(Virus] W32/Bagle-KJ

Résolu
chiktika Messages postés 41 Date d'inscription   Statut Membre -  
 Utilisateur anonyme -
Bonsoir, je reviens sur ce forum car vous m'aviez bien dépanné en début d'année.
je voudrais savoir comment me debarrasser de ce virus W32/Bagle-KJ

Lorsque je le lance mon antivirus (Ewido), il ne le trouve pas et desinstalle même mon firewall (Kério) à la fin du scan.
Les logiciels tels que Spybot, Adaware ... ne sont pas plus efficaces.

Je copie ici le resultat hitJack,
Avec par avance mes remerciements.

Logfile of HijackThis v1.99.1
Scan saved at 19:26:23, on 21/08/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
F:\WINDOWS\System32\nvsvc32.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\System32\Tablet.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
F:\WINDOWS\System32\LVCOMSX.EXE
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\MSN Messenger\msnmsgr.exe
F:\Program Files\Logitech\MouseWare\System\em_exec.exe
C:\Téléchargement\eMule\emule.exe
F:\Program Files\SPAMfighter\SFAgent.exe
F:\Program Files\Outlook Express\msimn.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

18 réponses

  1. Utilisateur anonyme
     
    Salut,

    Ewido n'est pas un anti-virus!! c'est un logiciel anti-spywares ce qui n'a rien a voir

    Installe un vrai anti-virus! en voici un gratuit

    Avast: (anti-virus gratuit en français!)
    Avast Antivirus

    Ensuite, fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp avec un nouveau rapport hijackthis

    https://www.bitdefender.com/toolbox/

    A++
    0
  2. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Bonjour
    voici le rapport Bit Defender.
    Etrangem mon clavier ecrit en qwerty maintenant.

    BitDefender Online Scanner
    Scan report generated at: Wed, Aug 23, 2006 - 00:32:08
    Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;

    Statistics

    Time 05:39:12

    Files 717701

    Folders

    10903

    Boot Sectors

    6

    Archives

    14679

    Packed Files

    50658

    Results

    Identified Viruses

    11

    Infected Files

    1027

    Suspect Files

    0

    Warnings

    0

    Disinfected

    0

    Deleted Files

    1023

    Engines Info

    Virus Definitions

    450210

    Engine build

    AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

    Scan plugins

    13

    Archive plugins

    39

    Unpack plugins

    5

    E-mail plugins

    6

    System plugins

    1

    Scan Settings

    First Action

    Disinfect

    Second Action

    Delete

    Heuristics

    Yes

    Enable Warnings

    Yes

    Scanned Extensions

    *;

    Exclude Extensions

    Scan Emails

    Yes

    Scan Archives

    Yes

    Scan Packed

    Yes

    Scan Files

    Yes

    Scan Boot

    Yes

    Scanned File

    Status

    C:\temp.zip=>rlcdadmbzuc.exe

    Infected with: Win32.Bagle.FG@mm

    C:\temp.zip=>rlcdadmbzuc.exe

    Disinfection failed

    C:\temp.zip=>rlcdadmbzuc.exe

    Deleted

    C:\temp.zip

    Updated

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1)\crack.exe

    Infected with: Trojan.Dropper.Delf.VT

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1)\crack.exe

    Disinfection failed

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1)\crack.exe

    Deleted

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe

    Infected with: Trojan.Dropper.Delf.VT

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe

    Disinfection failed

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe

    Deleted

    C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar

    Update failed

    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe

    Infected with: Win32.Bagle.FG@mm

    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe

    Delete failed

    F:\Documents and Settings\Ramissou\Application Data\hidn\m_hook.sys

    Infected with: Win32.Bagle.FG@mm

    F:\Documents and Settings\Ramissou\Application Data\hidn\m_hook.sys

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\hidn\m_hook.sys

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\data.oct

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\data.oct

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\data.oct

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe

    Infected with: Trojan.Downloader.Bagle.BG

    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe

    Delete failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2 serial number.zip=>matlab v5.2 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2 serial number.zip=>matlab v5.2 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2 serial number.zip=>matlab v5.2 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2.zip=>matlab v5.2.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2.zip=>matlab v5.2.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2.zip=>matlab v5.2.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.2.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.3 serial number.zip=>matlab v5.3 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.3 serial number.zip=>matlab v5.3 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.3 serial number.zip=>matlab v5.3 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v5.3 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0 serial number.zip=>matlab v6.0 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0 serial number.zip=>matlab v6.0 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0 serial number.zip=>matlab v6.0 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0.zip=>matlab v6.0.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0.zip=>matlab v6.0.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0.zip=>matlab v6.0.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.0.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 plp code serial number.zip=>matlab v6.5 plp code serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 plp code serial number.zip=>matlab v6.5 plp code serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 plp code serial number.zip=>matlab v6.5 plp code serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 plp code serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 release 13.zip=>matlab v6.5 release 13.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 release 13.zip=>matlab v6.5 release 13.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 release 13.zip=>matlab v6.5 release 13.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5 release 13.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp number serial number.zip=>matlab v6.5.1 plp number serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp number serial number.zip=>matlab v6.5.1 plp number serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp number serial number.zip=>matlab v6.5.1 plp number serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp number serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp serial number.zip=>matlab v6.5.1 plp serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp serial number.zip=>matlab v6.5.1 plp serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp serial number.zip=>matlab v6.5.1 plp serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1 plp serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1.zip=>matlab v6.5.1.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1.zip=>matlab v6.5.1.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1.zip=>matlab v6.5.1.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matlab v6.5.1.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrices solver platinum 2004 v1.6.1 keygen by orion.zip=>matrices solver platinum 2004 v1.6.1 keygen by orion.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrices solver platinum 2004 v1.6.1 keygen by orion.zip=>matrices solver platinum 2004 v1.6.1 keygen by orion.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrices solver platinum 2004 v1.6.1 keygen by orion.zip=>matrices solver platinum 2004 v1.6.1 keygen by orion.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrices solver platinum 2004 v1.6.1 keygen by orion.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver 1.1 by tsrh.zip=>matrix 3000 screensaver 1.1 by tsrh.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver 1.1 by tsrh.zip=>matrix 3000 screensaver 1.1 by tsrh.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver 1.1 by tsrh.zip=>matrix 3000 screensaver 1.1 by tsrh.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver 1.1 by tsrh.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver v1.1 by tsrh.zip=>matrix 3000 screensaver v1.1 by tsrh.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver v1.1 by tsrh.zip=>matrix 3000 screensaver v1.1 by tsrh.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver v1.1 by tsrh.zip=>matrix 3000 screensaver v1.1 by tsrh.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3000 screensaver v1.1 by tsrh.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3d serial number.zip=>matrix 3d serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3d serial number.zip=>matrix 3d serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3d serial number.zip=>matrix 3d serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix 3d serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix activex component 3.1 crack.zip=>matrix activex component 3.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix activex component 3.1 crack.zip=>matrix activex component 3.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix activex component 3.1 crack.zip=>matrix activex component 3.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix activex component 3.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix code emulator screensaver 1.5 crack.zip=>matrix code emulator screensaver 1.5 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix code emulator screensaver 1.5 crack.zip=>matrix code emulator screensaver 1.5 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix code emulator screensaver 1.5 crack.zip=>matrix code emulator screensaver 1.5 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix code emulator screensaver 1.5 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix dynamic computer generated screensaver 1.1 crack.zip=>matrix dynamic computer generated screensaver 1.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix dynamic computer generated screensaver 1.1 crack.zip=>matrix dynamic computer generated screensaver 1.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix dynamic computer generated screensaver 1.1 crack.zip=>matrix dynamic computer generated screensaver 1.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix dynamic computer generated screensaver 1.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reality 3d screensaver 1.3 crack.zip=>matrix reality 3d screensaver 1.3 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reality 3d screensaver 1.3 crack.zip=>matrix reality 3d screensaver 1.3 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reality 3d screensaver 1.3 crack.zip=>matrix reality 3d screensaver 1.3 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reality 3d screensaver 1.3 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reloaded screensaver 1.6 crack.zip=>matrix reloaded screensaver 1.6 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reloaded screensaver 1.6 crack.zip=>matrix reloaded screensaver 1.6 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reloaded screensaver 1.6 crack.zip=>matrix reloaded screensaver 1.6 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix reloaded screensaver 1.6 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen locker 1.44 crack.zip=>matrix screen locker 1.44 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen locker 1.44 crack.zip=>matrix screen locker 1.44 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen locker 1.44 crack.zip=>matrix screen locker 1.44 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen locker 1.44 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen saver v1.4.zip=>matrix screen saver v1.4.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen saver v1.4.zip=>matrix screen saver v1.4.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen saver v1.4.zip=>matrix screen saver v1.4.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screen saver v1.4.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screensaver.zip=>matrix screensaver.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screensaver.zip=>matrix screensaver.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screensaver.zip=>matrix screensaver.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix screensaver.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix trilogy 3d code screensaver 3.4 crack.zip=>matrix trilogy 3d code screensaver 3.4 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix trilogy 3d code screensaver 3.4 crack.zip=>matrix trilogy 3d code screensaver 3.4 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix trilogy 3d code screensaver 3.4 crack.zip=>matrix trilogy 3d code screensaver 3.4 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix trilogy 3d code screensaver 3.4 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k 2000 v6.0 final.zip=>matrix y2k 2000 v6.0 final.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k 2000 v6.0 final.zip=>matrix y2k 2000 v6.0 final.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k 2000 v6.0 final.zip=>matrix y2k 2000 v6.0 final.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k 2000 v6.0 final.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k v5.0 serial number.zip=>matrix y2k v5.0 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k v5.0 serial number.zip=>matrix y2k v5.0 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k v5.0 serial number.zip=>matrix y2k v5.0 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrix y2k v5.0 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver 2.52 crack.zip=>matrixmania screensaver 2.52 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver 2.52 crack.zip=>matrixmania screensaver 2.52 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver 2.52 crack.zip=>matrixmania screensaver 2.52 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver 2.52 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver by nico2002.zip=>matrixmania screensaver by nico2002.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver by nico2002.zip=>matrixmania screensaver by nico2002.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver by nico2002.zip=>matrixmania screensaver by nico2002.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania screensaver by nico2002.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania.zip=>matrixmania.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania.zip=>matrixmania.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania.zip=>matrixmania.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrixmania.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrox parhelia driver (windows nt) 1.01 crack.zip=>matrox parhelia driver (windows nt) 1.01 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrox parhelia driver (windows nt) 1.01 crack.zip=>matrox parhelia driver (windows nt) 1.01 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrox parhelia driver (windows nt) 1.01 crack.zip=>matrox parhelia driver (windows nt) 1.01 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matrox parhelia driver (windows nt) 1.01 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing serial number.zip=>matt hayes fishing serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing serial number.zip=>matt hayes fishing serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing serial number.zip=>matt hayes fishing serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing.zip=>matt hayes fishing.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing.zip=>matt hayes fishing.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing.zip=>matt hayes fishing.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\matt hayes fishing.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maui wowee 1.0 crack.zip=>maui wowee 1.0 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maui wowee 1.0 crack.zip=>maui wowee 1.0 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maui wowee 1.0 crack.zip=>maui wowee 1.0 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maui wowee 1.0 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d patch.zip=>maven3d patch.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d patch.zip=>maven3d patch.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d patch.zip=>maven3d patch.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d patch.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial by nitrous.zip=>maven3d professional v1.32 serial by nitrous.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial by nitrous.zip=>maven3d professional v1.32 serial by nitrous.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial by nitrous.zip=>maven3d professional v1.32 serial by nitrous.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial by nitrous.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial number.zip=>maven3d professional v1.32 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial number.zip=>maven3d professional v1.32 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial number.zip=>maven3d professional v1.32 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d professional v1.32 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d.zip=>maven3d.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d.zip=>maven3d.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d.zip=>maven3d.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maven3d.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 by core.zip=>maview for sony mavica digital cameras v1.2.30 by core.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 by core.zip=>maview for sony mavica digital cameras v1.2.30 by core.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 by core.zip=>maview for sony mavica digital cameras v1.2.30 by core.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 by core.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 keygen by core.zip=>maview for sony mavica digital cameras v1.2.30 keygen by core.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 keygen by core.zip=>maview for sony mavica digital cameras v1.2.30 keygen by core.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 keygen by core.zip=>maview for sony mavica digital cameras v1.2.30 keygen by core.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30 keygen by core.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30.zip=>maview for sony mavica digital cameras v1.2.30.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30.zip=>maview for sony mavica digital cameras v1.2.30.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30.zip=>maview for sony mavica digital cameras v1.2.30.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maview for sony mavica digital cameras v1.2.30.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\mavis beacon teaches typing 17 deluxe 17.0 crack.zip=>mavis beacon teaches typing 17 deluxe 17.0 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\mavis beacon teaches typing 17 deluxe 17.0 crack.zip=>mavis beacon teaches typing 17 deluxe 17.0 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\mavis beacon teaches typing 17 deluxe 17.0 crack.zip=>mavis beacon teaches typing 17 deluxe 17.0 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\mavis beacon teaches typing 17 deluxe 17.0 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max backup 1.0 crack.zip=>max backup 1.0 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max backup 1.0 crack.zip=>max backup 1.0 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max backup 1.0 crack.zip=>max backup 1.0 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max backup 1.0 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd avi converter v3.00 by lash serial number.zip=>max dvd avi converter v3.00 by lash serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd avi converter v3.00 by lash serial number.zip=>max dvd avi converter v3.00 by lash serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd avi converter v3.00 by lash serial number.zip=>max dvd avi converter v3.00 by lash serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd avi converter v3.00 by lash serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 crack by ici.zip=>max dvd to avi converter v3.0 crack by ici.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 crack by ici.zip=>max dvd to avi converter v3.0 crack by ici.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 crack by ici.zip=>max dvd to avi converter v3.0 crack by ici.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 crack by ici.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 serial number.zip=>max dvd to avi converter v3.0 serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 serial number.zip=>max dvd to avi converter v3.0 serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 serial number.zip=>max dvd to avi converter v3.0 serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to avi converter v3.0 serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0 by lash.zip=>max dvd to mpeg conv 2.0 by lash.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0 by lash.zip=>max dvd to mpeg conv 2.0 by lash.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0 by lash.zip=>max dvd to mpeg conv 2.0 by lash.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0 by lash.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0.zip=>max dvd to mpeg conv 2.0.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0.zip=>max dvd to mpeg conv 2.0.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0.zip=>max dvd to mpeg conv 2.0.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg conv 2.0.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0 keygen by pgc.zip=>max dvd to mpeg converter v2.0 keygen by pgc.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0 keygen by pgc.zip=>max dvd to mpeg converter v2.0 keygen by pgc.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0 keygen by pgc.zip=>max dvd to mpeg converter v2.0 keygen by pgc.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0 keygen by pgc.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0.zip=>max dvd to mpeg converter v2.0.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0.zip=>max dvd to mpeg converter v2.0.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0.zip=>max dvd to mpeg converter v2.0.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg converter v2.0.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem build 030107.zip=>max dvd to mpeg v2.0 oem build 030107.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem build 030107.zip=>max dvd to mpeg v2.0 oem build 030107.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem build 030107.zip=>max dvd to mpeg v2.0 oem build 030107.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem build 030107.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.zip=>max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.zip=>max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.zip=>max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd to mpeg v2.0 oem verbuild 030107 by mp2k serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd-to-mpeg converter v2.0.zip=>max dvd-to-mpeg converter v2.0.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd-to-mpeg converter v2.0.zip=>max dvd-to-mpeg converter v2.0.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd-to-mpeg converter v2.0.zip=>max dvd-to-mpeg converter v2.0.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max dvd-to-mpeg converter v2.0.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max eraser 4.2 crack.zip=>max eraser 4.2 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max eraser 4.2 crack.zip=>max eraser 4.2 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max eraser 4.2 crack.zip=>max eraser 4.2 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max eraser 4.2 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - hotel map crack.zip=>max payne - hotel map crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - hotel map crack.zip=>max payne - hotel map crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - hotel map crack.zip=>max payne - hotel map crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - hotel map crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - office map crack.zip=>max payne - office map crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - office map crack.zip=>max payne - office map crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - office map crack.zip=>max payne - office map crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne - office map crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 1.0.zip=>max payne 1.0.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 1.0.zip=>max payne 1.0.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 1.0.zip=>max payne 1.0.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 1.0.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 1.01 patch crack.zip=>max payne 2 1.01 patch crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 1.01 patch crack.zip=>max payne 2 1.01 patch crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 1.01 patch crack.zip=>max payne 2 1.01 patch crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 1.01 patch crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 the fall of max payne french.zip=>max payne 2 the fall of max payne french.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 the fall of max payne french.zip=>max payne 2 the fall of max payne french.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 the fall of max payne french.zip=>max payne 2 the fall of max payne french.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne 2 the fall of max payne french.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne kung fu edition 3.0 mod crack.zip=>max payne kung fu edition 3.0 mod crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne kung fu edition 3.0 mod crack.zip=>max payne kung fu edition 3.0 mod crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne kung fu edition 3.0 mod crack.zip=>max payne kung fu edition 3.0 mod crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne kung fu edition 3.0 mod crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne matrix revolutions mod 1.0 beta crack.zip=>max payne matrix revolutions mod 1.0 beta crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne matrix revolutions mod 1.0 beta crack.zip=>max payne matrix revolutions mod 1.0 beta crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne matrix revolutions mod 1.0 beta crack.zip=>max payne matrix revolutions mod 1.0 beta crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne matrix revolutions mod 1.0 beta crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 crackedexe by dbz.zip=>max payne v1.0 german - raziel2k2 crackedexe by dbz.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 crackedexe by dbz.zip=>max payne v1.0 german - raziel2k2 crackedexe by dbz.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 crackedexe by dbz.zip=>max payne v1.0 german - raziel2k2 crackedexe by dbz.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 crackedexe by dbz.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [.zip=>max payne v1.0 german - raziel2k2 [.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [.zip=>max payne v1.0 german - raziel2k2 [.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [.zip=>max payne v1.0 german - raziel2k2 [.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [crackedexe] by dbz.zip=>max payne v1.0 german - raziel2k2 [crackedexe] by dbz.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [crackedexe] by dbz.zip=>max payne v1.0 german - raziel2k2 [crackedexe] by dbz.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [crackedexe] by dbz.zip=>max payne v1.0 german - raziel2k2 [crackedexe] by dbz.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0 german - raziel2k2 [crackedexe] by dbz.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd crack.zip=>max payne v1.0.2 no-cd crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd crack.zip=>max payne v1.0.2 no-cd crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd crack.zip=>max payne v1.0.2 no-cd crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd.zip=>max payne v1.0.2 no-cd.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd.zip=>max payne v1.0.2 no-cd.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd.zip=>max payne v1.0.2 no-cd.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 no-cd.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd by desperate.zip=>max payne v1.0.2 nocd by desperate.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd by desperate.zip=>max payne v1.0.2 nocd by desperate.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd by desperate.zip=>max payne v1.0.2 nocd by desperate.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd by desperate.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd.zip=>max payne v1.0.2 nocd.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd.zip=>max payne v1.0.2 nocd.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd.zip=>max payne v1.0.2 nocd.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max payne v1.0.2 nocd.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc privacy 6.1 crack.zip=>max pc privacy 6.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc privacy 6.1 crack.zip=>max pc privacy 6.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc privacy 6.1 crack.zip=>max pc privacy 6.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc privacy 6.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc safe 6.1 crack.zip=>max pc safe 6.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc safe 6.1 crack.zip=>max pc safe 6.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc safe 6.1 crack.zip=>max pc safe 6.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max pc safe 6.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure registry cleaner 2.3 crack.zip=>max secure registry cleaner 2.3 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure registry cleaner 2.3 crack.zip=>max secure registry cleaner 2.3 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure registry cleaner 2.3 crack.zip=>max secure registry cleaner 2.3 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure registry cleaner 2.3 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure spyware detector 6.1 crack.zip=>max secure spyware detector 6.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure spyware detector 6.1 crack.zip=>max secure spyware detector 6.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure spyware detector 6.1 crack.zip=>max secure spyware detector 6.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\max secure spyware detector 6.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer (classic) 3.3.3 crack.zip=>maxbulk mailer (classic) 3.3.3 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer (classic) 3.3.3 crack.zip=>maxbulk mailer (classic) 3.3.3 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer (classic) 3.3.3 crack.zip=>maxbulk mailer (classic) 3.3.3 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer (classic) 3.3.3 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer for windows 4.2 crack.zip=>maxbulk mailer for windows 4.2 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer for windows 4.2 crack.zip=>maxbulk mailer for windows 4.2 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer for windows 4.2 crack.zip=>maxbulk mailer for windows 4.2 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxbulk mailer for windows 4.2 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxcopy 2.5.1 crack.zip=>maxcopy 2.5.1 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxcopy 2.5.1 crack.zip=>maxcopy 2.5.1 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxcopy 2.5.1 crack.zip=>maxcopy 2.5.1 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxcopy 2.5.1 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 by eclipse.zip=>maxgammon v1.0 by eclipse.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 by eclipse.zip=>maxgammon v1.0 by eclipse.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 by eclipse.zip=>maxgammon v1.0 by eclipse.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 by eclipse.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 crack by fff.zip=>maxgammon v1.0 crack by fff.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 crack by fff.zip=>maxgammon v1.0 crack by fff.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 crack by fff.zip=>maxgammon v1.0 crack by fff.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxgammon v1.0 crack by fff.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6 patch by eithel.zip=>maxiloto v4.6 patch by eithel.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6 patch by eithel.zip=>maxiloto v4.6 patch by eithel.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6 patch by eithel.zip=>maxiloto v4.6 patch by eithel.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6 patch by eithel.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6.zip=>maxiloto v4.6.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6.zip=>maxiloto v4.6.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6.zip=>maxiloto v4.6.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.6.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60 patch by snd.zip=>maxiloto v4.60 patch by snd.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60 patch by snd.zip=>maxiloto v4.60 patch by snd.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60 patch by snd.zip=>maxiloto v4.60 patch by snd.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60 patch by snd.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60.zip=>maxiloto v4.60.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60.zip=>maxiloto v4.60.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60.zip=>maxiloto v4.60.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxiloto v4.60.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer enterprise edition keywordbid v1.0.3.4.zip=>maximizer enterprise edition keywordbid v1.0.3.4.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer enterprise edition keywordbid v1.0.3.4.zip=>maximizer enterprise edition keywordbid v1.0.3.4.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer enterprise edition keywordbid v1.0.3.4.zip=>maximizer enterprise edition keywordbid v1.0.3.4.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer enterprise edition keywordbid v1.0.3.4.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer serial number.zip=>maximizer serial number.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer serial number.zip=>maximizer serial number.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer serial number.zip=>maximizer serial number.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximizer serial number.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximum copy.zip=>maximum copy.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximum copy.zip=>maximum copy.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximum copy.zip=>maximum copy.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maximum copy.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxinote 1.15 crack.zip=>maxinote 1.15 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxinote 1.15 crack.zip=>maxinote 1.15 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxinote 1.15 crack.zip=>maxinote 1.15 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxinote 1.15 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista 2.0.16 crack.zip=>maxivista 2.0.16 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista 2.0.16 crack.zip=>maxivista 2.0.16 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista 2.0.16 crack.zip=>maxivista 2.0.16 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista 2.0.16 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista v1.0.14 patch by snd.zip=>maxivista v1.0.14 patch by snd.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista v1.0.14 patch by snd.zip=>maxivista v1.0.14 patch by snd.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista v1.0.14 patch by snd.zip=>maxivista v1.0.14 patch by snd.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxivista v1.0.14 patch by snd.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxjongg 1.0 crack.zip=>maxjongg 1.0 crack.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxjongg 1.0 crack.zip=>maxjongg 1.0 crack.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxjongg 1.0 crack.zip=>maxjongg 1.0 crack.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxjongg 1.0 crack.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax by midnight.zip=>maxman v1.7.5 for 3dsmax by midnight.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax by midnight.zip=>maxman v1.7.5 for 3dsmax by midnight.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax by midnight.zip=>maxman v1.7.5 for 3dsmax by midnight.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax by midnight.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax.zip=>maxman v1.7.5 for 3dsmax.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax.zip=>maxman v1.7.5 for 3dsmax.exe

    Disinfection failed

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax.zip=>maxman v1.7.5 for 3dsmax.exe

    Deleted

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxman v1.7.5 for 3dsmax.zip

    Updated

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxon bodypaint 3d r2 v9.012 multilanguage.zip=>maxon bodypaint 3d r2 v9.012 multilanguage.exe

    Infected with: MemScan:Trojan.Downloader.Bagle.BL

    F:\Documents and Settings\Ramissou\Application Data\m\shared\maxon bodypaint 3d
    0
  3. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    .... et le rapport hitjack.
    Je m absente jusqu a dimanche, j espere que nous pourrons terminer a mon retour.
    En tout cas merci.

    Logfile of HijackThis v1.99.1
    Scan saved at 09:53:18, on 23/08/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\System32\Tablet.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\WINDOWS\System32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\SPAMfighter\SFAgent.exe
    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    F:\Program Files\Logitech\MouseWare\System\em_exec.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    C:\Téléchargement\eMule\emule.exe
    F:\Program Files\Internet Explorer\iexplore.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [drv_st_key] F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    O4 - HKCU\..\Run: [mule_st_key] F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [german.exe] F:\WINDOWS\System32\wintems.exe
    O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
    O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
    O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
    O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
    0
    1. Utilisateur anonyme
       
      Salut,

      tu n'as pas installé Avast, une raison ?

      avec plus de 1027 fichiers infectés cherche pas plus loin que ton PC merde legerement, il faudrait stopper un peu Emule le temps que l'on nettoie proprement, tu ne penses pas ?

      supprime tous les cracks et autres saloprie que tu as pû telecharger car à mon avis Bitdefender n'a pas tout supprimer à toi de le faire manuellement.


      Dès que c'est fait installe un anti-virus avast ou autre, puis refais un scan chez Bitdefender et colle le rapport ici stp


      A++
      0
      1. chiktika Messages postés 41 Date d'inscription   Statut Membre > Utilisateur anonyme
         
        Re bonjour !!!
        Autant de virus, j'ai honte !!!!!! je stoppe Emule pour l'instant.
        Pour Avast c'etait un oubli, rectifié hier. Malheureusement au redemarrage de l'ordi ce soir il ne fonctionne plus et impossible de le reinstaller. Idem pour Kerio que je dois reinstaller a chaque redemarrage.
        Voici le rapport BitDefender :



        BitDefender Online Scanner







        Scan report generated at: Sun, Aug 27, 2006 - 23:27:00









        Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;















        Statistics

        Time


        04:40:02

        Files


        718820

        Folders


        10932

        Boot Sectors


        6

        Archives


        14741

        Packed Files


        50673







        Results

        Identified Viruses


        7

        Infected Files


        16

        Suspect Files


        0

        Warnings


        0

        Disinfected


        0

        Deleted Files


        13







        Engines Info

        Virus Definitions


        450994

        Engine build


        AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

        Scan plugins


        13

        Archive plugins


        39

        Unpack plugins


        5

        E-mail plugins


        6

        System plugins


        1







        Scan Settings

        First Action


        Disinfect

        Second Action


        Delete

        Heuristics


        Yes

        Enable Warnings


        Yes

        Scanned Extensions


        *;

        Exclude Extensions




        Scan Emails


        Yes

        Scan Archives


        Yes

        Scan Packed


        Yes

        Scan Files


        Yes

        Scan Boot


        Yes








        Scanned File


        Status

        C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


        Infected with: Trojan.Dropper.Delf.VT

        C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


        Disinfection failed

        C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044561.exe


        Deleted

        C:\temp.zip=>qbjefecl.exe


        Infected with: Win32.Bagle.FG@mm

        C:\temp.zip=>qbjefecl.exe


        Disinfection failed

        C:\temp.zip=>qbjefecl.exe


        Deleted

        C:\temp.zip


        Updated

        C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


        Infected with: Trojan.Dropper.Delf.VT

        C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


        Disinfection failed

        C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar=>crack.exe


        Deleted

        C:\Téléchargement Finis\eMule\Sunbelt Kerio Personal Firewall 4.3.246 Crack(1).rar


        Update failed

        F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


        Infected with: Win32.Bagle.FG@mm

        F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


        Disinfection failed

        F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe


        Delete failed

        F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


        Infected with: Trojan.Downloader.Bagle.BG

        F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


        Disinfection failed

        F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe


        Delete failed

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


        Infected with: Win32.Bagle.FQ@mm

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


        Disinfection failed

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\36M15KKM\777[2].gif


        Deleted

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


        Infected with: Trojan.Downloader.Bagle.BG

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


        Disinfection failed

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[1].gif


        Deleted

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


        Infected with: Trojan.Downloader.Bagle.BG

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


        Disinfection failed

        F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\73CATUV6\777[3].gif


        Deleted

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


        Infected with: Win32.Bagle.FG@mm

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


        Disinfection failed

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip=>qbjefecl.exe


        Deleted

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)=>Susanna.zip


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)=>[Subject: Elizabeth][Date: Sun, 27 Aug 2006 20:02:28 +0100]=>(MIME part)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 0)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


        Update failed

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


        Infected with: Win32.Bagle.FG@mm

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


        Disinfection failed

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip=>qbjefecl.exe


        Deleted

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)=>Judeth.zip


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)=>[Subject: Nathaniel][Date: Sun, 27 Aug 2006 19:42:39 +0100]=>(MIME part)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 1)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


        Update failed

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


        Infected with: Win32.Bagle.FG@mm

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


        Disinfection failed

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip=>qbjefecl.exe


        Deleted

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)=>Anne.zip


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)=>[Subject: Ellen][Date: Sun, 27 Aug 2006 18:49:31 +0100]=>(MIME part)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx=>(message 2)


        Updated

        F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx


        Update failed

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


        Infected with: Win32.Worm.Mybot.JE

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


        Disinfection failed

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044563.exe


        Deleted

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


        Infected with: Virtool.Hidewindows.O

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


        Disinfection failed

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044564.exe


        Deleted

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


        Infected with: Win32.Bagle.FG@mm

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


        Disinfection failed

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044591.sys


        Deleted

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


        Infected with: Win32.Bagle.FG@mm

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


        Disinfection failed

        F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP103\A0044608.sys


        Deleted

        F:\WINDOWS\system32\wintems.exe


        Infected with: Win32.Bagle.FQ@mm

        F:\WINDOWS\system32\wintems.exe


        Disinfection failed

        F:\WINDOWS\system32\wintems.exe


        Delete failed
        0
  4. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    ... et le rapport HitJack !!!

    Merci !!!

    Logfile of HijackThis v1.99.1
    Scan saved at 19:21:27, on 28/08/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\svchost.exe
    F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\System32\Tablet.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\WINDOWS\System32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\SPAMfighter\SFAgent.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\Logitech\MouseWare\System\em_exec.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [drv_st_key] F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    O4 - HKCU\..\Run: [mule_st_key] F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [german.exe] F:\WINDOWS\System32\wintems.exe
    O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
    O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
    O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
    O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
    O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Re-bonsoir.
    Je vais essayer d'être plus disponible, tu es toujours d'accord pour m'aider à nettoyer ??

    Avec mes remerciements.
    0
    1. Utilisateur anonyme
       
      Salut,

      pas de probléme.

      Redis moi les logiciels anti-spywares que tu as
      Les logiciels pour nettoyer
      Les scan anti-virus que tu as déjà pû faire
      Puis remets un rapport hijackthis :-)

      A++
      0
      1. chiktika Messages postés 41 Date d'inscription   Statut Membre > Utilisateur anonyme
         
        Re !!

        Je me sers de
        Ewido, Spybot, Ad-aware, Avast qd le virus arretera de le desinstaller à chaque redémarrage.

        Le dernier scan chez Bit defender est posté juste ci-dessus. Je peux en refaire un plus recent, mais il faudra du temps ...

        Voila ce que dit HIt Jack :

        Logfile of HijackThis v1.99.1
        Scan saved at 20:22:31, on 30/08/2006
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        F:\WINDOWS\System32\smss.exe
        F:\WINDOWS\system32\winlogon.exe
        F:\WINDOWS\system32\services.exe
        F:\WINDOWS\system32\lsass.exe
        F:\WINDOWS\system32\svchost.exe
        F:\WINDOWS\System32\svchost.exe
        F:\WINDOWS\system32\spoolsv.exe
        F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
        F:\WINDOWS\System32\nvsvc32.exe
        F:\WINDOWS\System32\svchost.exe
        F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
        F:\WINDOWS\Explorer.EXE
        F:\WINDOWS\System32\Tablet.exe
        F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
        F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
        F:\WINDOWS\System32\LVCOMSX.EXE
        F:\Program Files\Logitech\Video\LogiTray.exe
        F:\Program Files\SPAMfighter\SFAgent.exe
        F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
        F:\Program Files\Logitech\Video\FxSvr2.exe
        F:\Program Files\MSN Messenger\msnmsgr.exe
        F:\Program Files\Logitech\MouseWare\System\em_exec.exe
        F:\Program Files\Mozilla Firefox\firefox.exe
        F:\Program Files\Outlook Express\msimn.exe
        F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
        O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
        O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
        O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
        O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
        O4 - HKCU\..\Run: [SpybotSD TeaTimer] F:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
        O4 - Startup: Microsoft AntiSpyware.lnk = F:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
        O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
        O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
        O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
        O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
        O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
        O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
        O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
        O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
        O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
        O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
        O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)
        O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

        Prête pour l'extermination de tous les virus !!!!!!! :o))
        a+
        0
      2. Utilisateur anonyme > chiktika Messages postés 41 Date d'inscription   Statut Membre
         
        ok, rien ne sera supprimé sauf si je te l'indique!

        Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"


        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ? < si tu connais laisse le
        O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
        O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
        O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
        O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
        O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,1,0,4640/mcfscan.cab
        O18 - Protocol: bwc0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "F:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O18 - Protocol: offline-8876480 - {41AC1620-00BF-4F8E-8FC1-AE868BD606D3} - F:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - F:\WINDOWS\System32\dfrgfat32.exe (file missing)
        O23 - Service: Speed Disk service - Symantec Corporation - F:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
        O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
        O23 - Service: SymWMI Service (SymWSC) - Unknown owner - F:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe (file missing)


        Clic sur demarrer, executer, tape: services.msc ,dans la liste regle les lignes ci-dessous comme suit:

        "desactivé"

        Webroot Spy Sweeper Engine
        SymWMI Service
        Speed Disk service
        Defragmentation Management Handler



        Fait ou refait ce nettoyage:

        Fais ce nettoyage: (à faire réguliérement)

        ¤Telecharges et installes ceci:
        CCleaner:
        Ccleaner

        dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
        Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

        ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"



        Comme tu avais la restauration de ton PC infecté on va creer un nouveau point propre, voir ci-dessous (a faire sur chaques disque dur/partition)


        Alors ceci; C:\System Volume Information\_restore"(voir rapport bitdefender) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

        Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

        ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
        ¤ decoches la case et clic sur "appliquer" puis "ok".

        Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

        Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
        Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.


        Affiche tous les dossiers et fichiers cachés;

        Clic sur "démarrer", "panneau de configuration", "outils" ,"option des dossiers", "affichage"
        "
        Coche:
        ¤ afficher les fichiers et dossiers cachés
        Clic sur "appliquer" puis "ok"

        Clic sur demarrer, rechercher, cherche et supprime ce fichier si présent:

        dfrgfat32.exe


        Clic sur demarrer, poste de travail, C:, all users, application data, cherche et supprime ce dossier:

        m <


        **

        Si un fichier persiste lors de la suppression fais ceci:
        -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement


        Dès que c'est fait remet un rapport hijackthis stp
        0
      3. chiktika Messages postés 41 Date d'inscription   Statut Membre > Utilisateur anonyme
         
        re !!

        O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ? ** c'est un petit programme pour ma souris, no stress ;)

        dfrgfat32.exe et le dossier m < introuvables.

        HitJack dit :
        Logfile of HijackThis v1.99.1
        Scan saved at 21:52:55, on 30/08/2006
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        F:\WINDOWS\System32\smss.exe
        F:\WINDOWS\system32\winlogon.exe
        F:\WINDOWS\system32\services.exe
        F:\WINDOWS\system32\lsass.exe
        F:\WINDOWS\system32\svchost.exe
        F:\WINDOWS\System32\svchost.exe
        F:\WINDOWS\system32\spoolsv.exe
        F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
        F:\WINDOWS\Explorer.EXE
        F:\WINDOWS\System32\nvsvc32.exe
        F:\WINDOWS\System32\svchost.exe
        F:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
        F:\WINDOWS\System32\Tablet.exe
        F:\WINDOWS\System32\LVCOMSX.EXE
        F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
        F:\Program Files\Logitech\Video\LogiTray.exe
        F:\Program Files\SPAMfighter\SFAgent.exe
        F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
        F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
        F:\Program Files\Logitech\Video\FxSvr2.exe
        F:\Program Files\Logitech\MouseWare\System\em_exec.exe
        F:\Program Files\Outlook Express\msimn.exe
        F:\Program Files\MSN Messenger\msnmsgr.exe
        F:\Program Files\Mozilla Firefox\firefox.exe
        F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
        O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
        O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
        O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
        O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
        O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
        O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
        O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
        O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
        O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
        O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
        O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
        O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

        PS : tu as raison pour Ccleaner, je l'avais mais je ne m'en sers pas assez !!
        0
  7. Utilisateur anonyme
     
    ok, pour ce qui est du dossier " m " regarde dans les autres dossiers si tu le trouves (application data)

    Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
    Une fois qu'il a terminé colle le rapport ici stp

    _Online Scanner
    _Kaspersky Online Scanner
    _My Computer

    https://www.kaspersky.fr/downloads

    On verra quand ont aura le rapport ou tu en es dans tout ça ;-)
    0
    1. chiktika Messages postés 41 Date d'inscription   Statut Membre
       
      ok, c'est parti pour 5h de scan .....
      je te copie le rapport demain matin avant de partir bosser et on voit ca vendredi.
      Merci beaucoup pour ton aide, bonne nuit. :)
      0
      1. Utilisateur anonyme > chiktika Messages postés 41 Date d'inscription   Statut Membre
         
        lol, ok pas de probléme, bonne nuit à toi ;-)

        ++
        0
  8. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Bonjour !!!!
    Au fait, je n'ai vraiement pas trouvé ce dossier m !

    Kasper dit :

    KASPERSKY ONLINE SCANNER REPORT
    Thursday, August 31, 2006 6:46:58 AM
    Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
    Kaspersky Online Scanner version: 5.0.83.0
    Kaspersky Anti-Virus database last update: 30/08/2006
    Kaspersky Anti-Virus database records: 206629
    Scan Settings
    Scan using the following antivirus database standard
    Scan Archives true
    Scan Mail Bases true
    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    K:\
    Scan Statistics
    Total number of scanned objects 189581
    Number of viruses found 4
    Number of infected objects 10 / 0
    Number of suspicious objects 0
    Duration of the scan process 03:09:37

    Infected Object Name Virus Name Last Action
    C:\temp.zip Infected: Email-Worm.Win32.Bagle.gen skipped
    F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe Infected: Trojan-Downloader.Win32.Bagle.aw skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_001_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_002_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_003_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_MAP_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cert8.db Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\formhistory.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\history.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\key3.db Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\parent.lock Object is locked skipped
    F:\Documents and Settings\Ramissou\Cookies\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\6783YZU1\wbkF.tmp Infected: Email-Worm.Win32.Bagle.mail skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\blague.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Boîte de réception.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Chiktika - Boîte de réception (1).dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Folders.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Offline.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Pop3uidl.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Recettes.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx/[From "Gilles" ][Date Wed, 30 Aug 2006 21:17:48 +0100]/html Infected: Email-Worm.Win32.Bagle.mail skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx/[From "Gilles" ][Date Wed, 30 Aug 2006 21:17:48 +0100]/Daniel.zip Infected: Email-Worm.Win32.Bagle.gen skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx/[From "Xiaolong" ][Date Wed, 30 Aug 2006 21:46:11 +0100]/UNNAMED/html Infected: Email-Worm.Win32.Bagle.mail skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx/[From "Xiaolong" ][Date Wed, 30 Aug 2006 21:46:11 +0100]/UNNAMED/Roberte.zip Infected: Email-Worm.Win32.Bagle.gen skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx/[From "Xiaolong" ][Date Wed, 30 Aug 2006 21:46:11 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.gen skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx Mail MS Outlook 5: infected - 5 skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Stock casse couilles.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Stock Tiscali.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\sushi.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Taxe.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\telecom.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Éléments supprimés.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\Ramissou\ntuser.dat.LOG Object is locked skipped
    F:\Program Files\Hewlett-Packard\HP PrecisionScan\PrecisionScan Pro\update.exe Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\debug.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\debug.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\error.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\error.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\ids.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\ids.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\network.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\network.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\system.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\system.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\warning.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\warning.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\web.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\web.log.idx Object is locked skipped
    F:\Program Files\Norton SystemWorks\Norton Utilities\NDD32.EXE Object is locked skipped
    F:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE Object is locked skipped
    F:\Program Files\SPAMfighter\Agent.log.txt Object is locked skipped
    F:\Program Files\SPAMfighter\Core.log.txt Object is locked skipped
    F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP106\change.log Object is locked skipped
    F:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    F:\WINDOWS\Installer\{7698EDA5-A90F-4205-99CB-8FF6F9048ED9}\Rescue.exe Object is locked skipped
    F:\WINDOWS\Sti_Trace.log Object is locked skipped
    F:\WINDOWS\system32\astecx.as Infected: Backdoor.IRC.Zapchast skipped
    F:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
    F:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\default Object is locked skipped
    F:\WINDOWS\system32\config\default.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SAM Object is locked skipped
    F:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\SECURITY Object is locked skipped
    F:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    F:\WINDOWS\system32\config\software Object is locked skipped
    F:\WINDOWS\system32\config\software.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\system Object is locked skipped
    F:\WINDOWS\system32\config\system.LOG Object is locked skipped
    F:\WINDOWS\system32\h323log.txt Object is locked skipped
    F:\WINDOWS\system32\re_file.exe Object is locked skipped
    F:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    F:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    F:\WINDOWS\wiadebug.log Object is locked skipped
    F:\WINDOWS\wiaservc.log Object is locked skipped
    Scan process completed.

    Bonne journee ! :o)
    0
  9. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Coucou !!
    De retour pour essayer de tout mettre ca au propre !!

    Je remet un HitJack :

    Logfile of HijackThis v1.99.1
    Scan saved at 18:13:24, on 01/09/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\WINDOWS\Explorer.EXE
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\System32\Tablet.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\WINDOWS\System32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\SPAMfighter\SFAgent.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    F:\Program Files\Logitech\MouseWare\System\em_exec.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [drv_st_key] F:\Documents and Settings\Ramissou\Application Data\hidn\hidn2.exe
    O4 - HKCU\..\Run: [mule_st_key] F:\Documents and Settings\Ramissou\Application Data\m\flec006.exe
    O4 - HKCU\..\Run: [german.exe] F:\WINDOWS\System32\wintems.exe
    O4 - HKCU\..\Run: [updateMgr] F:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0 -reboot 1
    O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

    Merci !!!
    0
    1. Utilisateur anonyme
       
      Ola,

      Ou est Avast ?? toujours pas rentré de vacance ? ..on va pas s'en sortir tu es encore à nouveau infecté :-/
      0
  10. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    C'est l'enfer : je t'explique :
    A chaque redemarrage du pc je dois reinstaller mon firewall.
    De meme pour Avast, il est inutilisable apres chaque redemarrage : un message d'erreur me dit :" le sous-systeme" AAVM à détecté une erreur RPC"
    Bref pas d'autre solution que de le desinstaller et le reinstaller à chaque fois. Je te laisse calculer le nombre de reboot que ca fait .........

    Avast a fait un scan au demarrage ... puis a reboote ....
    Au dernier demarrage j'avais avast et kerio qui marchaient ensemble mais plus aucune page internet ne voulaient s'ouvrir.

    En attendant tes consignes je re-re-re-re install Avast....

    On va y arriver !! :o)
    0
  11. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Bonjour !

    Voila, j'ai réinstallé avast, fais un scan, resupprimé les lignes que tu m'avaient indiquées et refait un scan chez kasper.
    En voila le resultat :

    KASPERSKY ONLINE SCANNER REPORT
    Saturday, September 02, 2006 1:34:10 PM
    Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
    Kaspersky Online Scanner version: 5.0.83.0
    Kaspersky Anti-Virus database last update: 2/09/2006
    Kaspersky Anti-Virus database records: 207467
    Scan Settings
    Scan using the following antivirus database standard
    Scan Archives true
    Scan Mail Bases true
    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\
    I:\
    J:\
    K:\
    Scan Statistics
    Total number of scanned objects 188821
    Number of viruses found 4
    Number of infected objects 6 / 0
    Number of suspicious objects 0
    Duration of the scan process 02:49:31

    Infected Object Name Virus Name Last Action
    C:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP106\change.log Object is locked skipped
    F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
    F:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
    F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_001_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_002_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_003_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\Cache\_CACHE_MAP_ Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\cert8.db Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\formhistory.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\history.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\key3.db Object is locked skipped
    F:\Documents and Settings\Ramissou\Application Data\Mozilla\Firefox\Profiles\default.e73\parent.lock Object is locked skipped
    F:\Documents and Settings\Ramissou\Cookies\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Historique\History.IE5\MSHist012006090220060903\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temp\~DFD5A9.tmp Object is locked skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\37IHL65T\777[4].gif Infected: Trojan-Downloader.Win32.Bagle.y skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\37IHL65T\wbk7.tmp Infected: Email-Worm.Win32.Bagle.mail skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\4PQJGLIN\777[1].gif Infected: Email-Worm.Win32.Bagle.gi skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\6OQTJIBI\777[2].gif Infected: Email-Worm.Win32.Bagle.gi skipped
    F:\Documents and Settings\Ramissou\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\blague.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Boîte d'envoi.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Boîte de réception.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Chiktika - Messages.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Folders.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Offline.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Pop3uidl.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Recettes.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\SPAMfighter.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Stock casse couilles.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Stock Tiscali.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\sushi.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Taxe.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\telecom.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\Mes documents\Messages Outlook\Éléments supprimés.dbx Object is locked skipped
    F:\Documents and Settings\Ramissou\NTUSER.DAT Object is locked skipped
    F:\Documents and Settings\Ramissou\ntuser.dat.LOG Object is locked skipped
    F:\Documents and Settings\Ramissou\UserData\index.dat Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
    F:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\debug.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\debug.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\error.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\error.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\ids.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\ids.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\network.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\network.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\system.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\system.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\warning.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\warning.log.idx Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\web.log Object is locked skipped
    F:\Program Files\Kerio\Personal Firewall 4\logs\web.log.idx Object is locked skipped
    F:\Program Files\SPAMfighter\Agent.log.txt Object is locked skipped
    F:\Program Files\SPAMfighter\Core.log.txt Object is locked skipped
    F:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP106\change.log Object is locked skipped
    F:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    F:\WINDOWS\Sti_Trace.log Object is locked skipped
    F:\WINDOWS\system32\astecx.as Infected: Backdoor.IRC.Zapchast skipped
    F:\WINDOWS\system32\config\Antiviru.evt Object is locked skipped
    F:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\default Object is locked skipped
    F:\WINDOWS\system32\config\default.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SAM Object is locked skipped
    F:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\SECURITY Object is locked skipped
    F:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    F:\WINDOWS\system32\config\software Object is locked skipped
    F:\WINDOWS\system32\config\software.LOG Object is locked skipped
    F:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    F:\WINDOWS\system32\config\system Object is locked skipped
    F:\WINDOWS\system32\config\system.LOG Object is locked skipped
    F:\WINDOWS\system32\h323log.txt Object is locked skipped
    F:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    F:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    F:\WINDOWS\system32\wintems.exe Infected: Email-Worm.Win32.Bagle.gi skipped
    F:\WINDOWS\Temp\Perflib_Perfdata_4d0.dat Object is locked skipped
    F:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
    F:\WINDOWS\wiadebug.log Object is locked skipped
    F:\WINDOWS\wiaservc.log Object is locked skipped
    G:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP106\change.log Object is locked skipped
    H:\System Volume Information\_restore{5790AA49-519B-4048-AD24-1FB6AF39DA16}\RP106\change.log Object is locked skipped
    Scan process completed.
    0
  12. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Et voila le dernier rapport Hitjack.
    Qu'en penses tu ??
    Merci :)

    Logfile of HijackThis v1.99.1
    Scan saved at 13:37:04, on 02/09/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Alwil Software\Avast4\ashServ.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\System32\LVCOMSX.EXE
    F:\WINDOWS\System32\Tablet.exe
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\SPAMfighter\SFAgent.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Logitech\MouseWare\System\em_exec.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [german.exe] F:\WINDOWS\System32\wintems.exe
    O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe
    0
  13. Utilisateur anonyme
     
    Salut,

    Fait ça dans l'ordre:

    Fais ce nettoyage: (à faire réguliérement)

    ¤Telecharges et installes ceci:
    CCleaner:
    Ccleaner

    dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
    Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

    ¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

    Alors ceci; C:\System Volume Information\_restore(voir rapport Kaspersky) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

    Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

    ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
    ¤ decoches la case et clic sur "appliquer" puis "ok".

    Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

    Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
    Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.

    Cherche et supprime ce fichier:

    wintems.exe

    **Si un fichier persiste lors de la suppression fais ceci:
    -Redemarres ton pc, dès l'allumage de celui-ci tapote la touche f8, à l'écran qui va apparaitre choisis "mode sans echec" attends un peu.. puis vas supprimer les fichiers/dossiers qui persistaient, vides ta corbeille et redemarres normalement

    Puis remet un rapport hijackthis stp
    0
  14. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Que des bonnes nouvelles !!!!

    J'ai trouvé et effacé le fichier wintems.exe ainsi que le dossier m
    Le firewall et avast ne se desinstallent plus au demarrage ...

    Peut on dire que tout va bien ??
    Voici le rapport HitJack

    Logfile of HijackThis v1.99.1
    Scan saved at 19:51:14, on 03/09/2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    F:\WINDOWS\System32\smss.exe
    F:\WINDOWS\system32\winlogon.exe
    F:\WINDOWS\system32\services.exe
    F:\WINDOWS\system32\lsass.exe
    F:\WINDOWS\system32\svchost.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\system32\spoolsv.exe
    F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    F:\Program Files\Alwil Software\Avast4\ashServ.exe
    F:\WINDOWS\Explorer.EXE
    F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    F:\WINDOWS\System32\nvsvc32.exe
    F:\WINDOWS\System32\svchost.exe
    F:\WINDOWS\System32\Tablet.exe
    F:\WINDOWS\System32\LVCOMSX.EXE
    F:\Program Files\Logitech\Video\LogiTray.exe
    F:\Program Files\SPAMfighter\SFAgent.exe
    F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    F:\Program Files\Logitech\MouseWare\System\em_exec.exe
    F:\Program Files\Logitech\Video\FxSvr2.exe
    F:\Program Files\Outlook Express\msimn.exe
    F:\Program Files\MSN Messenger\msnmsgr.exe
    F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    F:\Program Files\Mozilla Firefox\firefox.exe
    F:\Documents and Settings\Ramissou\Bureau\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {206E52E0-D52E-11D4-AD54-0000E86C26F6} - C:\Téléchargement\FreshDownload\fdcatch.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "F:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "F:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - Startup: Raccourci vers mwadvanced_fra.lnk = ?
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: GhostStartService - Symantec Corporation - F:\PROGRA~1\NORTON~1\NORTON~2\GHOSTS~2.EXE
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - F:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - F:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR2a\RpcSandraSrv.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - F:\WINDOWS\System32\Tablet.exe

    Youpii - merci !!!! :o))
    0
  15. Utilisateur anonyme
     
    Salut,

    ça va mieux plus rien à signaler dans le rapport Hijackthis, je vois que tu as fait un scan chez Bidefender, s'il t'a trouvé encore des choses n'hésites pas à coller le rapport ici.

    Fait cette derniére chose puis ça devrait être ok.

    Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système et colle le rapport ici
    Ewido: (reste gratuit après la période d'essai)
    Télécharger Ewido Security Suite

    Puis après, si le rapport Ewido n'est pas trop mauvais, il faudra mettre a jour ton PC et passer au SP2, pour ça fait le tri dans tes documents, ect.. refais un nettoyage puis:

    Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)

    A++

    0
  16. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Re !!

    Le scan bit-defender a plante a la fin !! Impossible d'afficher le rapport, je sais juste qu'il a trouvé un élément infecté.

    Voici le rapport Ewido : je n'ai pas su que faire je ne lui ai donc pas demande de supprimer le fichier.
    ---------------------------------------------------------
    ewido security suite - Rapport de scan
    ---------------------------------------------------------

    + Créé le: 21:09:36, 03/09/2006
    + Somme de contrôle: C7C00331

    + Résultats du scan:

    F:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe -> Heuristic.Win32.HostFile : Ignoré

    ::Fin du rapport

    Par contre au démarrage de l'ordi, à la premiere connection je dois arreter la protection residente avast pour pouvoir afficher le contenu d'une page web. Une fois que la premiere page est affichée je peux la remettre et je n'ai plus de probleme par la suite.

    Je sais que mon systeme n'est pas à jour :
    -j'utilise une version pirate de windows, j'ai donc limitée les mises a jour !!!
    -à l'epoque je n'avais pas entendu que du bien à propos du SP2 ...
    Mais si tu me dis de faire les mises à jour je le ferais...
    Par contre j'avais voulu en début d'années en faire quelques une et il semble que je n'avais meme pas pu le faire. A voir ...

    Et a nouveau merci :))
    0
    1. Utilisateur anonyme
       
      ok, pour Ewido rien de grave bizarre qu'il trouve un processus de Kerio, ne supprime pas..

      bah pour ton XP cracké, normal que tu ne puisses faire les mises à jours.
      Le SP2 ne crée pas de probléme tant qu'il est installé sur un PC propre et stable! des fois il faut juste réinstaller un ou deux programmes mais ça en reste la :-)

      Pour ce qui est de Bitdefender s'il t'a trouvé un fichier ça serait bien de savoir lequel..si non ça me semble propre ;-)
      0
      1. chiktika Messages postés 41 Date d'inscription   Statut Membre > Utilisateur anonyme
         
        Ok alors c'est reparti pour un tour de scan chez Bit Defender !!

        Vu le temps que ca prends je te dis bonne nuit et je colle le rapport demain avant d'aller travailler !!

        :o))
        0
      2. Utilisateur anonyme > chiktika Messages postés 41 Date d'inscription   Statut Membre
         
        Dac', bonne nuit à toi puis à demain alors ;-)
        0
  17. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Coucou !!!!

    Voila le rapport Bit defender indique qu'il n'y a plus aucun virus !! c'est cool !!!
    On dit donc que c'est terminé ??
    :o))
    0
    1. Utilisateur anonyme
       
      Salut,

      non, ce n'est pas finit maintenant installe un anti-virus, tu vas me dire que tu en as deja un mais celui que tu crois avoir n'est pas un anti-virus mais un anti-spywares!
      Donc rien a voir en voici un à ajouter en plus de ton Ewido et ton Kerio

      Puis ça me semblera ok

      Avast: (anti-virus gratuit en français!)
      Avast Home Edition

      0
  18. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    re !!
    J'ai déja installé Avast sur tes conseils il y a quelques jours !! ^^
    0
    1. Utilisateur anonyme
       
      Mdr!

      j'vois plus clair =)

      bon ça me semble ok alors ;-)
      0
  19. chiktika Messages postés 41 Date d'inscription   Statut Membre
     
    Mdrrr alors on se fait vieux ??? ;))
    hum pardon....

    Il ne me reste plus qu'a te remercier pour ton aide précieuse et aussi pour m'avoir consacrer de ton temps.

    Et merci aussi a ce cher vieux Internet Explorer, sans qui toutes ces interminables heures de scan seraient impossible ^^

    Gracias señor, et à une prochaine !!

    :o))
    0
    1. Utilisateur anonyme
       
      lol ;-)

      bah de rien et ptet à une prochaine alors ;-)

      Bonne soirée

      A++
      0