Il y a actuellement 267 visiteurs
Jeudi 25 Avril 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

Gros Probleme • page 2

Encore un écran bleu sur votre PC ? Vous avez besoin d'aide pour installer correctement le driver de votre nouveau matériel informatique sur un système Microsoft ? Alors posez nous vos questions sur ce forum d'entraide.
Répondre

Message le 16 Déc 2008 14:33

SDFix: Version 1.240
Run by Py-One on 16/12/2008 at 14:05

Microsoft Windows XP [version 5.1.2600]
Running From: C:SDFix

Checking Services :


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:WINDOWSsystem32explorer.exe - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 14:12:22
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools Lite"
"h0"=dword:00000000
"khjeh"=hex:ff,c4,84,e2,1b,7d,c4,64,10,27,a6,ae,8b,65,aa,47,3c,28,9f,70,69,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001]
"a0"=hex:20,01,00,00,fd,81,32,bd,db,e0,a8,56,8d,1d,87,bc,ab,57,ff,70,03,..
"khjeh"=hex:34,cb,43,e2,0a,01,b0,fb,98,e0,f8,62,a2,0d,c2,b7,19,72,72,e4,b6,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf40]
"khjeh"=hex:98,69,f6,5b,6b,24,43,94,e5,1b,59,bd,30,4e,18,c0,0e,a8,df,0a,9f,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf41]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf42]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..
[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA4]
"p0"="C:Program FilesDAEMON Tools Lite"
"h0"=dword:00000000
"khjeh"=hex:ff,c4,84,e2,1b,7d,c4,64,10,27,a6,ae,8b,65,aa,47,3c,28,9f,70,69,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001]
"a0"=hex:20,01,00,00,fd,81,32,bd,db,e0,a8,56,8d,1d,87,bc,ab,57,ff,70,03,..
"khjeh"=hex:34,cb,43,e2,0a,01,b0,fb,98,e0,f8,62,a2,0d,c2,b7,19,72,72,e4,b6,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf40]
"khjeh"=hex:98,69,f6,5b,6b,24,43,94,e5,1b,59,bd,30,4e,18,c0,0e,a8,df,0a,9f,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf41]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

[HKEY_LOCAL_MACHINESYSTEMControlSet003ServicessptdCfg19659239224E364682FA4BAF72C53EA40000001Jf42]
"khjeh"=hex:8d,49,51,44,65,d9,08,f0,6e,07,ff,b2,2d,2f,35,5b,d9,0a,2f,92,f5,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\IEPro\MiniDM.exe"="C:\Program Files\IEPro\MiniDM.exe:*:Enabled:MiniDM"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\CoD 5\CoDWaWmp.exe"="D:\CoD 5\CoDWaWmp.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"D:\CoD 5\CoDWaW.exe"="D:\CoD 5\CoDWaW.exe:*:Enabled:Call of Duty(R) - World at War(TM)"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe"="C:\Program Files\KONAMI\Pro Evolution Soccer 2009\pes2009.exe:*:Enabled:Pro Evolution Soccer 2009"

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :


File Backups: - C:SDFixackupsackups.zip

Files with Hidden Attributes :

Fri 15 Dec 2006 189,692 A.SHR --- "C:WINDOWSsystem32odbcasvc.exe"

Finished!

voici le rapport SDFix
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:39

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:36:41, on 16/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSSYSTEM32odbcasvc.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSEXPLORER.EXE
C:Program FilesMultimedia Card Readershwicon2k.exe
C:WINDOWSsystem32Rundll32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesJavajre6injusched.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesWindows Desktop SearchWindowsSearch.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.orange.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program FilesIEProiepro.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Sunkist2k] C:Program FilesMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesFichiers communsNeroLibNeroCheck.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesFichiers communsNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKCU..Run: [wsctf.exe] wsctf.exe
O4 - HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6426819484
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

--
End of file - 6658 bytes

voici le rapport Hijackthis
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:41

voila merci
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 14:55

Bonjour.


_ SDFix a normalement supprimé le trojan explorer.exe, ok.


_ Via HiJackThis, tu supprimes les lignes:

F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O4 - HKCU..Run: [wsctf.exe] wsctf.exe
O4 - HKCU..Run: [EXPLORER.EXE] EXPLORER.EXE


_ Tu as une infection chinoise.

Tu télécharges ceci que tu lances ensuite en double-cliquant dessus.

Tu télécharges Malwarebytes' Anti-Malware, tu l'installes puis tu procèdes à sa mise à jour.

Tu lances l'application en double-cliquant sur l'icône Malwarebytes' Anti Malware.

Tu cliques ensuite sur Exécuter un examen complet puis tu lances l'analyse en cliquant sur Rechercher.

_ Si l'utilitaire ne trouve rien de néfaste, cliques sur Ok. Le Bloc-notes va s'ouvrir avec le rapport d'analyse, celui-ci n'est pas intéressant car la machine est propre.
Tu peux fermer le Bloc-notes.

_ Si l'utilitaire trouve des éléments suspects, tu cliques sur Afficher les résultats puis sur Supprimer la sélection.
Tu enregistres le rapport d'analyse que tu nous copies-colles dans ton prochain message.

Il est possible que le programme te demande de redémarrer pour effectuer des suppressions supplémentaires, tu acceptes le redémarrage volontaire en cliquant sur Ok.


_ Tu as une autre infection, un ver.

Tu cliques sur Démarrer puis sur Exécuter.

Tu copies-colles ou écris services.msc puis tu valides par Ok ou Entrée.

Dans la fenêtre, tu cherches ODBC Administration Service puis tu double cliques dessus et, dans type de démarrage, tu modifies pour mettre Désactivé puis, plus bas si le bouton Arrêter est présent, tu cliques dessus et tu valides.

Tu vas ensuite dans C:WINDOWSSYSTEM32 et tu supprimes odbcasvc.exe puis tu vides la poubelle.

Si tu ne peux pas le supprimer, tu redémarres en Mode sans échec pour le supprimer.


Ps: tu attends quoi pour installer un antivirus? :evil:

Tu télécharges Antivir que tu installes.

Suis ce tutorial pour l'installation. Tu mets ensuite l'antivirus à jour et tu procèdes à une analyse de ta machine.

Tu nous postes le rapport d'analyse ensuite.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 16 Déc 2008 20:19

Tu télécharges "ceci" que tu lances ensuite en double-cliquant dessus.
ton lien ne marche pas pourais tu me dire qu'est ce ?
merci bien
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 20:44

Je ne le trouve pas ailleurs.

Pas grave, attaque la suite.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 16 Déc 2008 20:50

ok merci mais pourrais tu me dire le nom comme ca je chercherai de mon coté :wink:
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 21:49

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1466
Windows 5.1.2600 Service Pack 3

16/12/2008 21:47:16
mbam-log-2008-12-16 (21-47-16).txt

Type de recherche: Examen complet (C:|D:|)
Eléments examinés: 128434
Temps écoulé: 53 minute(s), 28 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunexplorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

voici mon rapport MAM
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 16 Déc 2008 21:59

salut mais j'ai pas trouver ce fichier "odbcasvc.exe " ds le system 32 :-?
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 02:10

Pour le nom, c'était tel.xls.exe_Remover.exe

gabbiole a écrit:salut mais j'ai pas trouver ce fichier "odbcasvc.exe " ds le system 32 :-?


Démarre en Mode sans échec et va faire la chasse au ver, tu ne verras peut-être pas l'extension.

Supprime le puis vide la corbeille.

Fais ensuite un nouveau scan HiJackThis.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 17 Déc 2008 14:00

Avira AntiVir Personal
Report file date: mercredi 17 décembre 2008 13:21

Scanning for 1095333 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 3) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: ILPONSE-C475DF8

Version information:
BUILD.DAT : 8.2.0.337 16934 Bytes 18/11/2008 13:05:00
AVSCAN.EXE : 8.1.4.10 315649 Bytes 18/11/2008 08:21:26
AVSCAN.DLL : 8.1.4.0 40705 Bytes 26/05/2008 07:56:40
LUKE.DLL : 8.1.4.5 164097 Bytes 12/06/2008 12:44:19
LUKERES.DLL : 8.1.4.0 12033 Bytes 26/05/2008 07:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27/10/2008 11:30:36
ANTIVIR1.VDF : 7.1.0.197 1170432 Bytes 07/12/2008 12:20:01
ANTIVIR2.VDF : 7.1.0.230 156160 Bytes 14/12/2008 12:20:04
ANTIVIR3.VDF : 7.1.0.245 125952 Bytes 17/12/2008 12:20:06
Engineversion : 8.2.0.45
AEVDF.DLL : 8.1.0.6 102772 Bytes 14/10/2008 10:05:56
AESCRIPT.DLL : 8.1.1.19 336252 Bytes 17/12/2008 12:20:28
AESCN.DLL : 8.1.1.5 123251 Bytes 07/11/2008 15:06:41
AERDL.DLL : 8.1.1.3 438645 Bytes 04/11/2008 13:58:38
AEPACK.DLL : 8.1.3.4 393591 Bytes 11/11/2008 09:41:39
AEOFFICE.DLL : 8.1.0.33 196987 Bytes 17/12/2008 12:20:25
AEHEUR.DLL : 8.1.0.75 1524087 Bytes 17/12/2008 12:20:23
AEHELP.DLL : 8.1.2.0 119159 Bytes 17/12/2008 12:20:12
AEGEN.DLL : 8.1.1.8 323956 Bytes 17/12/2008 12:20:11
AEEMU.DLL : 8.1.0.9 393588 Bytes 14/10/2008 10:05:56
AECORE.DLL : 8.1.5.2 172405 Bytes 17/12/2008 12:20:08
AEBB.DLL : 8.1.0.3 53618 Bytes 14/10/2008 10:05:56
AVWINLL.DLL : 1.0.0.12 15105 Bytes 09/07/2008 08:40:05
AVPREF.DLL : 8.0.2.0 38657 Bytes 16/05/2008 09:28:01
AVREP.DLL : 8.0.0.2 98344 Bytes 31/07/2008 12:02:15
AVREG.DLL : 8.0.0.1 33537 Bytes 09/05/2008 11:26:40
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:23
AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12/06/2008 12:27:49
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:02
SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12/06/2008 12:49:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:10
RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12/06/2008 13:48:07
RCTEXT.DLL : 8.0.52.0 86273 Bytes 27/06/2008 13:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:program filesaviraantivir personaledition classicsysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: mercredi 17 décembre 2008 13:21

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'MiniDM.exe' - '1' Module(s) have been scanned
Scan process 'WindowsSearch.exe' - '1' Module(s) have been scanned
Scan process 'dslmon.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'shwicon2k.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
37 processes with 37 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Master boot sector HD2
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD4
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD5
[INFO] No virus was found!
[WARNING] System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:'
[INFO] No virus was found!
Boot sector 'D:'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '58' files ).


Starting the file scan:

Begin scan in 'C:' <Windows>
C:pagefile.sys
[WARNING] The file could not be opened!
C:Documents and SettingsAll UsersApplication DataNeroDrWebDrweb32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bfef63.qua'!
C:Documents and SettingsFaaliyahLocal SettingsTempVGod.DLL
[DETECTION] Is the TR/Crypt.NSAnti.Gen Trojan
[NOTE] The file was moved to '49b7ef4b.qua'!
C:Documents and SettingsLocalServiceApplication DataMicrosoftUPnP Device Hostupnphostudhisapi.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '49b0ef74.qua'!
C:Documents and SettingsPy-OneApplication DataSunJavajre1.6.0_11lzma.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b5ef97.qua'!
C:MSOCacheAll Users{90120000-006E-040C-0000-0000000FF1CE}-Cmsvcr80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef043.qua'!
C:NVIDIAWin2k178.24ISISSetup.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '499bf034.qua'!
C:NVIDIAWinXP180.48ISISSetup.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '499bf055.qua'!
C:Program FilesMeuhMeuhTVMeuhMeuhTV.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bdf0ee.qua'!
C:Program FilesMovie Makerwmm2res.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b5f135.qua'!
C:SDFixackupsackups.zip
[0] Archive type: ZIP
--> backups/EXPLORER.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '49abf18f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP104A0025828.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f176.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP107A0026153.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '4978f18a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP107A0026169.EXE
[DETECTION] Contains recognition pattern of the W32/VB.BU Windows virus
[NOTE] The file was moved to '4978f18e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026277.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f194.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026278.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f19a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026279.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f19e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026281.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1a1.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026282.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1a6.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026283.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1ab.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026284.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1ae.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026285.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f1b2.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006606.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f244.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006607.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f247.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006608.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f24a.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP41A0006688.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f24f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007477.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f255.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007494.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f259.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP42A0007501.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f25c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009515.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f27c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009516.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f27f.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009517.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f282.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009518.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f285.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009519.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f287.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP46A0009529.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f291.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010000.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f29b.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010003.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f29c.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP49A0010007.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae35d.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010520.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2a5.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010528.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2a6.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP51A0010535.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae367.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP57A0011836.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f2af.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013110.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f2d5.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0017999.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f2f7.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP88A0020861.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f30e.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP94A0021685.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f320.qua'!
C:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP97A0022971.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f326.qua'!
C:WINDOWSsystem32odbcasvc.exe
[DETECTION] Is the TR/Spy.VB.QU Trojan
[NOTE] The file was moved to '49aaf541.qua'!
C:WINDOWSsystem32driverssptd.sys
[WARNING] The file could not be opened!
Begin scan in 'D:' <Jeux.. Videos... Films>
D:CoD 5inkw32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b6f58f.qua'!
D:CoD 5CoDWaW.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '498cf596.qua'!
D:CoD 5pbpbag.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f5db.qua'!
D:CoD 5pbpbags.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f5dc.qua'!
D:CoD 5pbpbcl.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49abf5dc.qua'!
D:CoD 5pbpbcls.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '480afffd.qua'!
D:CoD 5pbpbsv.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bbf5dd.qua'!
D:Nba2k9
ba2k9.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49a9f638.qua'!
D:Pureinkw32.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b6f665.qua'!
D:Purefmodex.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49b7f66a.qua'!
D:Purefmod_event.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4817f4eb.qua'!
D:PurePure.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49baf673.qua'!
D:PureMicrosoft.VC80.CRTmsvcp80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef6c7.qua'!
D:PureMicrosoft.VC80.CRTmsvcr80.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '49bef6c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026289.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f686.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026290.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48dae747.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026291.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f687.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026292.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae748.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026293.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f689.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026294.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f688.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026295.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae749.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026296.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026297.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026298.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026299.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026300.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026301.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae74f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP108A0026302.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f68f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009870.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f691.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009871.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae752.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009872.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f692.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009873.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae753.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009874.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f693.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009875.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae754.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009876.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f694.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009877.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae755.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP47A0009906.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f695.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012636.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012637.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69b.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012638.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012639.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012640.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012641.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f69d.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012642.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012643.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012644.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f69e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012645.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48dae75f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012646.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48dae760.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012647.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012658.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP58A0012887.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6a1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0012988.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013004.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013005.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013006.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013007.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013008.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6a8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013009.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013010.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013011.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95b9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013012.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6aa.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013013.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6a9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013014.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95ba.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP59A0013015.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ab.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013064.rbf
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95bb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013078.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ac.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP60A0013084.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95bd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014017.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014018.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014019.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014020.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014021.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014022.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014023.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014024.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014025.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014026.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014027.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014028.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014030.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95a7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014031.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014032.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014033.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95a9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014034.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ba.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP71A0014036.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6b9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014093.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014094.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ac.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014095.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014096.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95ad.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014097.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6bd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014098.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ae.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014099.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6bf.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014100.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6be.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014101.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014102.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014103.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95d2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014104.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014106.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014107.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014108.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014109.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014110.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP72A0014113.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014242.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014243.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014244.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6c7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014245.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95d8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014246.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014247.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95d9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014248.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ca.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014249.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6c9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014250.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95da.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014251.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95db.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014252.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014253.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014255.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95dc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014256.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95dd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014257.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ce.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014258.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6cd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014259.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95de.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP73A0014262.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95df.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015924.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015925.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015926.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015927.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6d2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015928.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015929.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015930.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015931.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015932.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015933.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015934.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015935.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015937.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015938.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015939.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95c8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015940.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6d8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015941.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95c9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP75A0015944.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6da.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019021.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6dd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019032.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6de.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019033.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6df.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019034.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019035.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019036.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019037.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019038.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019039.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019040.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95f3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019041.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019042.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019043.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019045.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '48fa95f5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019046.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019047.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019048.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP77A0019049.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95f8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP83A0020429.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6e9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP83A0020430.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6e8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020617.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6eb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020668.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020677.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ec.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020678.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020679.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ee.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020680.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6ed.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020681.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95fe.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020682.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ff.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020683.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f510.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020684.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6ef.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020685.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020686.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f0.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020687.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020688.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f1.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020690.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020691.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020692.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f2.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020693.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e3.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020694.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e4.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP85A0020697.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f5.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021010.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f6.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021011.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021012.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021013.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f7.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021014.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e8.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021015.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95e9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021016.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fa.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021017.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6f9.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021018.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ea.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021019.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95eb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021020.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fc.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021021.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fb.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021023.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ec.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021024.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ed.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021025.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f6fe.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021026.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ef.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021027.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f6fd.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP89A0021028.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa95ee.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021190.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f701.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021191.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9412.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021192.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f702.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021193.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9413.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021194.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f703.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021195.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9414.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021196.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f704.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021197.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9415.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021198.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f705.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021199.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9416.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021200.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f707.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021201.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f706.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021202.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9417.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021204.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9418.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021205.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f709.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021206.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f708.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021207.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa941a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021208.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70b.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP90A0021212.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70a.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021243.rbf
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70c.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021254.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70e.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021255.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa941f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021256.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f70f.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021257.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9400.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021258.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f710.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021259.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f711.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021260.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9402.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021261.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f713.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021262.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f712.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021263.exe
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9404.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021264.dll
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f715.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021265.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9406.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021267.exe
[DETECTION] Is the TR/Agent.Jativ.B.1 Trojan
[NOTE] The file was moved to '4978f714.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021268.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '48fa9405.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021269.dll
[DETECTION] Contains code of the W32/Bacalid.A Windows virus
[NOTE] The file was moved to '4978f717.qua'!
D:System Volume Information\_restore{E0D082E9-3841-4639-9F32-A82D9FB493A9}RP91A0021270.dll
[DETECTION] Contains code of the W32/Bacalid.A Wi
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:21

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:19:23, on 17/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32SearchIndexer.exe
C:WINDOWSExplorer.exe
C:Program FilesMultimedia Card Readershwicon2k.exe
C:WINDOWSsystem32Rundll32.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesJavajre6injusched.exe
C:WINDOWSRTHDCPL.EXE
C:Program FilesWinampwinampa.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program FilesDAEMON Tools Litedaemon.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesWindows Desktop SearchWindowsSearch.exe
C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSsystem32SearchProtocolHost.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.orange.fr
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe.
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:Program FilesIEProiepro.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:Program FilesGoogleGoogle ToolbarComponentfastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program FilesGoogleGoogle ToolbarGoogleToolbar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [Sunkist2k] C:Program FilesMultimedia Card Readershwicon2k.exe
O4 - HKLM..Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesFichiers communsNeroLibNeroCheck.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesFichiers communsNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [DAEMON Tools Lite] "C:Program FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O4 - Global Startup: Windows Search.lnk = C:Program FilesWindows Desktop SearchWindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:Program FilesIEProiepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:Program FilesIEProiepro.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6426819484
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/ ... meHost.cab
O17 - HKLMSystemCCSServicesTcpip..{C05396AF-0B0F-4327-B509-AEB3BECC9705}: NameServer = 81.253.149.1 80.10.246.3
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe

--
End of file - 7276 bytes
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:37

Bonjour.

C'est clean ;) Avira a trouvé certaines choses mais a aussi paniqué avec SDFix par exemple. Pas grave.


Pour terminer la désinfection et optimiser Windows:


_ Désinstallation des utilitaires utilisés:

Les programmes utilisés pour la désinfection ne sont pas à utiliser quotidiennement.

Pour les désinstaller, il faut aller dans le Panneau de configuration puis, via Ajouter/Supprimer des programmes, sélectionner les utilitaires et cliquer sur Désinstaller.

Pour une suppression effective, penses à supprimer leurs dossiers respectifs, la plupart à la racine de ta partition principale.


_ Utilisation d'un navigateur internet alternatif:

Internet Explorer n'étant pas sûr, il est préférable d'installer un navigateur internet alternatif pour sécuriser ton surf.

Tu as le choix entre Mozilla Firefox, Apple Safari ou encore Opéra.

Il faudra ensuite définir ce navigateur internet alternatif comme navigateur par défaut.


_ Utilisation d'un pare-feu alternatif:

Il est recommandé de ne pas utiliser le pare-feu Windows et d'en prendre un plus efficace.

Le choix est large: Zone Alarm, Sunbelt, Ashampoo ou encore Sygate.

Après avoir sélectionné le pare-feu idéal, il faudra désactiver celui de Windows.


_ Nettoyage des points de restauration:

Dans un premier temps, il faut supprimer tous les points de restauration.

Pour cela, cliques sur Poste de travail puis Propriétés.
Onglet Restauration automatique du système, tu coches la ligne Désactiver la restauration du système puis tu valides par Ok.
Tu confirmes la suppression de tous les points de restauration, puis tu cliques sur Appliquer et/ou Ok.

Ensuite, il faut réactiver la restauration automatique du système.

Tu refais la manipulation précédente pour relancer les propriétés du Poste de travail.
Tu décoches la ligne puis cliques sur Appliquer & Ok.

Tu auras créer un point de restauration propre.


_ Nettoyage des fichiers temporaires & de la base de registre:

Pour cela, Ccleaner reste le moyen le plus sûr et pratique de tout nettoyer sans risques.

En suivant ce tutorial, cet utilitaire sera configuré correctement.

Il est aussi utile de purger régulièrement le dossier Prefetch en profitant de Ccleaner pour automatiser ce nettoyage.
Pour cela, il faut aller dans Options puis Personnaliser pour ajouter le dossier C:WindowsPREFETCH.


_ Un petit coup d'oeil à notre dossier Nettoyage peut être utile en supplément.

Et finalement, pour optimiser Windows XP, ce sujet sera intéressant.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut

Message le 17 Déc 2008 14:49

merci a toi Rainbow
je voudrais savoir maintenant si mon ordi est clean ?
maintenant tu me dis de desintaller Hijackthis c'est ca
gabbiole
Apprenti(e)
Apprenti(e)
 
Messages: 30
Inscription: 01 Déc 2008 21:30
 
Haut

Message le 17 Déc 2008 14:56

gabbiole a écrit:je voudrais savoir maintenant si mon ordi est clean ?


Oui.

gabbiole a écrit:maintenant tu me dis de desintaller Hijackthis c'est ca


Oui. Tu supprimes aussi SDFix.

Tu gardes par contre Mbam, très polyvalent à coupler avec un pare-feu & ton antivirus.

Bon surf.
Avatar de l'utilisateur
r@in | b0w
PC-Infopraticien
PC-Infopraticien
 
Messages: 7714
Inscription: 09 Déc 2007 12:37
Localisation: Parrot Sec
 
Haut
PrécédenteSuivante
Répondre

Sujets similaires

Message probleme avec mon compte outlook
Salut tout le mondevoilà, je m'explique en espérant que je sois compréhensible : de façon aléatoire et pas systématique, mais c'est récurrent, il ne se passe pas 15 jours, je recoit arriver sur mon bureau après démarrage de mon pc ou parfois même pc allumer et fonctionnel pendant la journée un m ...
Réponses: 8

Message [Réglé] probleme USB
Bonjour a tous,Je ne sais ou poster mon problème d'USB je le post donc ici . Mon souci vient du fait que lorsque je branche mon intercom SENA SRL 3 sur les USB mon PC sous W10 j'ai l'impression que celui-ci se connecte deux fois car j'entends bien le son de la connexion se faire deux fois et j'ent ...
Réponses: 5

Message Problème avec la KB5034441
Bonjour,Certains ont du rencontrer ce problème avec cette mise à jour qui a bien du mal à passer.Je viens de recevoir ce correctif proposé par Microsoft :ICI.Je vous le dit de suite personnellement si j'étais dans le même cas que vous j'attendrai une réelle mise à jour mise en place par Microsoft.Je ...
Réponses: 12

Message encore un probleme mise à jour windows KB5001716
Salut à vous cela commence, j'avoue, à devenir pénible, j'en suis désolé, mais ce soir au 5 mars 2024 est apparu un nouveau problème sur Windows update la mise à jour KB5001716 ne veut pas s'installer, j'ai eu beau redémarrer mon pc pour voir si cela pouvait fonctionner rien à faire cette mise à jou ...
Réponses: 28

Message [Réglé] problème de barre inexistante sur pc portable asus
Bonjour,Depuis hier, en allumant mon pc portable asus modèle F 402 S, il bloque sur le bureau, je n'ai plus la barre de tâches donc les icônes à côté de l'heure comme avant et la souris fait un rond et impossible de cliquer et d'ouvrir des fichiers ou d'aller sur internet c'est bizarre, est-ce une ...
Réponses: 9

Message probleme avec le nouvel Outlook !
Bonjour,à la maison, nous nous partageons 7 adresses : outlook.fr, orange.fr, live.fr, libello.com, hotmail.com et 2 gmail.com.Tout était parfait jusqu'au moment où le nouvel OUTLOOK s'est imposé.Là, un seul compte a survécu, @outlook.fr, impossible d'afficher les 6 autres !Quand on ouvre la message ...
Réponses: 5

Message Konrow City 4 - Probleme de place...
Bonjour à toutes et tousJe sais que mon tél est un bas de gamme mais je n'ai pas besoin de plus..., si ce n'est un peu de place...https://konrow.com/products/city4 avec Android? 11 (édition GO)...Mon souci est que sur le mien, la carte interne est presque pleine alors que je n'ai "presque" ...
Réponses: 2

Haut

Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 17 invités

Forum Informatique aide pour le matériel sous Windows, Linux, Logiciels et Jeux Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

.: Nous contacter :: Flux RSS :: Données personnelles :.
cron