_4.7_(Key).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5ae5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FileFilter_2.194.zip.vir
    [0] Archive type: ZIP
    --> FileFilter_2.194.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48785af5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Fingerfox_1.0.zip.vir
    [0] Archive type: ZIP
    --> Fingerfox_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5af5.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flanker_demo_2.0.zip.vir
    [0] Archive type: ZIP
    --> Flanker_demo_2.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5af9.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\FlashMath_1.2.zip.vir
    [0] Archive type: ZIP
    --> FlashMath_1.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5afa.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Flash_Horizontal_Menu_Wizard_2.0_[Cracked].zip.vir
    [0] Archive type: ZIP
    --> Flash_Horizontal_Menu_Wizard_2.0_[Cracked].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5afb.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GoBinder_2006.zip.vir
    [0] Archive type: ZIP
    --> GoBinder_2006.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '484e5aff.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\GOTE_Screen_Capture_1.0.zip.vir
    [0] Archive type: ZIP
    --> GOTE_Screen_Capture_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48605ae0.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Great_Feng_Shui_1.0.2.zip.vir
    [0] Archive type: ZIP
    --> Great_Feng_Shui_1.0.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715b04.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hard_Drive_Mechanic_1.0_Serial.zip.vir
    [0] Archive type: ZIP
    --> Hard_Drive_Mechanic_1.0_Serial.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5af4.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Hot_Video_to_iPod_Converter_2.0_Crack.zip.vir
    [0] Archive type: ZIP
    --> Hot_Video_to_iPod_Converter_2.0_Crack.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805b03.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\I-TV++_Platinium_1.4.zip.vir
    [0] Archive type: ZIP
    --> I-TV++_Platinium_1.4.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48605ac2.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Infinity_1.3.1.zip.vir
    [0] Archive type: ZIP
    --> Infinity_1.3.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48725b03.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Interest_1.01.zip.vir
    [0] Archive type: ZIP
    --> Interest_1.01.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805b04.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\JetDat_2.0.zip.vir
    [0] Archive type: ZIP
    --> JetDat_2.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805afc.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Kr4ck3r_II_2.0.0.zip.vir
    [0] Archive type: ZIP
    --> Kr4ck3r_II_2.0.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48405b0a.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Launcher_2.5.6.zip.vir
    [0] Archive type: ZIP
    --> Launcher_2.5.6.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48815afa.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\LcCartas_(French)_3.1.zip.vir
    [0] Archive type: ZIP
    --> LcCartas_(French)_3.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '484f5afc.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\lcsutil_3.zip.vir
    [0] Archive type: ZIP
    --> lcsutil_3.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487f5afe.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Linguata_Bulgarian_4.6.zip.vir
    [0] Archive type: ZIP
    --> Linguata_Bulgarian_4.6.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5b04.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Magic_Notes_3.4.0.7142_[Key].zip.vir
    [0] Archive type: ZIP
    --> Magic_Notes_3.4.0.7142_[Key].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48735afd.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Manycam_2.1.zip.vir
    [0] Archive type: ZIP
    --> Manycam_2.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5afd.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MatrixSolver_1.0.8.zip.vir
    [0] Archive type: ZIP
    --> MatrixSolver_1.0.8.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805afe.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ma_Tirelire_1.0.7.zip.vir
    [0] Archive type: ZIP
    --> Ma_Tirelire_1.0.7.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5b00.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MB_Free_Life_Path_Period_Number_1.0.zip.vir
    [0] Archive type: ZIP
    --> MB_Free_Life_Path_Period_Number_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5ae1.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MH_Password_Generator_1.0.zip.vir
    [0] Archive type: ZIP
    --> MH_Password_Generator_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5ae8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.zip.vir
    [0] Archive type: ZIP
    --> Microsoft_Virtual_Server_2005_Enterprise_R2_SP1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b0a.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Micro_C_68HC16_Development_System_2.16l.zip.vir
    [0] Archive type: ZIP
    --> Micro_C_68HC16_Development_System_2.16l.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b0b.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Minisebran_1.10.zip.vir
    [0] Archive type: ZIP
    --> Minisebran_1.10.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5b0c.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movie_Player_ActiveX_Control_2.5_[Serial].zip.vir
    [0] Archive type: ZIP
    --> Movie_Player_ActiveX_Control_2.5_[Serial].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48825b13.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).zip.vir
    [0] Archive type: ZIP
    --> Movkit_DVD_to_iPod_Ripper_4.0_build_20070318_(Cracked).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '491c92e4.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MSN_Snatcher_1.3.zip.vir
    [0] Archive type: ZIP
    --> MSN_Snatcher_1.3.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '485a5af8.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.zip.vir
    [0] Archive type: ZIP
    --> MS_Word_Find_and_Replace_In_Multiple_Documents_Software_7.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5af9.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Multi_Web_Search_Toolbar_4.5.122.zip.vir
    [0] Archive type: ZIP
    --> Multi_Web_Search_Toolbar_4.5.122.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48785b1c.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Natural_Fat_Loss_2.0.zip.vir
    [0] Archive type: ZIP
    --> Natural_Fat_Loss_2.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805b09.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Nicole_The_Desktop_Singer_1.zip.vir
    [0] Archive type: ZIP
    --> Nicole_The_Desktop_Singer_1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b12.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Ordix_Aviser_2.10_Serial.zip.vir
    [0] Archive type: ZIP
    --> Ordix_Aviser_2.10_Serial.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48705b1b.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\OZ_Postcode_4.2.4_Key+Serial.zip.vir
    [0] Archive type: ZIP
    --> OZ_Postcode_4.2.4_Key+Serial.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5b05.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paper_Grains_Collection_1.0.1.zip.vir
    [0] Archive type: ZIP
    --> Paper_Grains_Collection_1.0.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487c5b0d.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Paraben's_SIM_Card_Seizure_1.0.2599.33141.zip.vir
    [0] Archive type: ZIP
    --> Paraben's_SIM_Card_Seizure_1.0.2599.33141.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5b0d.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Physics_Mechanics_Labs_2.1.zip.vir
    [0] Archive type: ZIP
    --> Physics_Mechanics_Labs_2.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48855b15.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pics_Print_3.14.1.416.zip.vir
    [0] Archive type: ZIP
    --> Pics_Print_3.14.1.416.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b17.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Picture_of_the_Day_1.3.zip.vir
    [0] Archive type: ZIP
    --> Picture_of_the_Day_1.3.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b19.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Pi_Saver_1.0.zip.vir
    [0] Archive type: ZIP
    --> Pi_Saver_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5b19.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Postscript_to_Text_Converter_2.0_(Key+Serial).zip.vir
    [0] Archive type: ZIP
    --> Postscript_to_Text_Converter_2.0_(Key+Serial).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487f5b20.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Power_Equipment_1.03_(With_Crack).zip.vir
    [0] Archive type: ZIP
    --> Power_Equipment_1.03_(With_Crack).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48835b21.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Progress_Planner_Professional_1.2.zip.vir
    [0] Archive type: ZIP
    --> Progress_Planner_Professional_1.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487b5b25.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Puzzle_Championship_Scenic_Edition_1.zip.vir
    [0] Archive type: ZIP
    --> Puzzle_Championship_Scenic_Edition_1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48865b28.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\QuoteWerks_Corporate_Edition_4.0_build_22_Serial.zip.vir
    [0] Archive type: ZIP
    --> QuoteWerks_Corporate_Edition_4.0_build_22_Serial.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487b5b29.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.zip.vir
    [0] Archive type: ZIP
    --> Rainbow_Six_3_Raven_Shield_1.52_Patch_1.53.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b16.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Rainbow_Synth_2.5.zip.vir
    [0] Archive type: ZIP
    --> Rainbow_Synth_2.5.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b17.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RemoteIE_2.5.zip.vir
    [0] Archive type: ZIP
    --> RemoteIE_2.5.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48795b1c.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remote_Installer_1.3.78.zip.vir
    [0] Archive type: ZIP
    --> Remote_Installer_1.3.78.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48795b1d.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Remove_Windows_Messenger_1.2.zip.vir
    [0] Archive type: ZIP
    --> Remove_Windows_Messenger_1.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '49e792ee.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Roller_0.47.1.zip.vir
    [0] Archive type: ZIP
    --> Roller_0.47.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48785b28.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\RssDownloader_1.zip.vir
    [0] Archive type: ZIP
    --> RssDownloader_1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487f5b2d.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Secret_Messenger_2.1.zip.vir
    [0] Archive type: ZIP
    --> Secret_Messenger_2.1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486f5b20.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Senlab_2.0.1.8.zip.vir
    [0] Archive type: ZIP
    --> Senlab_2.0.1.8.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5b20.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SID_Mixer_InDepth_1.2.zip.vir
    [0] Archive type: ZIP
    --> SID_Mixer_InDepth_1.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48505b05.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SMURLLabel_component.zip.vir
    [0] Archive type: ZIP
    --> SMURLLabel_component.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48615b0b.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Speed_Video_Converter_3.0.25.zip.vir
    [0] Archive type: ZIP
    --> Speed_Video_Converter_3.0.25.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715b2f.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SpicyByte_Screensaver_1.0.zip.vir
    [0] Archive type: ZIP
    --> SpicyByte_Screensaver_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b2f.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\spinnSaucer_0.8.zip.vir
    [0] Archive type: ZIP
    --> spinnSaucer_0.8.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b30.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\SprinN_Lite_eng_3.0_[Crack].zip.vir
    [0] Archive type: ZIP
    --> SprinN_Lite_eng_3.0_[Crack].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5b31.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Stipple_Studio_2.2.zip.vir
    [0] Archive type: ZIP
    --> Stipple_Studio_2.2.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b36.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\StylePad_1.4.2_[Key].zip.vir
    [0] Archive type: ZIP
    --> StylePad_1.4.2_[Key].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48855b37.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Survivor_Parody_Screensaver_1.0.zip.vir
    [0] Archive type: ZIP
    --> Survivor_Parody_Screensaver_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5b39.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec.Norton.Regcleaner.zip.vir
    [0] Archive type: ZIP
    --> Symantec.Norton.Regcleaner.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48795b3d.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.zip.vir
    [0] Archive type: ZIP
    --> Symantec_Norton.Utilities.2001.for.9598MeNT2000_5.0_en-us.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48795b3e.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TheAstrologer2Go_1.zip.vir
    [0] Archive type: ZIP
    --> TheAstrologer2Go_1.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48715b2e.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Theophilos_3.1.6.zip.vir
    [0] Archive type: ZIP
    --> Theophilos_3.1.6.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '49ef92c0.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Tiny_Message_1.2_[KeyGen].zip.vir
    [0] Archive type: ZIP
    --> Tiny_Message_1.2_[KeyGen].exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5b30.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\TradeBuilder_Professional_1.0.zip.vir
    [0] Archive type: ZIP
    --> TradeBuilder_Professional_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486d5b3a.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\UltimateDefrag_1.27.zip.vir
    [0] Archive type: ZIP
    --> UltimateDefrag_1.27.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48805b35.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Universal_Software_Oscilloscope_Library_1.0.0.zip.vir
    [0] Archive type: ZIP
    --> Universal_Software_Oscilloscope_Library_1.0.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b39.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\USB_Vault_1.02.zip.vir
    [0] Archive type: ZIP
    --> USB_Vault_1.02.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '484e5b1e.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\VCL_1.0.zip.vir
    [0] Archive type: ZIP
    --> VCL_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48585b0f.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\V_The_File_Viewer_2002.zip.vir
    [0] Archive type: ZIP
    --> V_The_File_Viewer_2002.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48605b2c.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Website_Image_Extractor_2.0_(Cracked).zip.vir
    [0] Archive type: ZIP
    --> Website_Image_Extractor_2.0_(Cracked).exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486e5b33.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.zip.vir
    [0] Archive type: ZIP
    --> Windows_NTP_Time_Server_Syslog_Monitor_1.0.000.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487a5b38.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Word_Seeker_1.0.zip.vir
    [0] Archive type: ZIP
    --> Word_Seeker_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '487e5b3f.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\World_Population_1.0.zip.vir
    [0] Archive type: ZIP
    --> World_Population_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '49e092b0.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\WriteEZ_1.73.zip.vir
    [0] Archive type: ZIP
    --> WriteEZ_1.73.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b43.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\X-Win32_8.0.2122.zip.vir
    [0] Archive type: ZIP
    --> X-Win32_8.0.2122.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48635b00.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\XP_Registry_Cleaner_2.05.zip.vir
    [0] Archive type: ZIP
    --> XP_Registry_Cleaner_2.05.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '486b5b24.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\Z100_Portland_Radio_JL_1.0.zip.vir
    [0] Archive type: ZIP
    --> Z100_Portland_Radio_JL_1.0.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '483c5b05.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Edwige\Application Data\m\shared\[LiveStream].kaspersky.ver.6.keygen.16.zip.vir
    [0] Archive type: ZIP
    --> [LiveStream].kaspersky.ver.6.keygen.16.exe
    [DETECTION] Is the Trojan horse TR/Dldr.Bagle.NK
    [NOTE] The file was moved to '48755b21.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
    [DETECTION] Is the Trojan horse TR/Trash.Gen
    [NOTE] The file was moved to '48715b3b.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
    [DETECTION] Is the Trojan horse TR/Trash.Gen
    [NOTE] The file was moved to '487a5b40.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
    [DETECTION] Is the Trojan horse TR/Trash.Gen
    [NOTE] The file was moved to '48705b43.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14562609.exe.vir
    [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
    [NOTE] The file was moved to '48415b0d.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14618046.exe.vir
    [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
    [NOTE] The file was moved to '48425b0f.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\14689250.exe.vir
    [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
    [NOTE] The file was moved to '48425b10.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\29739281.exe.vir
    [DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
    [NOTE] The file was moved to '48435b19.qua'!
    Begin scan in 'D:\'
    D:\Christiane\ma musique\new\04 Track 4.wma
    [DETECTION] Is the Trojan horse TR/Wimad.A.Gen
    [NOTE] The file was moved to '482c5f2d.qua'!
    D:\LimeWire\chargements\01 Track 1.wma
    [DETECTION] Is the Trojan horse TR/Wimad.A.Gen
    [NOTE] The file was moved to '482c624b.qua'!
    D:\logiciel\01 Track 1.wma
    [DETECTION] Is the Trojan horse TR/Wimad.A.Gen
    [NOTE] The file was moved to '482c624d.qua'!


    End of the scan: lundi 21 avril 2008 11:56
    Used time: 1:15:41 min

    The scan has been done completely.

    7134 Scanning directories
    328466 Files were scanned
    143 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    140 files were moved to quarantine
    0 files were renamed
    1 Files cannot be scanned
    328323 Files not concerned
    3190 Archives were scanned
    1 Warnings
    140 Notes

    merci encore
    21 Avril 2008 18:53:51

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM

    ;) 
    23 Avril 2008 20:39:16

    coucou, voici le rapport :


    Malwarebytes' Anti-Malware 1.11
    Version de la base de données: 672

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 123939
    Temps écoulé: 1 hour(s), 51 minute(s), 32 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 6

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\whInstall (Adware.WebHancer) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\whInstall\license.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Program Files\whInstall\readme.txt (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Program Files\whInstall\Sporder.dll (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Program Files\whInstall\whAgent.inf (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Program Files\whInstall\whAgent.ini (Adware.WebHancer) -> Quarantined and deleted successfully.
    C:\Program Files\whInstall\whInstaller.ini (Adware.WebHancer) -> Quarantined and deleted successfully.


    bon courage ;-)
    23 Avril 2008 22:34:57

    Re,

    Bien :super:

    Poste un nouveau rapport hijackthis et dis-moi comment va le PC.

    Toujours des problèmes ?

    ;) 
    24 Avril 2008 09:35:16

    re, voici le rapport hijakthis que je viens de faire :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 09:28:30, on 24/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\atiptaxx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Fichiers communs\AOL\1175536523\ee\AOLSoftware.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ads.eorezo.com/cgi-bin/advert/getads.cgi?x_forma...
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://emule-project.net/home/perl/help.cgi?l=13
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1175536523\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [ItsTV] "C:\Program Files\EoRezo\EoWeather\ItsTV.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_01] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_02] rundll32 advpack.dll,LaunchINFSection nlite.inf,nLiteReg (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\RunOnce: [nlpo_03] rundll32 advpack.dll,LaunchINFSection nlite.inf,S (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    --
    End of file - 9371 bytes



    sinon le pc va beaucoup mieux, il rame tjs un peu mais bon il est plus tout jeune...et il est bien plein lol
    sinon tout ce qui déconnait marche à nouveau c'est génial ! ! !
    merci !!!
    24 Avril 2008 14:42:26

    Re,

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), clique sur "do a system scan only", coche ces lignes ( si présentes ) puis clique sur "Fix Checked" et referme HijackThis :

    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
    O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll (file missing)
    O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)


    *******************************************************

    C’est OK, tu ne seras plus infecté(e) quand tu auras fait TOUTES les manip’ ci-dessous :p 

    1) Télécharge ToolsCleaner sur ton bureau.
    http://www.commentcamarche.net/telecharger/toolscleaner...

    Ce programme va te faire désinstaller tous les outils que je t’ai faits utiliser.

  • Clique sur Recherche et laisse le scan agir ...
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    2) Télécharge et installe Ccleaner :
    http://www.01net.com/telecharger/windows/Utilitaire/net...
  • Avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires". Ensuite, clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Clique sur l'onglet "Nettoyeur" puis sur "Lancer le Nettoyage".
  • Ensuite clique sur l'onglet Registre, clique sur "Chercher des erreurs" puis sur "Réparer les erreurs sélectionnées". Il est inutile de faire des sauvegardes des clés. Répète l'opération autant de fois qu'il le faut jusqu'à qu'il ne trouve plus d'erreurs.
  • Tutorial ici : http://www.infos-du-net.com/forum/272336-7-ccleaner-und...
    3)
  • Désactive ta restauration systeme

  • Réactive ta restauration systeme

  • Tutorial ici : http://www.infos-du-net.com/forum/272480-11-desactiver-...
    ********************************************************************************

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Ce serait sympa de rapporter ton infection sur > Malware-Complaints < pour faire condamner ses auteurs

    - Règles du forum <- ici
    - Poster un message <- ici ( par Malekal )

    Pour t'enregistrer clique sur le bouton register ( en haut )
    Si tu as plus de 13 ans choisis " I Agree to these terms and am over or exactly 13 years of age "
    Si tu as moins de 13 ans choisis " I Agree to these terms and am under 13 years of age "

    Tu auras une liste par type d'infection
    Si ton infection n'est pas dans la liste crée un message dans Autres infections

    a+ et bon surf :hello: 


    Quelques liens intéressants :

    http://mickael.barroux.free.fr/securite/
    http://www.malekal.com/
    http://www.infos-du-net.com/forum/275481-11-dossier-pre...
    25 Avril 2008 09:17:38

    j'ai effectué la première étape voici le rapport, je passe à la suite...


    -->- Recherche:

    C:\Qoobox: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Edwige\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Edwige\Bureau\HJTInstall.exe: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Edwige\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Edwige\Bureau\HJTInstall.exe: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Qoobox: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    25 Avril 2008 10:49:01

    C'est ok :) 
    10 Mai 2008 09:02:35

    encore merci pour tout ;-)
    10 Mai 2008 12:03:59

    Re,

    De rien ce fut un plaisir !

    Rapporte ton infection sur malware complain si ce n'est pas fait, c'est important ;) 

    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Bonne continuation :hello: 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS