Virus ou spyware qui désactive les servises de windows et modifie la base de registre

Réseaux & telecom
1

:nexath Bonjour tout le monde, vraiment là je demande au secours:
je presente mon problème le plus simplement possible; il y a qlq jours j’ai executé un *.exe (crack de hi sof t???) sur mon ordinateur (ultraportable acer) une fenêtre est apparu avec un police etrange et un bouton OK. j’ai fermé la fenêtre sans cliquer sur OK mais c’est trop tard… une seconde après mon avast est désactivé, mon résau wifi est perdu et impossible d’installer un antivirus (j’ aissayé avast, avg, avira) tous treminent pas “l’installation a echouée”
sur un autre forum j’ai trouvé une solution partielle pour libéré mon reseau sans fil par modification sur la base de registre, mais dés que je redémarre le problème réapparu.
en plus quelques services de windows sont arrêtés par ce truc que j’ai installé.
*la configuration automatique du reseau san fil
*par-feu windows
*les services d’avast

Alors à votre avis comment peux-je m’endébarasser de cette méchate application alors que je suis incapable d’installer un antivirus ?

NB: la clé que je modifie pour récupérer mon reseau sans fil:

Demarrer > Executer > Regedit > HKEY_LOCAL8MACHINE > System > CurrentControlSetservices > Ndisuio > (dans la fenêtre à droite double clique sur) start > vous allez trouver le chifre 2 ou 4 cela veux dire q’un virus a modifié votre base de registre. pour corriger mettez “3” et redemarrer votre pc.:clap:

Si vous n’êtes pas sûr que vous modifiez la clé juste (indiquée dans le chemin) n’essayer pas de modifier la base de registre, et demandez l’aide.

2

bonjour,essaye ceci, redémarre en mode sans échec avec prise en charge resau,installe malwerbyte www.commentcamarche.net… fait la mise a jour ,ensuite lance malwerbyte en scan complet,a la fin du scan supprime la sélection.poste le raport.perso je soupçonne begale d avoir frappez…

3

D’abord Merci “KOUGA” vous avez donné le bon conseil. j’ai posté le log du premier scan comme vous m’avez indiqué et un desième log d’un deusième scan que j’ai effectué aprés le redemarage proposé par le MALWERBYTE.

aprés que le problème est resolu j’i pu installer un antivirus AVIRA. tout est bon maitenant.

LE PREMIER SCAN/

Malwarebytes’ Anti-Malware 1.38
Version de la base de données: 2308
Windows 5.1.2600 Service Pack 3

19/06/2009 16:29:18
mbam-log-2009-06-19 (16-29-18).txt

Type de recherche: Examen complet (C:|)
Eléments examinés: 162481
Temps écoulé: 42 minute(s), 4 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 6
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 3
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 208

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sk9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sk9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sk9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\111111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\111111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\111111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\german.exe (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\drvsyskit (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Rootkit.Bagle) -> Delete on reboot.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\Application Data\m (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\hicham\Application Data\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\hicham\application data\drivers\11s11ro1s1a2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information_restore{da1e5436-29e0-4652-afcd-03a3ce19e6fb}\RP86\A0030290.exe (Trojan.Packed) -> Quarantined and deleted successfully.
c:\system volume information_restore{da1e5436-29e0-4652-afcd-03a3ce19e6fb}\RP86\A0030303.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information_restore{da1e5436-29e0-4652-afcd-03a3ce19e6fb}\RP87\A0030321.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information_restore{da1e5436-29e0-4652-afcd-03a3ce19e6fb}\RP87\A0030333.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\102515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\1035203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\104265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\108078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\113015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\115718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\115906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\117843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\121375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\127359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\128375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\131234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\132140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\133468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\138265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\139078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\147890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14853625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14862484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14864390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14867828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\148828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14888375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14891687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14892718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14901921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14907109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14947218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14948312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14948921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14957890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14959265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14959812.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14960640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14971718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\14995187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\15001359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\15003375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\15003562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\153453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\154156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\159765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\161578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\168375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\170937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\172531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\184359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\184531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\188468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\189968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\191906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\193296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\195750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\196390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\197593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\199140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\200000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\203078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\206906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\209515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\210125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\210578.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\213125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\213984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\215890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\221171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\221359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\222140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\223593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\224109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\224125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\224156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\225281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\227078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\227203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\230093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\230640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\236218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\238000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\240250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\240890.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\244921.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\246234.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\247859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\248875.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\251218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\251984.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\255484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\257343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\261609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\262734.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\263453.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\264484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\265375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\270859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\271796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\280203.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\280968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\281156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\285968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\287125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\287484.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\289593.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\292843.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\295625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\297265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\298171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\300156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\300750.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\303015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\303250.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\305671.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\306468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\306625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\309078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\309109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\313125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\322093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\325046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\335359.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\335609.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\336437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\337265.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\338093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\338281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\339281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\344015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\365187.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\366703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\369562.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\370140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\373375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\373953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\374421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\377718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\379531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\381281.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\388328.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\394437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\399640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\400953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\401375.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\402406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\403140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\405062.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\405796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\418000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\429859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\444109.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\449093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\449859.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\451343.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\453093.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\453968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\457218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\48531.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\49125.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\50140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\504468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\50953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\520218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\528046.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\534312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\535515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\537078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\537218.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\556171.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\558421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\563015.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\566312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\566437.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\567156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\568406.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\568828.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\611468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\634687.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\64078.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\64953.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\65390.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\677468.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\679625.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\680000.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\687718.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\692796.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\693640.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\74031.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\76140.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\775312.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\785515.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\790765.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\790937.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\79968.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\813906.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\82703.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\application data\drivers\downld\94296.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\hicham\Application Data\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
c:\documents and settings\hicham\Application Data\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\hicham\Application Data\drivers\111wfs1intwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.

LE DEUSIEME SCAN APRES REDEMARRAGE:

Malwarebytes’ Anti-Malware 1.38
Version de la base de données: 2308
Windows 5.1.2600 Service Pack 3

19/06/2009 16:42:35
mbam-log-2009-06-19 (16-42-35).txt

Type de recherche: Examen rapide
Eléments examinés: 89121
Temps écoulé: 6 minute(s), 17 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté):bounce::bounce:

C’EST UN BON TRAVAIL : :super:LE PROBLEME EST RESOLU :clap:

4

Là je vais dire l’origine de mon problème pour avertir les autres internautes:

j’ai téléchargé un flv editeur, mais j’ai eu besoin de son serial, j’ai essayé de le chercher par le P2P sharazza:@, j’ai trouvé un exe (hi soft) dites crack de cet editeur. d’abitude je scan par mon avast tout mes téléchargement sans exeption chose que j’ai fait cette fois-ci aussi mais mon cher avast n’a rien détecté, j’ai lui fait confience et j’ai cliqué sur l’exe. la première victime c’était Avast puis le wifi …

Heuresement qu’il y a dans le monde un “KOUGA” et un “MALWERBYTE”:love:.

Merci Kouga. et attention les autres à ne pas faire ce que j’ai fait.:non: