Virus crss.exe
alex
-
Utilisateur anonyme -
Utilisateur anonyme -
bonjour tout le monde et merci d'avance de votre aide.
voila mon probleme, depuis peu je trouve que mon pc tourne mal et impossible d'activer la protection residente d'avast, alors je me renseigne sur les processus tournant sur mon pc et je me rend compte que le processus crss.exe est un virus desactivant entre autres les anti virus, alors je vous demande de l'aide pour le supprimer....
voici mon log hikack this :
Logfile of HijackThis v1.99.1
Scan saved at 15:44:24, on 20/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\program files\powerstrip\pstrip.exe
C:\Program Files\Soft4Ever\looknstop\_looknstop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\steam\Steam.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\Winamp.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] ""
O4 - HKCU\..\Run: [Steam] "D:\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing)
voila mon probleme, depuis peu je trouve que mon pc tourne mal et impossible d'activer la protection residente d'avast, alors je me renseigne sur les processus tournant sur mon pc et je me rend compte que le processus crss.exe est un virus desactivant entre autres les anti virus, alors je vous demande de l'aide pour le supprimer....
voici mon log hikack this :
Logfile of HijackThis v1.99.1
Scan saved at 15:44:24, on 20/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\program files\powerstrip\pstrip.exe
C:\Program Files\Soft4Ever\looknstop\_looknstop.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
D:\steam\Steam.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Winamp\Winamp.exe
C:\Documents and Settings\Administrateur\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Alice ADSL
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Look 'n' Stop] "C:\Program Files\Soft4Ever\looknstop\looknstop.exe" -auto
O4 - HKLM\..\Run: [PowerStrip] c:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] ""
O4 - HKCU\..\Run: [Steam] "D:\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - c:\program files\alwil software\avast4\ashwebsv.exe" /service (file missing)
A voir également:
- Xxwxx.dll virus javaw.exe 2
- Supercopier 2 - Télécharger - Gestion de fichiers
- Virus mcafee - Accueil - Piratage
- 2 ecran pc - Guide
- Gta 6 trailer 2 - Guide
- Faire 2 colonnes sur word - Guide
2 réponses
Salut,
installe un pare-feu pour te proteger des attaques du net par commencer:
Kerio:
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/22418.html
-tutoriel: pour configurer et comprendre Kerio
http://kerio.probb.fr/
Puis fais ce scan anti-virus en ligne et colle le rapport ici une fois qu'il est fini
http://www.bitdefender.com/scan8/ie.html
installe un pare-feu pour te proteger des attaques du net par commencer:
Kerio:
http://www.01net.com/telecharger/windows/Internet/internet_utlitaire/fiches/22418.html
-tutoriel: pour configurer et comprendre Kerio
http://kerio.probb.fr/
Puis fais ce scan anti-virus en ligne et colle le rapport ici une fois qu'il est fini
http://www.bitdefender.com/scan8/ie.html
tout d'abord merci de ton aide boulepate. Pour te repondre j'ai look n stop comme firewall mais il es dur a configurer alors me conseille-tu de mettre kerio ??
sinon voici mon log bit defender :
BitDefender Online Scanner
Scan report generated at: Mon, Feb 20, 2006 - 16:30:03
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
00:34:51
Files
185498
Folders
3147
Boot Sectors
3
Archives
3030
Packed Files
8831
Results
Identified Viruses
3
Infected Files
22
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
22
Engines Info
Virus Definitions
267900
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex64F.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex64F.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex66B.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex66B.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex673.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex673.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_exE2.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_exE2.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~650.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~650.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~66C.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~66C.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~674.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~674.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~E3.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~E3.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013190.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013190.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013206.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013206.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013223.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013223.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013250.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013250.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0014248.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0014248.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0015248.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0015248.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016490.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016490.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016491.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016491.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016492.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016492.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0017500.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0017500.exe
Deleted
C:\WINDOWS\system32\winlog.dll
Infected with: Win32.Bagle.FI@mm
C:\WINDOWS\system32\winlog.dll
Deleted
C:\WINDOWS\system32\winlog.exe
Infected with: Win32.Bagle.FI@mm
C:\WINDOWS\system32\winlog.exe
Deleted
D:\eMule\Incoming\befaster 3.6 crack.zip=>befaster 3.6 crack.exe
Infected with: Win32.Bagle.FI@mm
D:\eMule\Incoming\befaster 3.6 crack.zip=>befaster 3.6 crack.exe
Deleted
D:\eMule\Incoming\befaster 3.6 crack.zip
Updated
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Infected with: Trojan.Downloader.Delf.D
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Disinfection failed
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Deleted
sinon voici mon log bit defender :
BitDefender Online Scanner
Scan report generated at: Mon, Feb 20, 2006 - 16:30:03
Scan path: A:\;C:\;D:\;E:\;
Statistics
Time
00:34:51
Files
185498
Folders
3147
Boot Sectors
3
Archives
3030
Packed Files
8831
Results
Identified Viruses
3
Infected Files
22
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
22
Engines Info
Virus Definitions
267900
Engine build
AVCORE v1.0 (build 2292) (i386) (Mar 3 2005 11:57:29)
Scan plugins
13
Archive plugins
39
Unpack plugins
4
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex64F.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex64F.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex66B.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex66B.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex673.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_ex673.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\_exE2.tmp.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\_exE2.tmp.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~650.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~650.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~66C.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~66C.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~674.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~674.exe
Deleted
C:\Documents and Settings\Administrateur\Local Settings\Temp\~E3.exe
Infected with: Win32.Bagle.FI@mm
C:\Documents and Settings\Administrateur\Local Settings\Temp\~E3.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013190.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013190.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013206.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013206.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013223.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013223.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013250.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0013250.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0014248.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0014248.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0015248.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP72\A0015248.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016490.dll
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016490.dll
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016491.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016491.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016492.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0016492.exe
Deleted
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0017500.exe
Infected with: Win32.Bagle.FI@mm
C:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP75\A0017500.exe
Deleted
C:\WINDOWS\system32\winlog.dll
Infected with: Win32.Bagle.FI@mm
C:\WINDOWS\system32\winlog.dll
Deleted
C:\WINDOWS\system32\winlog.exe
Infected with: Win32.Bagle.FI@mm
C:\WINDOWS\system32\winlog.exe
Deleted
D:\eMule\Incoming\befaster 3.6 crack.zip=>befaster 3.6 crack.exe
Infected with: Win32.Bagle.FI@mm
D:\eMule\Incoming\befaster 3.6 crack.zip=>befaster 3.6 crack.exe
Deleted
D:\eMule\Incoming\befaster 3.6 crack.zip
Updated
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Infected with: Trojan.Downloader.Delf.D
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Disinfection failed
D:\System Volume Information\_restore{82F8785D-D729-420A-BFA6-82B4254A877B}\RP69\A0012457.exe
Deleted
Oui, installe Kerio il est plus simple..tu me dria quoi.
Puis fais ceci:
¤Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs
CCleaner:(à telecharger à côté de la fléche verte en haut à droite)
http://www.filehippo.com/download_ccleaner/
¤Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle est cochée) puis clique sur "lancer le nettoyage"
Puis fais ceci:
¤Telecharge et installe ceci, dans la colonne de gauche clique sur "erreurs" coche toute les cases, puis clique en bas sur "chercher des erreurs" une fois finit, clique sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs
CCleaner:(à telecharger à côté de la fléche verte en haut à droite)
http://www.filehippo.com/download_ccleaner/
¤Relance Ccleaner ,vas dans l'onglet "nettoyeur" present sur la gauche, decoche la derniere case (Avancé si elle est cochée) puis clique sur "lancer le nettoyage"
