Il y a actuellement 554 visiteurs
Vendredi 22 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Gros Probleme • page 2

Encore un écran bleu sur votre PC ? Vous avez besoin d'aide pour installer correctement le driver de votre nouveau matériel informatique sur un système Microsoft ? Alors posez nous vos questions sur ce forum d'entraide.
Répondre

Message le 16 Déc 2008 14:33

SDFix: Version 1.240
Run by Py-One on 16/12/2008 at 14:05

Microsoft Windows XP [version 5.1.2600]
Running From: C:SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:WINDOWSsystem32explorer.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 14:12:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools Lite"
"h0"=dword:00000000
"khjeh"=hex:ff,c4,84,e2,1b,7d,c4,64,10,27,a6,ae,8b,65,aa,47,3c,28,9f,70,69,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001]
"a0"=hex:20,01,00,00,fd,81,32,bd,db,e0,a8,56,8d,1d,87,bc,ab,57,ff,70,03,..
"khjeh"=hex:34,cb,43,e2,0a,01,b0,fb,98,e0,f8,62,a2,0d,c2,b7,19,72,72,e4,b6,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf40]
"khjeh"=hex:98,69,f6,5b,6b,24,43,94,e5,1b,59,bd,30,4e,18,c0,0e,a8,df,0a,9f,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf41]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf42]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..
[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools Lite"
"h0"=dword:00000000
"khjeh"=hex:ff,c4,84,e2,1b,7d,c4,64,10,27,a6,ae,8b,65,aa,47,3c,28,9f,70,69,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001]
"a0"=hex:20,01,00,00,fd,81,32,bd,db,e0,a8,56,8d,1d,87,bc,ab,57,ff,70,03,..
"khjeh"=hex:34,cb,43,e2,0a,01,b0,fb,98,e0,f8,62,a2,0d,c2,b7,19,72,72,e4,b6,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf40]
"khjeh"=hex:98,69,f6,5b,6b,24,43,94,e5,1b,59,bd,30,4e,18,c0,0e,a8,df,0a,9f,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf41]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf42]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\CoD 5\CoDWaWmp.exe"="D:\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\CoD 5\CoDWaW.exe"="D:\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :


File Backups: - C:SDFixackupsackups.zip

Files with Hidden Attributes :

Fri 15 Dec 2006 189,692 A.SHR --- "C:WINDOWSsystem32odbcasvc.exe"

Finished!

voici le rapport SDFix
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:39

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:36:41, on 16/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSSYSTEM32odbcasvc.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSEXPLORER.EXE
C:Program FilesMultimedia Card Readershwicon2k.exe
C:WINDOWSsystem32Rundll32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesJavajre6injusched.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesWindows Desktop SearchWindowsSearch.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.orange.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program FilesIEProiepro.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Sunkist2k] C:Program FilesMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesFichiers communsNeroLibNeroCheck.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesFichiers communsNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKCU..Run: [wsctf.exe] wsctf.exe
O4 - HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6426819484
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

--
End of file - 6658 bytes

voici le rapport Hijackthis
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:41

voila merci
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:55

Bonjour.


_ SDFix a normalement supprimé le trojan explorer.exe, ok.


_ Via HiJackThis, tu supprimes les lignes:

F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O4 - HKCU..Run: [wsctf.exe] wsctf.exe
O4 - HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE


_ Tu as une infection chinoise.

Tu télécharges ceci que tu lances ensuite en double-cliquant dessus.

Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.

Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.

Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.

_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.

_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.

Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.


_ Tu as une autre infection, un ver.

Tu cliques sur Démarrer puis sur Exécuter.

Tu copies-colles ou écris services.msc puis tu valides par Ok ou Entrée.

Dans la fenêtre, tu cherches ODBC Administration Service puis tu double cliques dessus et, dans type de démarrage, tu modifies pour mettre Désactivé puis, plus bas si le bouton Arrêter est présent, tu cliques dessus et tu valides.

Tu vas ensuite dans C:WINDOWSSYSTEM32 et tu supprimes odbcasvc.exe puis tu vides la poubelle.

Si tu ne peux pas le supprimer, tu redémarres en Mode sans échec pour le supprimer.


Ps: tu attends quoi pour installer un antivirus? :evil:

Tu télécharges Antivir que tu installes.

Suis ce tutorial pour l'installation. Tu mets ensuite l'antivirus à jour et tu procèdes à une analyse de ta machine.

Tu nous postes le rapport d'analyse ensuite.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 16 Déc 2008 20:19

Tu télécharges "ceci" que tu lances ensuite en double-cliquant dessus.
ton lien ne marche pas pourais tu me dire qu'est ce ?
merci bien
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 20:44

Je ne le trouve pas ailleurs.

Pas grave, attaque la suite.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 16 Déc 2008 20:50

ok merci mais pourrais tu me dire le nom comme ca je chercherai de mon coté :wink:
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 21:49

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1466
Windows 5.1.2600 Service Pack 3

16/12/2008 21:47:16
mbam-log-2008-12-16 (21-47-16).txt

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 128434
Temps écoulé: 53 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunexplorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

voici mon rapport MAM
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 21:59

salut mais j'ai pas trouver ce fichier "odbcasvc.exe " ds le system 32 :-?
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 02:10

Pour le nom, c'était tel.xls.exe_Remover.exe

gabbiole a écrit:salut mais j'ai pas trouver ce fichier "odbcasvc.exe " ds le system 32 :-?


Démarre en Mode sans échec et va faire la chasse au ver, tu ne verras peut-être pas l'extension.

Supprime le puis vide la corbeille.

Fais ensuite un nouveau scan HiJackThis.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 17 Déc 2008 14:00

Avira AntiVir Personal
Report file date: mercredi 17 décembre 2008 13:21

Scanning for 1095333 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ILPONSE-C475DF8

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.0.197 1170432 Bytes 07/12/2008 12:20:01
ANTIVIR2.VDF : 7.1.0.230 156160 Bytes 14/12/2008 12:20:04
ANTIVIR3.VDF : 7.1.0.245 125952 Bytes 17/12/2008 12:20:06
Engineversion : 8.2.0.45
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.19 336252 Bytes 17/12/2008 12:20:28
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 17/12/2008 12:20:25
AEHEUR.DLL : 8.1.0.75 1524087 Bytes 17/12/2008 12:20:23
AEHELP.DLL : 8.1.2.0 119159 Bytes 17/12/2008 12:20:12
AEGEN.DLL : 8.1.1.8 323956 Bytes 17/12/2008 12:20:11
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.5.2 172405 Bytes 17/12/2008 12:20:08
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:program filesaviraantivir personaledition classicsysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 17 décembre 2008 13:21

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'MiniDM.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'shwicon2k.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:'
[INFO] No virus was found!
Boot sector 'D:'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '58' files ).


Starting the file scan:

Begin scan in 'C:' <Windows>
C:pagefile.sys
[WARNING] The file could not be opened!
C:Documents and SettingsAll UsersApplication DataNeroDrWebDrweb32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bfef63.qua'!
C:Documents and SettingsFaaliyahLocal SettingsTempVGod.DLL
[DETECTION] Is the TR/Crypt.NSAnti.Gen Trojan
[NOTE] The file was moved to '49b7ef4b.qua'!
C:Documents and SettingsLocalServiceApplication DataMicrosoftUPnP Device Hostupnphostudhisapi.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '49b0ef74.qua'!
C:Documents and SettingsPy-OneApplication DataSunJavajre1.6.0_11lzma.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b5ef97.qua'!
C:MSOCacheAll Users{90120000-006E-040C-0000-0000000FF1CE}-Cmsvcr80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef043.qua'!
C:NVIDIAWin2k178.24ISISSetup.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '499bf034.qua'!
C:NVIDIAWinXP180.48ISISSetup.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '499bf055.qua'!
C:Program FilesMeuhMeuhTVMeuhMeuhTV.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bdf0ee.qua'!
C:Program FilesMovie Makerwmm2res.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b5f135.qua'!
C:SDFixackupsackups.zip
[0] Archive type: ZIP
--> backups/EXPLORER.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '49abf18f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP104A0025828.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f176.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP107A0026153.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '4978f18a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP107A0026169.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '4978f18e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026277.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f194.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026278.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f19a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026279.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f19e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026281.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1a1.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026282.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1a6.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026283.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1ab.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026284.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1ae.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026285.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1b2.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006606.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f244.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006607.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f247.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006608.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f24a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006688.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f24f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007477.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f255.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007494.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f259.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007501.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f25c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009515.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f27c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009516.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f27f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009517.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f282.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009518.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f285.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009519.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f287.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009529.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f291.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010000.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f29b.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010003.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f29c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010007.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae35d.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010520.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2a5.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010528.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2a6.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010535.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae367.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP57A0011836.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f2af.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013110.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f2d5.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0017999.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2f7.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP88A0020861.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f30e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP94A0021685.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f320.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP97A0022971.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f326.qua'!
C:WINDOWSsystem32odbcasvc.exe
[DETECTION] Is the TR/Spy.VB.QU Trojan
[NOTE] The file was moved to '49aaf541.qua'!
C:WINDOWSsystem32driverssptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:' <Jeux.. Videos... Films>
D:CoD 5inkw32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b6f58f.qua'!
D:CoD 5CoDWaW.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '498cf596.qua'!
D:CoD 5pbpbag.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f5db.qua'!
D:CoD 5pbpbags.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f5dc.qua'!
D:CoD 5pbpbcl.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49abf5dc.qua'!
D:CoD 5pbpbcls.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '480afffd.qua'!
D:CoD 5pbpbsv.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bbf5dd.qua'!
D:Nba2k9
ba2k9.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f638.qua'!
D:Pureinkw32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b6f665.qua'!
D:Purefmodex.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b7f66a.qua'!
D:Purefmod_event.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4817f4eb.qua'!
D:PurePure.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49baf673.qua'!
D:PureMicrosoft.VC80.CRTmsvcp80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef6c7.qua'!
D:PureMicrosoft.VC80.CRTmsvcr80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef6c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026289.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f686.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026290.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48dae747.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026291.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f687.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026292.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae748.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026293.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f689.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026294.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f688.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026295.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae749.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026296.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026297.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026298.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026299.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026300.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026301.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026302.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009870.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f691.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009871.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae752.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009872.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f692.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009873.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae753.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009874.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f693.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009875.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae754.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009876.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f694.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009877.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae755.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009906.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f695.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012636.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012637.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69b.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012638.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012639.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012640.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012641.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f69d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012642.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012643.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012644.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012645.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012646.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48dae760.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012647.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012658.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012887.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6a1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0012988.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013004.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013005.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013006.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013007.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013008.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6a8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013009.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013010.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013011.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013012.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6aa.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013013.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013014.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95ba.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013015.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ab.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013064.rbf
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95bb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013078.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ac.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013084.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95bd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014017.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014018.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014019.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014020.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014021.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014022.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014023.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014024.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014025.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014026.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014027.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014028.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014030.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014031.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014032.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014033.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014034.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ba.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014036.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014093.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014094.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ac.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014095.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014096.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95ad.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014097.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014098.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ae.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014099.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6bf.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014100.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6be.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014101.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014102.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014103.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95d2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014104.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014106.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014107.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014108.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014109.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014110.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014113.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014242.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014243.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014244.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6c7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014245.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014246.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014247.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95d9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014248.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ca.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014249.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014250.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95da.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014251.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95db.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014252.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014253.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014255.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95dc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014256.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95dd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014257.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ce.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014258.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014259.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95de.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014262.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95df.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015924.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015925.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015926.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015927.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6d2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015928.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015929.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015930.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015931.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015932.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015933.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015934.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015935.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015937.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015938.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015939.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015940.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015941.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95c9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015944.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6da.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019021.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6dd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019032.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6de.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019033.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6df.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019034.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019035.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019036.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019037.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019038.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019039.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019040.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95f3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019041.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019042.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019043.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019045.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95f5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019046.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019047.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019048.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019049.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP83A0020429.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP83A0020430.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020617.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6eb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020668.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020677.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ec.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020678.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020679.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ee.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020680.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ed.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020681.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fe.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020682.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ff.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020683.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f510.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020684.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6ef.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020685.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020686.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020687.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020688.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020690.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020691.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020692.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020693.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020694.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020697.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021010.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021011.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021012.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021013.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021014.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021015.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021016.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fa.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021017.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021018.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ea.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021019.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95eb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021020.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021021.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021023.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ec.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021024.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ed.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021025.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6fe.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021026.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ef.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021027.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021028.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ee.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021190.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f701.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021191.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9412.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021192.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f702.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021193.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9413.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021194.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f703.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021195.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9414.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021196.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f704.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021197.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9415.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021198.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f705.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021199.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9416.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021200.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f707.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021201.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f706.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021202.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9417.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021204.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9418.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021205.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f709.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021206.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f708.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021207.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa941a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021208.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70b.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021212.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021243.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021254.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021255.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa941f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021256.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021257.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9400.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021258.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f710.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021259.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f711.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021260.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9402.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021261.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f713.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021262.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f712.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021263.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9404.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021264.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f715.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021265.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9406.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021267.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f714.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021268.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9405.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021269.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f717.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021270.dll
[DETECTION] Contains code of the W32/Bacalid.A Wi
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:21

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:23, on 17/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:WINDOWSExplorer.exe
C:Program FilesMultimedia Card Readershwicon2k.exe
C:WINDOWSsystem32Rundll32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesJavajre6injusched.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesWindows Desktop SearchWindowsSearch.exe
C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSsystem32SearchProtocolHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.orange.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe.
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program FilesIEProiepro.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Sunkist2k] C:Program FilesMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesFichiers communsNeroLibNeroCheck.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesFichiers communsNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6426819484
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O17 - HKLMSystemCCSServicesTcpip..{C05396AF-0B0F-4327-B509-AEB3BECC9705}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

--
End of file - 7276 bytes
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:37

Bonjour.

C'est clean ;) Avira a trouvé certaines choses mais a aussi paniqué avec SDFix par exemple. Pas grave.


Pour terminer la désinfection et optimiser Windows:


_ Désinstallation des utilitaires utilisés:

Les programmes utilisés pour la désinfection ne sont pas à utiliser quotidiennement.

Pour les désinstaller, il faut aller dans le Panneau de configuration puis, via Ajouter/Supprimer des programmes, sélectionner les utilitaires et cliquer sur Désinstaller.

Pour une suppression effective, penses à supprimer leurs dossiers respectifs, la plupart à la racine de ta partition principale.


_ Utilisation d'un navigateur internet alternatif:

Internet Explorer n'étant pas sûr, il est préférable d'installer un navigateur internet alternatif pour sécuriser ton surf.

Tu as le choix entre Mozilla Firefox, Apple Safari ou encore Opéra.

Il faudra ensuite définir ce navigateur internet alternatif comme navigateur par défaut.


_ Utilisation d'un pare-feu alternatif:

Il est recommandé de ne pas utiliser le pare-feu Windows et d'en prendre un plus efficace.

Le choix est large: Zone Alarm, Sunbelt, Ashampoo ou encore Sygate.

Après avoir sélectionné le pare-feu idéal, il faudra désactiver celui de Windows.


_ Nettoyage des points de restauration:

Dans un premier temps, il faut supprimer tous les points de restauration.

Pour cela, cliques sur Poste de travail puis Propriétés.
Onglet Restauration automatique du système, tu coches la ligne Désactiver la restauration du système puis tu valides par Ok.
Tu confirmes la suppression de tous les points de restauration, puis tu cliques sur Appliquer et/ou Ok.

Ensuite, il faut réactiver la restauration automatique du système.

Tu refais la manipulation précédente pour relancer les propriétés du Poste de travail.
Tu décoches la ligne puis cliques sur Appliquer & Ok.

Tu auras créer un point de restauration propre.


_ Nettoyage des fichiers temporaires & de la base de registre:

Pour cela, Ccleaner reste le moyen le plus sûr et pratique de tout nettoyer sans risques.

En suivant ce tutorial, cet utilitaire sera configuré correctement.

Il est aussi utile de purger régulièrement le dossier Prefetch en profitant de Ccleaner pour automatiser ce nettoyage.
Pour cela, il faut aller dans Options puis Personnaliser pour ajouter le dossier C:WindowsPREFETCH.


_ Un petit coup d'oeil à notre dossier Nettoyage peut être utile en supplément.

Et finalement, pour optimiser Windows XP, ce sujet sera intéressant.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 17 Déc 2008 14:49

merci a toi Rainbow
je voudrais savoir maintenant si mon ordi est clean ?
maintenant tu me dis de desintaller Hijackthis c'est ca
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:56

gabbiole a écrit:je voudrais savoir maintenant si mon ordi est clean ?


Oui.

gabbiole a écrit:maintenant tu me dis de desintaller Hijackthis c'est ca


Oui. Tu supprimes aussi SDFix.

Tu gardes par contre Mbam, très polyvalent à coupler avec un pare-feu & ton antivirus.

Bon surf.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut
PrécédenteSuivante
Répondre

Sujets similaires

Message Problème USB 3 sur mini PC (SSD M2 externe)
Bonjour a tous, j'ai un problème sur un mini PC fonctionnant sur un Intel N100. Il y a 2 port usb2 et 2 ports usb3. Mon problème ? Il semble que certains perifériques ne fonctionnent pas correctement (en l'occurence, les boitiers externes pour SSD M2).Si le SSD M2 est connecté sur un USB3 j'obtiens ...
Réponses: 5

Message probleme avec le logiciel nvidia
Bonjour,Oui DDU est très efficace , on s'en sert surtout quand on change de fabricant de carte graphique de AMD vers Nvidia par exemple. Il nettoie tout.Bonne journée.
Réponses: 13

Message [Réglé] probleme windows update recherche sans fin
Salut tout le monde depuis quelques jours lorsque je clique sur Windows update et recherche de mise à jour en cours cela se mets en recherche sans fin voir ma capture écran Rien n'y fait, j'ai beau exécuter l'utilitaire de dépannage Windows update rien n'y fait? Il me détecte en effet un incident, m ...
Réponses: 14

Message [Réglé] Problème de dépendance manquantes sur Kali Linux
Salut, j'ai essayé d'installer un logiciel (Free download manager) sur Kali Linux Mais quand j'ai essayé de l'installer, ça a affiché qu'il y a des dépendance manquantesQuelqu'un peut-il m'aider à résoudre ce problème s'il vous plaît ?
Réponses: 1

Message Problème d'installation Kali Linux Dual boot
Bonjour, j'ai crée une nouvelle partition pour l'installation de Kali Linux, après j'ai démarrer l'installation de Kali Linux en dual boot via clé USB, j'ai suivi les instructions, mais quand je clique sur terminer le partitionnement et appliquer les changements, ça affiche "Aucun système de fi ...
Réponses: 1

Message Problème de démarrage pc sur clé USB
Salut, j'ai gravé Linux sur une clé USB (qui ne contient aucun virus après analyse), je veux installer Linux mais quand je démarre mon PC avec ma clé USB ça affiche "security boot fail". Quelqu'un peut-il m'aider à résoudre ce problème, s'il vous plaît ?
Réponses: 1

Message problème d'allumage sur ipad
Bonjour,J'ai une cousine qui a un "ipad modèle a 1893" et depuis quelques temps, il s'éteint tout seul alors que la batterie est pleine et d'origine, et du coup il faut attendre un moment pour arriver à le rallumer.Est-ce un problème de batterie ou d'alimentation de la tablette à votre av ...
Réponses: 3

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 35 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.
cron