Aller au contenu

B2oBa

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    51

  • Inscription

  • Dernière visite

B2oBa's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. B2oBa
    Salut à tous !! J'ai un petit problème de démarrage suite à une installation de Vista. En faite j'ai installé Vista sur un disque secondaire en démarrant sur mon disque principal, tout c'est bien passé sauf que depuis lorsque j'allume mon pc j'ai un écran noir qui me demande si je veux démarré sur Vista (qui n'est d'ailleurs même pas installé sur ce disque ...) ou sur une version antérieur (Xp donc qui est mon os installé sur c:) je précise que le disque avec Vista n'est pas branché ... alors m'a dit-il malgré tout installé une petite parcelle sur c:.... bizarre ... J'ai essayé de résoudre le problème en passant par les options de démarrage et de récupération mais rien a faire cela persiste ... Quelqu'un peut m'aider par hasard ?
  2. B2oBa
    Oué c' est ce que j' ai cru comprendre En faite j' avais jamais chercher les pilotes avant et j' avais toujours reussi à trouver par la suite, mais sur ce coup là ... C' est malheureux quand même comme on nous impose Vista !!! Sinon personne n' a de solution ?
  3. B2oBa
    Le souci c' est pas que je ne trouve pas les pilotes, au contraire, mais c est que tous sont pour Vista ...
  4. B2oBa
    Salut à tous. J' ai un collègue qui a acheté un pc portable et qui veux que je lui configure. On a donc décider de passer de Vista à Xp mais le problème c' est que depuis le son ne marche pas. J' ai trouvé pour la carte graphique mais pour le son impossible !!! Dans le gestionnaire de périphérique "Audio device on high definition audio bus" est jaune. J' ai essayer plusieurs pilote rien à faire (http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1&PFid=24&Level=4&Conn=3&DownTypeID=3#1) par exemple .... A chaque fois il me plante au milieu de l' installation "Erreur -0001" Le pc est un Packard Bell Easynote Mx37 u 026. J' espere que quelqu' un pourra m' aider, merci d' avance
  5. B2oBa
    Ok, pas de probleme avec ce programme c' est bon. Plus aucun souci, l' anti-virus ne détecte plus rien, le pc tourne bien mieux ! Merci mille fois pour ton aide, j' y serai jamais arrivé tout seul, MERCI MERCI MERCI P.S : j' ai laisser tomber avast pour anti-vir, j' ai cru comprendre que c' était mieux
  6. B2oBa
    ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, December 13, 2007 5:20:46 PM Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 13/12/2007 Kaspersky Anti-Virus database records: 481609 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 136136 Number of viruses found: 1 Number of infected objects: 1 Number of suspicious objects: 0 Duration of the scan process: 00:52:54 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\dfsr.db Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\fsr.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\fsrtmp.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\tmp.edb Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows Live Contacts\snake_7@hotmail.com\real\members.stg Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows Live Contacts\snake_7@hotmail.com\shadow\members.stg Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Historique\History.IE5\MSHist012007121320071214\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\Perflib_Perfdata_5f4.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFE453.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFE45E.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFF798.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFF7C5.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Tyler\ntuser.dat.LOG Object is locked skipped C:\Program Files\mksvfinal\mirc32.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.59 skipped C:\Program Files\Sygate\SPF\debug.log Object is locked skipped C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP5\change.log Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped Scan process completed.
  7. B2oBa
    ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, December 13, 2007 5:24:18 AM Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 12/12/2007 Kaspersky Anti-Virus database records: 481110 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 133708 Number of viruses found: 4 Number of infected objects: 7 Number of suspicious objects: 0 Duration of the scan process: 01:04:26 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\pending.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\dfsr.db Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\fsr.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\fsrtmp.log Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Messenger\snake_7@hotmail.com\SharingMetadata\Working\database_6E20_476B_2047_38FB\tmp.edb Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows Live Contacts\snake_7@hotmail.com\real\members.stg Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows Live Contacts\snake_7@hotmail.com\shadow\members.stg Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFE453.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFE45E.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFF798.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temp\~DFF7C5.tmp Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Tyler\ntuser.dat.LOG Object is locked skipped C:\Program Files\mksvfinal\mirc32.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.59 skipped C:\Program Files\Sygate\SPF\debug.log Object is locked skipped C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\mljifgh.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\qoobox\Quarantine\C\WINDOWS\system32\o.vir Infected: Trojan-Downloader.BAT.Ftp.ab skipped C:\qoobox\Quarantine\C\WINDOWS\system32\pmnligg.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\qoobox\Quarantine\C\WINDOWS\system32\qhwfmy.exe.vir Infected: Trojan.Win32.Agent.dcb skipped C:\qoobox\Quarantine\C\WINDOWS\system32\wvurrqp.dll.vir Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\system32\yyefyse.exe.vir Object is locked skipped C:\qoobox\Quarantine\C\WINDOWS\tr941.exe.vir Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP2\A0000004.dll Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP2\A0000005.dll Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP2\A0000006.dll Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP2\A0000007.dll Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP3\A0001033.exe Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP4\A0001091.exe Infected: Trojan.Win32.Agent.dcb skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP4\A0001093.exe Object is locked skipped C:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP4\change.log Object is locked skipped C:\VundoFix Backups\awtqnkh.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped F:\System Volume Information\_restore{5C53F1DE-C736-4E18-96AD-A674C198EA6D}\RP4\change.log Object is locked skipped Scan process completed.
  8. B2oBa
    ComboFix 07-12-11.1 - Tyler 2007-12-12 20:34:18.3 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1019 [GMT 1:00] Running from: C:\Documents and Settings\Tyler\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Tyler\Bureau\CFScript.txt * Created a new restore point FILE C:\WINDOWS\system32\aglxvc.exe C:\WINDOWS\system32\qhwfmy.exe C:\WINDOWS\system32\Smab.dll C:\WINDOWS\system32\yyefyse.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\aglxvc.exe C:\WINDOWS\system32\qhwfmy.exe C:\WINDOWS\system32\Smab.dll C:\WINDOWS\system32\yyefyse.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-11-12 to 2007-12-12 )))))))))))))))))))))))))))))))))))) . 2007-12-11 15:05 . 2007-12-11 15:05 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe 2007-12-11 13:55 . 2007-12-11 15:11 <REP> d-------- C:\VundoFix Backups 2007-12-11 05:40 . 2007-12-11 05:40 <REP> d-------- C:\Program Files\Avira 2007-12-10 20:31 . 2007-12-10 20:45 <REP> d-------- C:\Downloads 2007-12-10 20:30 . 2007-12-10 20:47 <REP> d-------- C:\Kaspersky 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-10 11:05 . 2007-12-10 11:05 <REP> d-------- C:\WINDOWS\ERUNT 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\Tyler\Application Data\Grisoft 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-12-10 09:56 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-12-09 08:18 . 2007-12-11 05:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-07 05:26 . 2007-12-07 05:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a--c--- C:\WINDOWS\system32\dllcache\i8042prt.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-12 17:27 --------- d-----w C:\Program Files\mksvfinal 2007-12-05 22:03 --------- d-----w C:\Program Files\FlashFXP 2007-11-29 07:30 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Vso 2007-11-20 08:46 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Canon 2007-11-10 04:21 --------- d-----w C:\Program Files\QuickTime 2007-11-07 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe 2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe 2005-10-07 17:14 308,224 --sha-w C:\WINDOWS\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 22:00 217,088 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((( snapshot@2007-12-11_15.41.21.50 ))))))))))))))))))))))))))))))))))))))))) . - 2007-12-11 14:36:56 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat + 2007-12-12 19:34:11 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 13:45] "CursorXP"="C:\themeGold55\CursorXP\CursorXP.exe" [2001-12-13 19:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-11-11 12:47 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2004-03-10 15:26] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2005-06-06 17:05] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2002-04-29 21:20] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-07 11:45] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-11 05:45] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 13:45] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) "NoRecentDocsHistory"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\System32\DRIVERS\WlanUIG.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-07 10:48:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-12 20:35:57 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-12 20:37:00 C:\ComboFix2.txt ... 2007-12-11 22:35 C:\ComboFix3.txt ... 2007-12-11 15:46
  9. B2oBa
    ComboFix 07-12-11.1 - Tyler 2007-12-11 22:30:47.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1127 [GMT 1:00] Running from: C:\Documents and Settings\Tyler\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Tyler\Bureau\CFScript.txt * Created a new restore point FILE C:\23990098.$$$ C:\WINDOWS\QTFont.for C:\WINDOWS\QTFont.qfn C:\WINDOWS\system32\fhkdsuar.ini C:\WINDOWS\system32\npgpgote.ini C:\WINDOWS\system32\o C:\WINDOWS\system32\wcbvfrcl.ini C:\WINDOWS\tr941.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\23990098.$$$ C:\WINDOWS\QTFont.for C:\WINDOWS\QTFont.qfn C:\WINDOWS\system32\fhkdsuar.ini C:\WINDOWS\system32\npgpgote.ini C:\WINDOWS\system32\o C:\WINDOWS\system32\wcbvfrcl.ini C:\WINDOWS\tr941.exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-11-11 to 2007-12-11 )))))))))))))))))))))))))))))))))))) . 2007-12-11 15:46 . 2007-12-11 15:46 0 --a------ C:\WINDOWS\system32\aglxvc.exe 2007-12-11 15:42 . 2007-12-11 15:42 61,440 --ah----- C:\WINDOWS\system32\qhwfmy.exe 2007-12-11 15:41 . 2007-12-11 15:42 30,720 --ah----- C:\WINDOWS\system32\yyefyse.exe 2007-12-11 15:05 . 2007-12-11 15:05 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe 2007-12-11 13:55 . 2007-12-11 15:11 <REP> d-------- C:\VundoFix Backups 2007-12-11 05:40 . 2007-12-11 05:40 <REP> d-------- C:\Program Files\Avira 2007-12-10 20:31 . 2007-12-10 20:45 <REP> d-------- C:\Downloads 2007-12-10 20:30 . 2007-12-10 20:47 <REP> d-------- C:\Kaspersky 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-10 11:05 . 2007-12-10 11:05 <REP> d-------- C:\WINDOWS\ERUNT 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\Tyler\Application Data\Grisoft 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-12-10 09:56 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-12-09 08:18 . 2007-12-11 05:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-07 05:26 . 2007-12-07 05:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a--c--- C:\WINDOWS\system32\dllcache\i8042prt.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-11 20:55 --------- d-----w C:\Program Files\mksvfinal 2007-12-05 22:03 --------- d-----w C:\Program Files\FlashFXP 2007-11-29 07:30 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Vso 2007-11-20 08:46 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Canon 2007-11-10 04:21 --------- d-----w C:\Program Files\QuickTime 2007-11-07 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2007-10-11 19:55 --------- d-----w C:\Program Files\VSO 2007-10-11 19:53 --------- d-----w C:\Documents and Settings\Tyler\Application Data\XnView 2007-10-11 19:39 --------- d-----w C:\Program Files\XnView 2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe 2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe 2005-10-07 17:14 308,224 --sha-w C:\WINDOWS\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll 2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 22:00 217,088 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 13:45] "CursorXP"="C:\themeGold55\CursorXP\CursorXP.exe" [2001-12-13 19:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-11-11 12:47 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2004-03-10 15:26] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2005-06-06 17:05] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2002-04-29 21:20] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-07 11:45] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-11 05:45] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 13:45] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) "NoRecentDocsHistory"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\System32\DRIVERS\WlanUIG.sys . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-07 10:48:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-11 22:31:49 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-12-11 22:32:09 C:\ComboFix2.txt ... 2007-12-11 15:46
  10. B2oBa
    VundoFix V6.7.0 Checking Java version... Scan started at 14:56:39 11/12/2007 Listing files found while scanning.... C:\windows\system32\awtqnkh.dll Beginning removal... Attempting to delete C:\windows\system32\awtqnkh.dll C:\windows\system32\awtqnkh.dll Has been deleted! Performing Repairs to the registry. Done! ComboFix 07-12-11.1 - Tyler 2007-12-11 15:36:59.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1141 [GMT 1:00] Running from: C:\Documents and Settings\Tyler\Bureau\ComboFix.exe * Created a new restore point . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\cookies.ini C:\WINDOWS\system32\ghhkj.ini C:\WINDOWS\system32\ghhkj.ini2 C:\WINDOWS\system32\jkhhg.dll C:\WINDOWS\system32\mljifgh.dll C:\WINDOWS\system32\pmnligg.dll C:\WINDOWS\system32\wvurrqp.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\LEGACY_DOMAINSERVICE ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-11 to 2007-12-11 )))))))))))))))))))))))))))))))))))) . 2007-12-11 15:07 . 2007-12-11 15:07 59,392 --a------ C:\WINDOWS\tr941.exe 2007-12-11 15:05 . 2007-12-11 15:05 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe 2007-12-11 13:55 . 2007-12-11 15:11 <REP> d-------- C:\VundoFix Backups 2007-12-11 05:40 . 2007-12-11 05:40 <REP> d-------- C:\Program Files\Avira 2007-12-10 22:33 . 2007-12-10 22:33 30 --a------ C:\23990098.$$$ 2007-12-10 20:31 . 2007-12-10 20:45 <REP> d-------- C:\Downloads 2007-12-10 20:30 . 2007-12-10 20:47 <REP> d-------- C:\Kaspersky 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab 2007-12-10 13:00 . 2007-12-10 13:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2007-12-10 11:35 . 2007-12-11 14:56 59 --a------ C:\WINDOWS\system32\o 2007-12-10 11:05 . 2007-12-10 11:05 <REP> d-------- C:\WINDOWS\ERUNT 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\Tyler\Application Data\Grisoft 2007-12-10 09:56 . 2007-12-10 09:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft 2007-12-10 09:56 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-12-09 08:18 . 2007-12-11 05:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2007-12-07 05:26 . 2007-12-07 05:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2007-12-05 20:15 . 2007-12-05 20:15 54,156 --ah----- C:\WINDOWS\QTFont.qfn 2007-12-05 20:15 . 2007-12-05 20:15 1,409 --a------ C:\WINDOWS\QTFont.for 2007-12-05 18:00 . 2007-12-09 14:54 807,957 ---hs---- C:\WINDOWS\system32\fhkdsuar.ini 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys 2007-12-05 15:04 . 2002-08-29 11:33 52,736 --a--c--- C:\WINDOWS\system32\dllcache\i8042prt.sys 2007-12-04 17:36 . 2007-12-04 17:37 802,034 ---hs---- C:\WINDOWS\system32\npgpgote.ini 2007-12-03 17:35 . 2007-12-04 17:35 801,974 ---hs---- C:\WINDOWS\system32\wcbvfrcl.ini . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-12-11 12:48 --------- d-----w C:\Program Files\mksvfinal 2007-12-05 22:03 --------- d-----w C:\Program Files\FlashFXP 2007-11-29 07:30 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Vso 2007-11-20 08:46 --------- d-----w C:\Documents and Settings\Tyler\Application Data\Canon 2007-11-10 04:21 --------- d-----w C:\Program Files\QuickTime 2007-11-07 20:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc 2007-10-11 19:55 --------- d-----w C:\Program Files\VSO 2007-10-11 19:53 --------- d-----w C:\Documents and Settings\Tyler\Application Data\XnView 2007-10-11 19:39 --------- d-----w C:\Program Files\XnView 2005-05-13 15:12 217,073 --sha-r C:\WINDOWS\meta4.exe 2005-10-24 09:13 66,560 --sha-r C:\WINDOWS\MOTA113.exe 2005-10-13 19:27 422,400 --sha-r C:\WINDOWS\x2.64.exe 2005-10-07 17:14 308,224 --sha-w C:\WINDOWS\system32\avisynth.dll 2005-07-14 10:31 27,648 --sha-r C:\WINDOWS\system32\AVSredirect.dll 2005-06-26 13:32 616,448 --sha-r C:\WINDOWS\system32\cygwin1.dll 2005-06-21 20:37 45,568 --sha-r C:\WINDOWS\system32\cygz.dll 2004-01-24 22:00 70,656 --sha-r C:\WINDOWS\system32\i420vfw.dll 2006-04-27 08:24 2,945,024 --sha-r C:\WINDOWS\system32\Smab.dll 2005-02-28 11:16 240,128 --sha-r C:\WINDOWS\system32\x.264.exe 2004-01-24 22:00 217,088 --sha-r C:\WINDOWS\system32\yv12vfw.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 13:45] "CursorXP"="C:\themeGold55\CursorXP\CursorXP.exe" [2001-12-13 19:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "nwiz"="nwiz.exe" [2005-11-11 12:47 C:\WINDOWS\system32\nwiz.exe] "NvMediaCenter"="RUNDLL32.exe" [2001-08-28 16:00 C:\WINDOWS\system32\rundll32.exe] "PinnacleDriverCheck"="C:\WINDOWS\System32\PSDrvCheck.exe" [2004-03-10 15:26] "SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2005-06-06 17:05] "WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2002-04-29 21:20] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-07 11:45] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-11 05:45] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 13:45] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) "NoRecentDocsHistory"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) "NoLowDiskSpaceCheck"= 1 (0x1) . Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es' "2007-09-07 10:48:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe . ************************************************************************** catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-11 15:40:49 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106] -> C:\themeGold55\CursorXP\CurXP0.dll . Completion time: 2007-12-11 15:42:02 - machine was rebooted
  11. B2oBa
    File C:\WINDOWS\System32\pmnligg.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\System32\mljifgh.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\System32\pmnligg.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\System32\wvurrqp.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\Documents and Settings\Tyler\Bureau\sdfix\SDFix\backups_old1\logon.exe infected by "Trojan.Win32.Agent.dcb" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Tyler\Favoris\¤ Fonds d'écran - Wallpapers Cinéma ¤.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Program Files\Adobe\Adobe Help Viewer\1.0\help.html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Aide\t.html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Aide\version.html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\IndexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\FrameSet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\IndexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Simple\IndexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Simple\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau\IndexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau - Bleu\indexPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau - Bleu\SubPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Belle journée.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Camemberts.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Céramique.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Nature.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Punch aux agrumes.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Réseau.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Sucreries.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Technique.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Tournesol.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Vierge.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\Fichiers communs\System\ado\MDACReadme.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Program Files\mksvfinal\mirc32.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.59. No Action Taken. File C:\Program Files\NetMeeting\netmeet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\Help\ciadmin.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\AboutCompat.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatOffline.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\LearnCompat.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\DFS\privacy.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldialog.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrorMessagesOffline.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogshelp.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\rc\rcRequest.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\ConnIssue.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\LearnInternet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RCMoreInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\helpeeaccept.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAChatClient.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAStatusBar.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rcscreen6_head.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\setting.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ErrorMsgs.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RCFileXfer.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\VOIPMsgs.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar1.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar2.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAChatServer.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\SettingServer.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\TakeControlMsgs.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAStartPage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\rcBuddy.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysEvtLogInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysRemoteInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysServicesInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\AboutWU.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\Learn.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\LearnInternet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\learnWU.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\updatecenter.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Connection.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineDC.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineOptions.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\ConnIssue.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\LearnInternet.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RCMoreInfo.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\confirm.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcConnection.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen1.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen2.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen3.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcDetails.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcInviteStatus.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen4.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen5.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6_head.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen7.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen8.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen9.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\rcstatus.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\WINDOWS\system32\mljifgh.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\system32\pmnligg.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\system32\wvurrqp.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.arv. No Action Taken. File C:\WINDOWS\Web\tip.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File F:\Favoris\¤ Fonds d'écran - Wallpapers Cinéma ¤.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musique\musique de films\Casino (128) Various Artists - OST BSO BOF - Mr. Yusseply\1995 Casino 1\Banda Sonora - 1500 Enlaces ed2k - Titulos En Español - OST BSO BOF - Mr. Yusseply.html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File F:\Musique\musique de films\Casino (128) Various Artists - OST BSO BOF - Mr. Yusseply\1995 Casino 1\Soundtrack - 1500 ed2k Links - English Titles - OST BSO BOF - Mr. Yusseply.html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. Voila le rapport.
  12. B2oBa
    ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, December 10, 2007 2:41:13 PM Operating System: Microsoft Windows XP Professional, Service Pack 1 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 10/12/2007 Kaspersky Anti-Virus database records: 478251 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ Scan Statistics: Total number of scanned objects: 131589 Number of viruses found: 4 Number of infected objects: 119 Number of suspicious objects: 0 Duration of the scan process: 00:50:43 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Bureau\sdfix\SDFix\backups_old1\logon.exe Infected: Trojan.Win32.Agent.dcb skipped C:\Documents and Settings\Tyler\Cookies\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Historique\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\Tyler\NTUSER.DAT Object is locked skipped C:\Documents and Settings\Tyler\ntuser.dat.LOG Object is locked skipped C:\Program Files\Adobe\Adobe Help Viewer\1.0\help.html Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Aide\t.html Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Aide\version.html Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 1\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Diaporama vertical 2\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale bleu et gris\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale claire\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale foncée\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Horizontale à dessins\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\IndexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image horizontale\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\FrameSet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\IndexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Image verticale\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Simple\IndexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Simple\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau\IndexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau - Bleu\indexPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Adobe\Photoshop 7.0\Paramètres prédéfinis\Galerie Web Photo\Tableau - Bleu\SubPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Belle journée.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Camemberts.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Céramique.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Feuilles.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Fiesta.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Glacier.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Lierre.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Nature.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Punch aux agrumes.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Réseau.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Sucreries.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Technique.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Tournesol.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\Microsoft Shared\Papier à lettres\Vierge.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Fichiers communs\System\ado\MDACReadme.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\NetMeeting\netmeet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\Program Files\Sygate\SPF\debug.log Object is locked skipped C:\Program Files\Sygate\SPF\rawlog.log Object is locked skipped C:\Program Files\Sygate\SPF\seclog.log Object is locked skipped C:\Program Files\Sygate\SPF\syslog.log Object is locked skipped C:\Program Files\Sygate\SPF\tralog.log Object is locked skipped C:\WINDOWS\Debug\oakley.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\Help\ciadmin.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\AboutCompat.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatOffline.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\LearnCompat.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\DFS\privacy.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldialog.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrorMessagesOffline.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogshelp.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\rc\rcRequest.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\ConnIssue.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\LearnInternet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RCMoreInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\helpeeaccept.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAChatClient.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAStatusBar.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rcscreen6_head.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\setting.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ErrorMsgs.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RCFileXfer.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\VOIPMsgs.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar1.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar2.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAChatServer.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\SettingServer.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\TakeControlMsgs.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAStartPage.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\rcBuddy.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysEvtLogInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysRemoteInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysServicesInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\AboutWU.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\Learn.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\LearnInternet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\learnWU.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\updatecenter.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Connection.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineDC.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineOptions.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\ConnIssue.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\LearnInternet.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RCMoreInfo.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\confirm.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcConnection.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen1.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen2.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen3.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcDetails.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcInviteStatus.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen4.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen5.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6_head.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen7.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen8.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen9.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\rcstatus.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\h323log.txt Object is locked skipped C:\WINDOWS\system32\mljifgh.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\WINDOWS\system32\pmnligg.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wvurrqp.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.arv skipped C:\WINDOWS\Web\tip.htm Infected: Net-Worm.Win32.Allaple.a skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped Scan process completed.
  13. B2oBa
    J' ai tout suivi à la lettre, aucun probleme dans le déroulement, voici mes rapports : SDFix: Version 1.117 Run by Tyler on lun. 10/12/2007 at 11:13 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\Tyler\Bureau\sdfix\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\WINDOWS\SYSTEM32\HMM.EXE - Deleted C:\WINDOWS\SYSTEM32\SYSINFO.EXE - Deleted C:\DOCUME~1\Tyler\LOCALS~1\Temp\removalfile.bat - Deleted C:\WINDOWS\system32\First.exe - Deleted C:\WINDOWS\system32\Gothic.exe - Deleted C:\WINDOWS\system32\install.exe - Deleted C:\WINDOWS\system32\logon.exe - Deleted C:\WINDOWS\system32\o - Deleted C:\WINDOWS\system32\sysinfo.exe - Deleted C:\WINDOWS\system32\Tilecomnu.com - Deleted C:\WINDOWS\Temp\removalfile.bat - Deleted Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: catchme 0.3.1262.1 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-12-10 11:20:27 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services: ------------------ Authorized Application Key Export: Remaining Files: --------------- File Backups: - C:\DOCUME~1\Tyler\Bureau\sdfix\SDFix\backups\backups.zip Files with Hidden Attributes: Fri 13 May 2005 217,073 A.SHR --- "C:\WINDOWS\meta4.exe" Mon 24 Oct 2005 66,560 A.SHR --- "C:\WINDOWS\MOTA113.exe" Thu 13 Oct 2005 422,400 A.SHR --- "C:\WINDOWS\x2.64.exe" Fri 7 Oct 2005 308,224 A.SH. --- "C:\WINDOWS\system32\avisynth.dll" Thu 14 Jul 2005 27,648 A.SHR --- "C:\WINDOWS\system32\AVSredirect.dll" Sun 26 Jun 2005 616,448 A.SHR --- "C:\WINDOWS\system32\cygwin1.dll" Tue 21 Jun 2005 45,568 A.SHR --- "C:\WINDOWS\system32\cygz.dll" Sat 24 Jan 2004 70,656 A.SHR --- "C:\WINDOWS\system32\i420vfw.dll" Thu 27 Apr 2006 2,945,024 A.SHR --- "C:\WINDOWS\system32\Smab.dll" Mon 28 Feb 2005 240,128 A.SHR --- "C:\WINDOWS\system32\x.264.exe" Sat 24 Jan 2004 217,088 A.SHR --- "C:\WINDOWS\system32\yv12vfw.dll" Sat 21 Oct 2006 72,192 ..SHR --- "C:\Program Files\eRightSoft\SUPER\Setup.exe" Wed 11 Jan 2006 15,872 A.SHR --- "C:\Program Files\eRightSoft\SUPER\_Setup.dll" Tue 4 Jun 2002 84,992 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\14_43260.dll" Tue 4 Jun 2002 44,032 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\28_83260.dll" Tue 10 Dec 2002 73,766 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\atrc3260.dll" Tue 10 Dec 2002 65,575 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\cook3260.dll" Tue 4 Jun 2002 20,480 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\dnet3260.dll" Tue 10 Dec 2002 176,165 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv23260.dll" Tue 10 Dec 2002 94,208 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv33260.dll" Tue 10 Dec 2002 217,127 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\drv43260.dll" Sat 3 Nov 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\ivvideo.dll" Tue 10 Apr 2001 225,280 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\qtmlClient.dll" Fri 20 Feb 2004 548,940 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\raac.dll" Tue 10 Dec 2002 102,439 ...HR --- "C:\Program Files\eRightSoft\SUPER\mencoder\sipr3260.dll" Finished! AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 11:02:41 10/12/2007 + Résultat de l'analyse: C:\Documents and Settings\Tyler\Cookies\tyler@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Aucune action entreprise. :mozilla.15:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise. :mozilla.16:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Adnet : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ad.adnet[2].txt -> TrackingCookie.Adnet : Aucune action entreprise. :mozilla.24:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@adviva[1].txt -> TrackingCookie.Adviva : Aucune action entreprise. :mozilla.40:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@burstnet[1].txt -> TrackingCookie.Burstnet : Aucune action entreprise. :mozilla.434:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.435:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. :mozilla.436:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@estat[2].txt -> TrackingCookie.Estat : Aucune action entreprise. :mozilla.196:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.197:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise. :mozilla.316:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise. :mozilla.193:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Msn : Aucune action entreprise. :mozilla.194:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Msn : Aucune action entreprise. :mozilla.195:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Msn : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ie.search.msn[2].txt -> TrackingCookie.Msn : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ads.planetactive[2].txt -> TrackingCookie.Planetactive : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@questionmarket[2].txt -> TrackingCookie.Questionmarket : Aucune action entreprise. :mozilla.169:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise. :mozilla.170:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise. :mozilla.297:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@fr.real[1].txt -> TrackingCookie.Real : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@france.real[1].txt -> TrackingCookie.Real : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@realguide.real[1].txt -> TrackingCookie.Real : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@h.starware[2].txt -> TrackingCookie.Starware : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@try.starware[1].txt -> TrackingCookie.Starware : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise. :mozilla.351:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.352:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.353:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise. :mozilla.220:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise. :mozilla.422:C:\Documents and Settings\Tyler\Application Data\Mozilla\Firefox\Profiles\ra46ckdb.default\cookies.txt -> TrackingCookie.Yadro : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@yadro[1].txt -> TrackingCookie.Yadro : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise. C:\Documents and Settings\Tyler\Cookies\tyler@zedo[2].txt -> TrackingCookie.Zedo : Aucune action entreprise. Fin du rapport Logfile of HijackThis v1.99.1 Scan saved at 11:30:06, on 10/12/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\Winamp\Winampa.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Tyler\Bureau\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www.photoweb.fr/telechargement/Photoweb_Uploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe Voila.
  14. B2oBa
    Bonjour à tous, depuis quelques joursm on pc est infecté, dès que j' ouvre une page internet mon antivirus se mets à crier. J' ai supprimer les fichiers appriori infecté, j' ai fait un pré-nettoyage avec antivir mais le probleme persiste. Voici donc mon rapport Hijack : Logfile of HijackThis v1.99.1 Scan saved at 9:15:18, on 10/12/2007 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\WINDOWS\System32\ctfmon.exe C:\themeGold55\CursorXP\CursorXP.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\logon.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Tyler\Bureau\hijackthis\HijackThis.exe C:\WINDOWS\explorer.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {104B0A37-AB99-4F06-8032-8BBDC3B77DDB} (Telechargement Control) - http://www.photoweb.fr/telechargement/Photoweb_Uploader.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe Merci d' avance pour votre aide
  15. B2oBa

    Probleme d' imprimante

    B2oBa a répondu à un(e) sujet de B2oBa dans Hardware

    A mon avis lui à une buse de bouchée, moi ce n' est aps le cas le resultats de buse est nickel, quand j' imprime les couleurs sont bonnes mais il y a des traits bleu comme sur les exemples
×
×
  • Créer...