Besoin d'aide, PC infeté impossible de mettre à jour et désinstall

[Ninio]

Bonjour,

 

Mon PC est infecté. Il m'est impossible de désinstaller Avast et je ne peut pas le mettre à jour. Il me détecte régulièrement un fichier "ve.exe" infecté mais impossible de le supprimer.

 

J'ai fais une analyse avec Malwarebytes', il m'a trouvé 15 fichier infecté que j'ai supprimé mais cela n'a rien changé.

 

J'ai essayé de désinstaller avast par Ccleaner rien à faire.

 

J'ai fait aussi un essais en arrêtant Avast et en mettant Antivir mais ce dernier m'affiche des messages d'infection en permance (ce qui est plutot bien car Avast n'est plus à jour depuis le 04/11/08) mais il n'arrive pas à me supprimer les fichiers infectés.

 

Ci-dessous mon rapport hijackthis. Merci de m'aider!!!!

 

 

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 09:35:18, on 16/01/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

D:\Mes documents\AVAST\aswUpdSv.exe

D:\Mes documents\AVAST\ashServ.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\expiorer.exe

C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\TpShocks.exe

C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe

C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe

C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe

C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program Files\IBM\Messages By IBM\ibmmessages.exe

C:\IBMTOOLS\UTILS\ibmprc.exe

C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE

C:\WINDOWS\system32\rundll32.exe

D:\MESDOC~1\AVAST\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe

C:\WINDOWS\system32\inetsrv\inetinfo.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\WINDOWS\System32\QCONSVC.EXE

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\TPHDEXLG.EXE

C:\WINDOWS\system32\TpKmpSVC.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\AhnRpta.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe

D:\Mes documents\AVAST\ashMaiSv.exe

D:\Mes documents\AVAST\ashWebSv.exe

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\41W79AYN\HiJackThis[1].exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = s-marimba:6560

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*;172.29.*;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper

O4 - HKLM\..\Run: [TpShocks] TpShocks.exe

O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe

O4 - HKLM\..\Run: [TP4EX] tp4ex.exe

O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe

O4 - HKLM\..\Run: [uC_Start] C:\Program Files\IBM\Updater\\ucstartup.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\\ibmmessages.exe

O4 - HKLM\..\Run: [iBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe

O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE

O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor

O4 - HKLM\..\Run: [avast!] D:\MESDOC~1\AVAST\ashDisp.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [ibmmessages] C:\Program Files\IBM\Messages By IBM\ibmmessages.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [vamsoft] C:\WINDOWS\system32\vamsoft.exe

O4 - HKCU\..\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Digital Line Detect.lnk = ?

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Télécharger avec &BitSpirit - D:\Mes documents\LOgIcIElS\bitspirit\BitSpirit\bsurl.htm

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [JAVA_IBM] Java (IBM)

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Mes documents\AVAST\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - D:\Mes documents\AVAST\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Mes documents\AVAST\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - D:\Mes documents\AVAST\ashWebSv.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe

O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe (file missing)

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)

O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: IBM HDD APS Logging Service (TPHDEXLGSVC) - IBM Corporation - C:\WINDOWS\System32\TPHDEXLG.EXE

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

 

--

End of file - 8695 bytes

[thot]

bonjour,

as tu essayé en mode sans echecde supprimer avast?

[Apollo]

Bonjour,

 

Tu as une infection Sality (entr'autres).

 

Quand tu auras réussi à installer Antivir correctement, tu devras régler les options de réaction aux infections comme ceci:

 

1ère intention: Réparer.

Seconde intention: quarantaine.

 

Pour désinstaller Avast, tu dois d'abord arrêter son résident comme expliqué ici et utiliser le nettoyeur.

 

http://www.avast.com/fre/avast-uninstall-utility.html

 

Après reboot, fais une analyse complète avec Antivir avec les réglages cités; n'oublie pas d'activer la case: recherche de rootkits.

 

@++

[Ninio]

Re,

 

Merci pour votre aide. Oui j'ai essayé en mode sans échec ça ne marche pas.

 

J'ai essayé de faire ce que tu m'as di Apollo mais je n'y arrive pas.

 

Si ca peut t'aider, le ver qui m'a infecté est celui ci: TR/CRYPT.XPACK.GEN

 

Merci

[Kreativewbd]

hello....

Pour supprimer expiorer...

http://www.spywareremove.com/removeexpiorerexe.html

Modifié le 17 janvier 2009 par ipl_001
Intervention non autorisée !

[Apollo]

Je n'aime pas quand des intrus interviennent dans les sujets dont j'ai la charge.

Merci de vous abstenir de vos "conseils".

 

ninio,

 

on va utiliser l'artillerie mais pas ComboFix à cause de sality, justement;

Ce virus s'accroche aux exe, et il doit absolument être REPARE.

 

L'autre est normalement traité par Antivir.

 

ftp://ftp.kaspersky.com/devbuilds/AVPTool....2009_22-48.exe Enregistre AVP Tool sur le bureau

 

Le pc ne doit pas se mettre en veille! donc tu règles les options d'alimentation, via le panneau de configuration et tu mets sur "Jamais" partout. appliquer/ok.

 

Désactive la restauration de système; elle demandera à être réactivée au reboot du pc.

 

Si Sality est trouvé, tu devras "disinfect" et NON suppimer.

Pour ton autre problème tr/CRYPT.XPACK.GEN, essayer la désinfection et s'il ne peut pas: Delete.

 

SCANNER AVEC AVP TOOL

 

Le scan va s'effectuer en Mode Sans Echec: comme tu n'auras pas accès à Internet, je te conseille d'imprimer cette procédure.

• Télécharge et enregistre sur ton Bureau le scanner portable AVP TOOL (sélectionne-la à partir des dates) en cliquant sur cette image:
  
   
  Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
  
• Redémarre ton ordinateur
  
• Après avoir entendu l'ordinateur bipper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
  
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
  
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
  
• Choisis ton compte.
  
• Connecte éventuellement tes clés USB et disques externes.
   
   
  
• Lance l'exécutable intitulé "setup_7.0xxxxx" en double-cliquant dessus
  
• Réponds "Oui" à la question "Do you want to continue installation?"
  
• Clique sur "Next" pour les deux fenêtres suivantes: AVP TOOL s'installe sur ton Bureau dans un dossier nommé "Kaspersky Lab Tool"
  
• Si nécessaire, branche tes périphériques amovibles (clés USB, disque dur externe...)
  
• L'outil se lance tout seul: coche toutes les cases dans l'onglet "Automatic Scan".
  
• Clique maintenant sur "Security Level": une fenêtre de configuration s'ouvre: paramètre le scanner comme sur l'image:
   
  
  
• Valide avec "Apply" puis "OK"
  
• L'outil est maintenant configuré: dans la fenêtre principale, clique sur "Scan". Le scan commence, une nouvelle fenêtre s'ouvre indiquant la progression du balayage en pourcentage.
  
• A la fin du scan, AVP Tool signale les objets infectés par l'intermédiaire d'une pop-up: coche alors "Apply to all" et clique sur "Delete" ou "Disinfect" selon ce que propose la fenêtre:
   
  
  
• Une fois les infections traitées par l'intermédiaire des pop-ups, il se peut que des fichiers malsains n'aient pas été supprimés: ils apparaissent en rouge dans la liste: clique alors sur le bouton "Neutralize all" de la fenêtre de progression du scan: si une pop-up indique qu'il faut redémarrer, accepte en cliquant sur "OK"
  
• Rends-toi maintenant dans l'onglet "Events" de la fenêtre de progression du scan, et décoche "Show all events"
  
• Clique enfin sur "Reports" puis "Save to file" et enregistre le rapport sur ton Bureau sous le nom Rapport AVP TOOL
  
• Ferme les fenêtres d'AVP Tool: un message apparaît proposant de désinstaller le logiciel: choisis "YES"
  
  
• Un message d'alerte indique que le PC doit être redémarré pour finir la désinstallation:
  
  A la question "Would you like to restart now", répond "OUI" et redémarre ton ordinateur en Mode normal.
  
• Poste le contenu du rapport dans ta prochaine réponse (le début car le rapport est très lourd.
  

 

@++

[Kreativewbd]

L'intrus te dit bien des choses.......

Ensuite faire une recherche de rootkits avec antivir ha!ha! t'as pas trouver pire?

Sur ce je te salut bien bas.

Modifié le 17 janvier 2009 par ipl_001
Ton inadéquat/agressif et perturbation sujet.

[Apollo]

Mon cher ami, même entre helpers de ce forum et d'autres, nous avons un code qui veut que nous n'intervenons pas dans leurs sujets.

 

Si tu n'as rien d'autre à faire que de te méler de ce qui te te regarde pas, pourquoi ne pas créer ton propre forum de désinfection?

 

Ici, on n'est pas sur CCM et seuls les membres qui font partie de l'espace sécurité de Zébulon on le droit de désinfecter.

 

Tu as l'air si malin, tu dois être un expert...

 

 

L'intrus te dit bien des choses.......

J'en ai autant pour toi et heureusement que je suis tenu à une certaine réserve...

[ipl_001]

Bonsoir à tous,

 

Tout d'abord Ninio et Apollo, excusez-moi d'intervenir dans la discussion mais il me semble nécessaire de mettre un peu d'ordre et de calmer certains internautes perturbateurs !

 

Kreativewbd

Je te confirme ce que dit Apollo : tu n'es pas autorisé à intervenir ici !!!

 

- il y a des conditions pour intervenir sur les forums publics de Zebulon Sécurité...

- tu t'imagines être un pilier de tous les forums de France et de Navarre sous le prétexte que tu es membre de CCM (Inscription le mardi 3 juin 2008 / 33 posts), de PCA (inscription 04/06/2008 / 54 posts) et autres, tu te trompes !

- la moindre des choses lorsqu'on débarque sur un forum -ce qui est ton cas sur Zeb'Sécurité- est de rechercher les conditions d'intervention !

Elle sont visibles puisque épinglées et portant un titre explicite -> Procédure de fourniture d'aide sur ce sous-forum

 

Si tu ne sais pas lire ou n'es pas attentif aux consignes, tu files du mauvais coton !!! Comment veux-tu poster ici ?

J'espère que tu vois une différence entre CCM et Zeb'

Je n'ai trouvé nulle part des posts de ta part qui me feraient te tirer mon chapeau. Je ne vois aucune expertise dans tes interventions.

Par contre, je connais Apollo et l'Internet apporte des preuves de ses capaciés !

 

 

 

En attendant, ceci est un premier avertissement (un "point de pénalité") : il n'y en aura pas de deuxième, ce sera une interdiction de poster sur Zeb' pour une semaine !

 

 

 

Ninio et Apollo, encore une fois, excusez mon intrusion !

Ninio, tu peux suivre les instructions d'Apollo en toute confiance ! Bonne chance !

[Ninio]

Salut,

 

J'ai fais ce que tu m'as dit Apollo. Voici le rapport AVG TOOL. Mais Avast ne veut toujours pas se mettre à jour et je n'arrive pas à le désinstaller.

 

Scan

----

Scanned: 711883

Detected: 33

Untreated: 0

Start time: 18/01/2009 17:48:27

Duration: 18:42:10

Finish time: 19/01/2009 12:30:37

 

 

Detected

--------

Status Object

------ ------

will be deleted when the computer is restarted: Trojan program Trojan-GameThief.Win32.Magania.asgh File: C:\WINDOWS\system32\haozs0.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.asez File: h:\x2tpc.cmd

deleted: Trojan program Packed.Win32.Krap.b File: C:\i.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.akcs File: C:\ogcikeq.com

deleted: Trojan program Trojan-GameThief.Win32.Magania.asth File: C:\ve.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.aswh File: C:\x2csvg.exe

deleted: virus Worm.Win32.AutoRun.sbp File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nod16.tmp

deleted: virus Worm.Win32.AutoRun.sbp File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodA.tmp

deleted: Trojan program Trojan.Win32.Pakes.lrw File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodB.tmp

deleted: Trojan program Trojan.Win32.Agent.anle File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodE.tmp

deleted: Trojan program Trojan.Win32.RaMag.a File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1CGBUQ7R\help[1].rar

deleted: Trojan program Trojan.Win32.RaMag.a File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KPJBTVH7\ddr[1].rar

deleted: Trojan program Trojan-GameThief.Win32.Magania.asxh File: C:\WINDOWS\system32\afmain0.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.asjo File: C:\WINDOWS\system32\ciuytr0.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.asjo File: C:\WINDOWS\system32\ciuytr1.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.asfk File: C:\WINDOWS\system32\ciuytr2.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.asgh File: C:\WINDOWS\system32\haozs1.dll

deleted: Trojan program Packed.Win32.Krap.b File: C:\WINDOWS\system32\kav320.dll

deleted: virus Worm.Win32.AutoRun.sjs File: C:\WINDOWS\system32\kav321.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.aszu File: C:\WINDOWS\system32\nmdfgds0.dll

deleted: Trojan program Trojan-GameThief.Win32.Magania.aspj File: C:\WINDOWS\system32\nmdfgds2.dll

deleted: Trojan program Packed.Win32.Krap.b File: D:\i.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.akcs File: D:\ogcikeq.com

deleted: Trojan program Trojan-GameThief.Win32.Magania.asth File: D:\ve.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.aswh File: D:\x2csvg.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.asfh File: D:\x2tpc.cmd

deleted: virus Worm.Win32.AutoRun.sja File: D:\xfl3hx.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.arak File: D:\yb12j.cmd

deleted: Trojan program Trojan-GameThief.Win32.Magania.arak File: G:\yb12j.cmd

deleted: Trojan program Trojan-GameThief.Win32.Magania.asfh File: G:\x2tpc.cmd

deleted: Trojan program Trojan-GameThief.Win32.OnLineGames.uelr File: G:\wqesvxa.exe

deleted: Trojan program Trojan-GameThief.Win32.Magania.akcs File: H:\ogcikeq.com

deleted: Trojan program Trojan-GameThief.Win32.Magania.akcs File: H:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP627\A0114521.inf

 

 

Events

------

Time Name Status Reason

---- ---- ------ ------

18/01/2009 17:49:34 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:49:34 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:49:38 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:49:38 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:49:58 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:49:58 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:50:05 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:50:05 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:50:06 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:50:06 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:50:10 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:50:10 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 17:50:14 File: h:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

18/01/2009 17:50:14 File: h:\x2tpc.cmd not disinfected postponed

18/01/2009 17:52:07 File: c:\windows\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 17:52:07 File: c:\windows\system32\haozs0.dll not disinfected postponed

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected

18/01/2009 17:59:33 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/Ad-Aware SE Default.skn password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow2.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bck1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt11.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt12.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt13.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt21.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt22.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt23.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt31.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt32.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt33.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt41.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt42.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt43.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt51.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt52.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt53.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt61.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt62.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox2.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox3.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox4.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn2.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn3.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph1.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph2.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph3.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph4.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph5.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph6.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph7.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/main.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/preview.bmp password protected

18/01/2009 17:59:39 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/sprite1.bmp password protected

18/01/2009 18:02:11 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:11 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:13 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:13 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:21 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:21 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:23 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:23 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:24 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:24 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:26 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:02:26 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

18/01/2009 18:02:28 File: h:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

18/01/2009 18:02:28 File: h:\x2tpc.cmd not disinfected postponed

18/01/2009 18:03:55 File: c:\windows\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

18/01/2009 18:03:55 File: c:\windows\system32\haozs0.dll not disinfected postponed

18/01/2009 18:06:19 File: C:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

18/01/2009 18:06:19 File: C:\i.exe not disinfected postponed

18/01/2009 18:06:20 File: C:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

18/01/2009 18:06:20 File: C:\ogcikeq.com not disinfected postponed

18/01/2009 18:06:20 File: C:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

18/01/2009 18:06:20 File: C:\ve.exe not disinfected postponed

18/01/2009 18:06:21 File: C:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

18/01/2009 18:06:21 File: C:\x2csvg.exe not disinfected postponed

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nod16.tmp detected virus 'Worm.Win32.AutoRun.sbp'

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nod16.tmp not disinfected postponed

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodA.tmp detected virus 'Worm.Win32.AutoRun.sbp'

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodA.tmp not disinfected postponed

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodB.tmp detected Trojan program 'Trojan.Win32.Pakes.lrw'

18/01/2009 18:16:33 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodB.tmp not disinfected postponed

18/01/2009 18:16:34 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodE.tmp detected Trojan program 'Trojan.Win32.Agent.anle'

18/01/2009 18:16:34 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodE.tmp not disinfected postponed

18/01/2009 18:17:10 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1CGBUQ7R\help[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

18/01/2009 18:17:10 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1CGBUQ7R\help[1].rar not disinfected postponed

18/01/2009 18:17:56 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KPJBTVH7\ddr[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

18/01/2009 18:17:56 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KPJBTVH7\ddr[1].rar not disinfected postponed

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.reg password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.ini password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.reg password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.ini password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.reg password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.ini password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.reg password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.ini password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.reg password protected

18/01/2009 18:23:17 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.ini password protected

19/01/2009 02:35:45 File: C:\WINDOWS\system32\afmain0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asxh'

19/01/2009 02:35:45 File: C:\WINDOWS\system32\afmain0.dll not disinfected postponed

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr0.dll not disinfected postponed

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr1.dll not disinfected postponed

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asfk'

19/01/2009 02:36:16 File: C:\WINDOWS\system32\ciuytr2.dll not disinfected postponed

19/01/2009 02:37:43 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 02:37:43 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

19/01/2009 02:37:43 File: C:\WINDOWS\system32\haozs1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 02:37:43 File: C:\WINDOWS\system32\haozs1.dll not disinfected postponed

19/01/2009 02:39:01 File: C:\WINDOWS\system32\kav320.dll detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 02:39:01 File: C:\WINDOWS\system32\kav320.dll not disinfected postponed

19/01/2009 02:39:01 File: C:\WINDOWS\system32\kav321.dll detected virus 'Worm.Win32.AutoRun.sjs'

19/01/2009 02:39:01 File: C:\WINDOWS\system32\kav321.dll not disinfected postponed

19/01/2009 02:40:55 File: C:\WINDOWS\system32\nmdfgds0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aszu'

19/01/2009 02:40:55 File: C:\WINDOWS\system32\nmdfgds0.dll not disinfected postponed

19/01/2009 02:40:55 File: C:\WINDOWS\system32\nmdfgds2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aspj'

19/01/2009 02:40:55 File: C:\WINDOWS\system32\nmdfgds2.dll not disinfected postponed

19/01/2009 02:59:27 File: D:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 02:59:27 File: D:\i.exe not disinfected postponed

19/01/2009 02:59:27 File: D:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 02:59:27 File: D:\ogcikeq.com not disinfected postponed

19/01/2009 02:59:28 File: D:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

19/01/2009 02:59:28 File: D:\ve.exe not disinfected postponed

19/01/2009 02:59:28 File: D:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

19/01/2009 02:59:28 File: D:\x2csvg.exe not disinfected postponed

19/01/2009 02:59:28 File: D:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asfh'

19/01/2009 02:59:28 File: D:\x2tpc.cmd not disinfected postponed

19/01/2009 02:59:28 File: D:\xfl3hx.exe detected virus 'Worm.Win32.AutoRun.sja'

19/01/2009 02:59:28 File: D:\xfl3hx.exe not disinfected postponed

19/01/2009 02:59:28 File: D:\yb12j.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.arak'

19/01/2009 02:59:28 File: D:\yb12j.cmd not disinfected postponed

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected

19/01/2009 03:04:49 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/Ad-Aware SE Default.skn password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow2.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bck1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt11.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt12.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt13.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt21.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt22.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt23.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt31.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt32.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt33.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt41.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt42.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt43.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt51.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt52.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt53.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt61.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt62.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox2.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox3.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox4.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn2.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn3.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph1.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph2.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph3.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph4.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph5.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph6.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph7.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/main.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/preview.bmp password protected

19/01/2009 03:04:54 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/sprite1.bmp password protected

19/01/2009 03:08:57 File: G:\yb12j.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.arak'

19/01/2009 03:08:57 File: G:\yb12j.cmd not disinfected postponed

19/01/2009 03:08:57 File: G:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asfh'

19/01/2009 03:08:57 File: G:\x2tpc.cmd not disinfected postponed

19/01/2009 03:08:58 File: G:\wqesvxa.exe detected Trojan program 'Trojan-GameThief.Win32.OnLineGames.uelr'

19/01/2009 03:08:58 File: G:\wqesvxa.exe not disinfected postponed

19/01/2009 03:09:04 File: H:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 03:09:05 File: H:\ogcikeq.com not disinfected postponed

19/01/2009 03:09:05 File: H:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

19/01/2009 03:09:05 File: H:\x2tpc.cmd not disinfected postponed

19/01/2009 03:09:10 File: H:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP627\A0114521.inf detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 03:09:10 File: H:\System Volume Information\_restore{C99FC601-9195-45D9-99B4-B165C7973F04}\RP627\A0114521.inf not disinfected postponed

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected

19/01/2009 03:16:58 File: H:\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/Ad-Aware SE Default.skn password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow2.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bck1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt11.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt12.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt13.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt21.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt22.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt23.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt31.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt32.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt33.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt41.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt42.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt43.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt51.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt52.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt53.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt61.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt62.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox2.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox3.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox4.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn2.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn3.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph1.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph2.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph3.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph4.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph5.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph6.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph7.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/main.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/preview.bmp password protected

19/01/2009 03:17:02 File: H:\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/sprite1.bmp password protected

19/01/2009 03:18:35 File: C:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 03:18:35 File: C:\i.exe not disinfected postponed

19/01/2009 03:18:36 File: C:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 03:18:36 File: C:\ogcikeq.com not disinfected postponed

19/01/2009 03:18:36 File: C:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

19/01/2009 03:18:36 File: C:\ve.exe not disinfected postponed

19/01/2009 03:18:36 File: C:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

19/01/2009 03:18:36 File: C:\x2csvg.exe not disinfected postponed

19/01/2009 03:29:15 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nod16.tmp detected virus 'Worm.Win32.AutoRun.sbp'

19/01/2009 03:29:15 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nod16.tmp not disinfected postponed

19/01/2009 03:29:16 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodA.tmp detected virus 'Worm.Win32.AutoRun.sbp'

19/01/2009 03:29:16 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodA.tmp not disinfected postponed

19/01/2009 03:29:16 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodB.tmp detected Trojan program 'Trojan.Win32.Pakes.lrw'

19/01/2009 03:29:16 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodB.tmp not disinfected postponed

19/01/2009 03:29:17 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodE.tmp detected Trojan program 'Trojan.Win32.Agent.anle'

19/01/2009 03:29:17 File: C:\Documents and Settings\Administrateur\Local Settings\Temp\nodE.tmp not disinfected postponed

19/01/2009 03:29:53 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1CGBUQ7R\help[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

19/01/2009 03:29:53 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\1CGBUQ7R\help[1].rar not disinfected postponed

19/01/2009 03:30:43 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KPJBTVH7\ddr[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

19/01/2009 03:30:43 File: C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\KPJBTVH7\ddr[1].rar not disinfected postponed

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.reg password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit.zip/sbRecovery.ini password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.reg password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit1.zip/sbRecovery.ini password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.reg password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit2.zip/sbRecovery.ini password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.reg password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit3.zip/sbRecovery.ini password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.reg password protected

19/01/2009 03:36:15 File: C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\DSOExploit4.zip/sbRecovery.ini password protected

19/01/2009 11:44:28 File: C:\WINDOWS\system32\afmain0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asxh'

19/01/2009 11:44:28 File: C:\WINDOWS\system32\afmain0.dll not disinfected postponed

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr0.dll not disinfected postponed

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr1.dll not disinfected postponed

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asfk'

19/01/2009 11:44:55 File: C:\WINDOWS\system32\ciuytr2.dll not disinfected postponed

19/01/2009 11:46:23 File: C:\WINDOWS\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 11:46:23 File: C:\WINDOWS\system32\haozs0.dll not disinfected postponed

19/01/2009 11:46:23 File: C:\WINDOWS\system32\haozs1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 11:46:23 File: C:\WINDOWS\system32\haozs1.dll not disinfected postponed

19/01/2009 11:47:40 File: C:\WINDOWS\system32\kav320.dll detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 11:47:40 File: C:\WINDOWS\system32\kav320.dll not disinfected postponed

19/01/2009 11:47:40 File: C:\WINDOWS\system32\kav321.dll detected virus 'Worm.Win32.AutoRun.sjs'

19/01/2009 11:47:40 File: C:\WINDOWS\system32\kav321.dll not disinfected postponed

19/01/2009 11:49:33 File: C:\WINDOWS\system32\nmdfgds0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aszu'

19/01/2009 11:49:33 File: C:\WINDOWS\system32\nmdfgds0.dll not disinfected postponed

19/01/2009 11:49:33 File: C:\WINDOWS\system32\nmdfgds2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aspj'

19/01/2009 11:49:33 File: C:\WINDOWS\system32\nmdfgds2.dll not disinfected postponed

19/01/2009 12:08:45 File: D:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 12:08:45 File: D:\i.exe not disinfected postponed

19/01/2009 12:08:45 File: D:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 12:08:45 File: D:\ogcikeq.com not disinfected postponed

19/01/2009 12:08:45 File: D:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

19/01/2009 12:08:45 File: D:\ve.exe not disinfected postponed

19/01/2009 12:08:46 File: D:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

19/01/2009 12:08:46 File: D:\x2csvg.exe not disinfected postponed

19/01/2009 12:08:46 File: D:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asfh'

19/01/2009 12:08:46 File: D:\x2tpc.cmd not disinfected postponed

19/01/2009 12:08:46 File: D:\xfl3hx.exe detected virus 'Worm.Win32.AutoRun.sja'

19/01/2009 12:08:46 File: D:\xfl3hx.exe not disinfected postponed

19/01/2009 12:08:46 File: D:\yb12j.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.arak'

19/01/2009 12:08:46 File: D:\yb12j.cmd not disinfected postponed

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bck1.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt11.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt12.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt13.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt21.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt22.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt23.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt31.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt32.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt33.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt41.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt42.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt43.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt51.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt52.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt53.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt61.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/bt62.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/main.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/preview.bmp password protected

19/01/2009 12:14:13 File: D:\Mes documents\LOgIcIElS\Spyware\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/Ad-Aware SE Default.skn password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/arrow2.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bck1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt11.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt12.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt13.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt21.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt22.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt23.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt31.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt32.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt33.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt41.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt42.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt43.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt51.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt52.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt53.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt61.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/bt62.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox2.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox3.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/checkbox4.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn2.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/defbtn3.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph1.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph2.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph3.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph4.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph5.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph6.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/glyph7.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/main.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/preview.bmp password protected

19/01/2009 12:14:18 File: D:\Mes documents\LOgIcIElS\Spyware\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask/sprite1.bmp password protected

19/01/2009 12:18:07 File: c:\windows\system32\haozs0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 12:28:32 File: c:\windows\system32\haozs0.dll will be deleted on system restart

19/01/2009 12:28:54 Startup object: HKCR\{c5f43bef-ce2f-46d8-afe6-a647bacd1f09}\InprocServer32\ disinfected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 12:28:54 Startup object: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{C5F43BEF-CE2F-46D8-AFE6-A647BACD1F09} disinfected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 12:28:59 File: h:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

19/01/2009 12:29:03 Startup object: h:\autorun.inf\AutoRun\open disinfected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

19/01/2009 12:29:03 Startup object: h:\autorun.inf\AutoRun\shell\open\Command disinfected Trojan program 'Trojan-GameThief.Win32.Magania.asez'

19/01/2009 12:29:04 File: h:\x2tpc.cmd deleted

19/01/2009 12:29:04 File: c:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 12:29:06 File: c:\i.exe not disinfected cannot be disinfected

19/01/2009 12:29:08 File: c:\i.exe deleted

19/01/2009 12:29:08 File: c:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 12:29:10 File: c:\ogcikeq.com deleted

19/01/2009 12:29:10 File: c:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

19/01/2009 12:29:17 File: c:\ve.exe deleted

19/01/2009 12:29:17 File: c:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

19/01/2009 12:29:18 File: c:\x2csvg.exe deleted

19/01/2009 12:29:18 File: c:\documents and settings\administrateur\local settings\temp\nod16.tmp detected virus 'Worm.Win32.AutoRun.sbp'

19/01/2009 12:29:20 File: c:\documents and settings\administrateur\local settings\temp\nod16.tmp deleted

19/01/2009 12:29:20 File: c:\documents and settings\administrateur\local settings\temp\noda.tmp detected virus 'Worm.Win32.AutoRun.sbp'

19/01/2009 12:29:22 File: c:\documents and settings\administrateur\local settings\temp\noda.tmp deleted

19/01/2009 12:29:22 File: c:\documents and settings\administrateur\local settings\temp\nodb.tmp detected Trojan program 'Trojan.Win32.Pakes.lrw'

19/01/2009 12:29:24 File: c:\documents and settings\administrateur\local settings\temp\nodb.tmp deleted

19/01/2009 12:29:24 File: c:\documents and settings\administrateur\local settings\temp\node.tmp detected Trojan program 'Trojan.Win32.Agent.anle'

19/01/2009 12:29:26 File: c:\documents and settings\administrateur\local settings\temp\node.tmp deleted

19/01/2009 12:29:26 File: c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\1cgbuq7r\help[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

19/01/2009 12:29:29 File: c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\1cgbuq7r\help[1].rar not disinfected cannot be disinfected

19/01/2009 12:29:30 File: c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\1cgbuq7r\help[1].rar deleted

19/01/2009 12:29:30 File: c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\kpjbtvh7\ddr[1].rar detected Trojan program 'Trojan.Win32.RaMag.a'

19/01/2009 12:29:32 File: c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\kpjbtvh7\ddr[1].rar deleted

19/01/2009 12:29:32 File: c:\windows\system32\afmain0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asxh'

19/01/2009 12:29:33 File: c:\windows\system32\afmain0.dll deleted

19/01/2009 12:29:33 File: c:\windows\system32\ciuytr0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 12:29:34 File: c:\windows\system32\ciuytr0.dll deleted

19/01/2009 12:29:34 File: c:\windows\system32\ciuytr1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asjo'

19/01/2009 12:29:54 File: c:\windows\system32\ciuytr1.dll deleted

19/01/2009 12:29:54 File: c:\windows\system32\ciuytr2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asfk'

19/01/2009 12:29:55 File: c:\windows\system32\ciuytr2.dll deleted

19/01/2009 12:29:55 File: c:\windows\system32\haozs1.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.asgh'

19/01/2009 12:29:56 File: c:\windows\system32\haozs1.dll deleted

19/01/2009 12:29:56 File: c:\windows\system32\kav320.dll detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 12:29:58 File: c:\windows\system32\kav320.dll not disinfected cannot be disinfected

19/01/2009 12:30:00 File: c:\windows\system32\kav320.dll deleted

19/01/2009 12:30:00 File: c:\windows\system32\kav321.dll detected virus 'Worm.Win32.AutoRun.sjs'

19/01/2009 12:30:01 File: c:\windows\system32\kav321.dll deleted

19/01/2009 12:30:01 File: c:\windows\system32\nmdfgds0.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aszu'

19/01/2009 12:30:02 File: c:\windows\system32\nmdfgds0.dll deleted

19/01/2009 12:30:02 File: c:\windows\system32\nmdfgds2.dll detected Trojan program 'Trojan-GameThief.Win32.Magania.aspj'

19/01/2009 12:30:05 File: c:\windows\system32\nmdfgds2.dll deleted

19/01/2009 12:30:05 File: d:\i.exe detected Trojan program 'Packed.Win32.Krap.b'

19/01/2009 12:30:06 File: d:\i.exe not disinfected cannot be disinfected

19/01/2009 12:30:08 File: d:\i.exe deleted

19/01/2009 12:30:08 File: d:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 12:30:15 File: d:\ogcikeq.com deleted

19/01/2009 12:30:15 File: d:\ve.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.asth'

19/01/2009 12:30:16 File: d:\ve.exe deleted

19/01/2009 12:30:16 File: d:\x2csvg.exe detected Trojan program 'Trojan-GameThief.Win32.Magania.aswh'

19/01/2009 12:30:16 File: d:\x2csvg.exe deleted

19/01/2009 12:30:17 File: d:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asfh'

19/01/2009 12:30:17 File: d:\x2tpc.cmd deleted

19/01/2009 12:30:18 File: d:\xfl3hx.exe detected virus 'Worm.Win32.AutoRun.sja'

19/01/2009 12:30:21 File: d:\xfl3hx.exe deleted

19/01/2009 12:30:21 File: d:\yb12j.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.arak'

19/01/2009 12:30:22 File: d:\yb12j.cmd deleted

19/01/2009 12:30:22 File: g:\yb12j.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.arak'

19/01/2009 12:30:23 File: g:\yb12j.cmd deleted

19/01/2009 12:30:23 File: g:\x2tpc.cmd detected Trojan program 'Trojan-GameThief.Win32.Magania.asfh'

19/01/2009 12:30:28 File: g:\x2tpc.cmd deleted

19/01/2009 12:30:28 File: g:\wqesvxa.exe detected Trojan program 'Trojan-GameThief.Win32.OnLineGames.uelr'

19/01/2009 12:30:32 File: g:\wqesvxa.exe deleted

19/01/2009 12:30:32 File: h:\ogcikeq.com detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 12:30:35 File: h:\ogcikeq.com deleted

19/01/2009 12:30:35 File: h:\system volume information\_restore{c99fc601-9195-45d9-99b4-b165c7973f04}\rp627\a0114521.inf detected Trojan program 'Trojan-GameThief.Win32.Magania.akcs'

19/01/2009 12:30:37 File: h:\system volume information\_restore{c99fc601-9195-45d9-99b4-b165c7973f04}\rp627\a0114521.inf deleted

 

 

Statistics

----------

Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted

------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------

All objects 711883 33 0 33 0 19654 2327 324 0

System memory 1286 1 1 1 0 1 5 0 0

Startup objects 734 1 0 1 0 0 15 0 0

Disk boot sectors 9 0 0 0 0 0 0 0 0

Mes documents 10457 0 0 0 0 385 31 76 0

Mail databases 4 0 0 0 0 2 0 0 0

Poste de travail 356117 31 0 31 0 9952 1166 162 0

DOS (B:) 30 0 0 0 0 0 1 0 0

SYSTEME (C:) 327582 0 0 0 0 8889 1077 10 0

DONNEES (D:) 15664 0 0 0 0 425 32 76 0

 

 

Settings

--------

Parameter Value

--------- -----

Security Level Recommended

Action Prompt for action when the scan is complete

Run mode Manually

File types Scan all files

Scan only new and changed files No

Scan archives All

Scan embedded OLE objects All

Skip if object is larger than No

Skip if scan takes longer than No

Parse email formats No

Scan password-protected archives No

Enable iChecker technology No

Enable iSwift technology No

Show detected threats on "Detected" tab Yes

Rootkits search Yes

Deep rootkits search No

Use heuristic analyzer Yes

 

 

Quarantine

----------

Status Object Size Added

------ ------ ---- -----

 

 

Backup

------

Status Object Size

------ ------ ----

Infected: Trojan program Trojan.Win32.RaMag.a c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\kpjbtvh7\ddr[1].rar 96,6 KB

Infected: Trojan program Packed.Win32.Krap.b c:\windows\system32\kav320.dll 83 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asgh c:\windows\system32\haozs1.dll 77 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.arak d:\yb12j.cmd 118,5 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.aswh c:\x2csvg.exe 107,4 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asjo c:\windows\system32\ciuytr0.dll 88 KB

Infected: Trojan program Trojan.Win32.Agent.anle c:\documents and settings\administrateur\local settings\temp\node.tmp 111 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asez h:\x2tpc.cmd 105,9 KB

Infected: virus Worm.Win32.AutoRun.sbp c:\documents and settings\administrateur\local settings\temp\noda.tmp 115,3 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asth c:\ve.exe 106,4 KB

Infected: Trojan program Trojan-GameThief.Win32.OnLineGames.uelr g:\wqesvxa.exe 118,7 KB

Infected: virus Worm.Win32.AutoRun.sjs c:\windows\system32\kav321.dll 83 KB

Infected: Trojan program Trojan.Win32.Pakes.lrw c:\documents and settings\administrateur\local settings\temp\nodb.tmp 111 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.akcs c:\ogcikeq.com 97,2 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.akcs h:\system volume information\_restore{c99fc601-9195-45d9-99b4-b165c7973f04}\rp627\a0114521.inf 602 bytes

Infected: Trojan program Trojan-GameThief.Win32.Magania.asfh g:\x2tpc.cmd 105,1 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asgh c:\windows\system32\haozs0.dll 77 KB

Infected: Trojan program Packed.Win32.Krap.b d:\i.exe 107 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asfk c:\windows\system32\ciuytr2.dll 88 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.aspj c:\windows\system32\nmdfgds2.dll 93,5 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.aswh d:\x2csvg.exe 107,4 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.akcs d:\ogcikeq.com 97,2 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.aszu c:\windows\system32\nmdfgds0.dll 93,5 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asth d:\ve.exe 106,4 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asjo c:\windows\system32\ciuytr1.dll 88 KB

Infected: virus Worm.Win32.AutoRun.sja d:\xfl3hx.exe 103,9 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.arak g:\yb12j.cmd 118,5 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asxh c:\windows\system32\afmain0.dll 77 KB

Infected: Trojan program Trojan.Win32.RaMag.a c:\documents and settings\administrateur\local settings\temporary internet files\content.ie5\1cgbuq7r\help[1].rar 108,3 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.asfh d:\x2tpc.cmd 105,1 KB

Infected: virus Worm.Win32.AutoRun.sbp c:\documents and settings\administrateur\local settings\temp\nod16.tmp 117,8 KB

Infected: Trojan program Trojan-GameThief.Win32.Magania.akcs h:\ogcikeq.com 97,2 KB

Infected: Trojan program Packed.Win32.Krap.b c:\i.exe 107 KB

 

Merci pour tes conseils.