tari

Le PC n'étant plus accessible, je remet ta procédure à demain si tu le veux bien Les rapports devraient être disponible vers 18h30 ainsi que l'historique des problèmes encore présents. Bonne nuit à toi aussi et merci de ton aide

Bonsoir, Pour ce qui est du cas d'Emule et autres, j'ai déjà fait la remarque à la personne ... Personne qui est mon père (peut-être comprendra t-il ). Pour ce qui est du fonctionnement normal, je m'en doutais un peu . Ci-joint : Vundo VundoFix V6.5.8 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.8 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 19:53:33 16/09/2007 Listing files found while scanning.... C:\windows\system32\drvduh.dll C:\windows\system32\drvduhr.dll Beginning removal... Attempting to delete C:\windows\system32\drvduh.dll C:\windows\system32\drvduh.dll Has been deleted! Attempting to delete C:\windows\system32\drvduhr.dll C:\windows\system32\drvduhr.dll Has been deleted! Performing Repairs to the registry. Done! Beginning removal... VundoFix V6.5.8 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.8 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 17:58:06 17/09/2007 Listing files found while scanning.... Beginning removal... Attempting to delete C:\WINDOWS\SYSTEM32\fcccdef.dll C:\WINDOWS\SYSTEM32\fcccdef.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\winbjv32.dll C:\WINDOWS\system32\winbjv32.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wmpstub.exe C:\WINDOWS\system32\wmpstub.exe Has been deleted! Performing Repairs to the registry. Done! hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:15:01, on 17/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE E:\pestpatrol\PPActiveDetection.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\Trend Micro\HijackThis\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\fcccdef.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {EC50846C-08F3-4CDE-A75D-EEA910AB37CB} - C:\WINDOWS\system32\ssqrp.dll O4 - HKLM\..\Run: [eTrustPPAP] "E:\pestpatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvduh.dll,startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 4523 bytes Virus Log Information File C:\WINDOWS\system32\ipxroute.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\shrpubw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\spiisupd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\ssflwbox.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\tracerpt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\urqrsts.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.jp. No Action Taken. File C:\WINDOWS\system32\vssadmin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\keygen\Navigator 6 (Symbian UIQ 3rd edition)\TT6_kg_4_C4Pda.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA__\setup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA____\setup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\ASUSTek\ASUSDVD XP\ddtester.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Canon\IJ Manual\MP150\uninstall.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Documents To Go\ptgxlat.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\EPSON\ScanToWeb\EpSCTWeb.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Fichiers communs\ACD Systems\FR\Sync.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Fichiers communs\Ahead\Lib\NMTvWizard.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\Setup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\Setup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\IVT Corporation\BlueSoleil\hid2hci.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\java.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\javacpl.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\keytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\kinit.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\klist.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\ktab.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\orbd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\pack200.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\policytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\rmid.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\rmiregistry.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\servertool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_06\bin\unpack200.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\java.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\javacpl.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\javaws.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\keytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\kinit.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\klist.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\ktab.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\orbd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\pack200.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\policytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\rmid.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\rmiregistry.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\servertool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\tnameserv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_08\bin\unpack200.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\java.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\javacpl.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\javaw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\keytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\kinit.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\klist.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_09\bin\orbd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_10\bin\orbd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_10\bin\pack200.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.5.0_11\bin\keytool.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.6.0_01\bin\java-rmi.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.6.0_01\bin\java.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.6.0_01\bin\javacpl.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Nokia\Nokia PC Suite 6\ContentCopier.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\Nokia\Nokia PC Suite 6\ImageStore.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\ScanSoft\OmniPageSE2.0\opa11.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\Program Files\ScanSoft\OmniPageSE2.0\SetRgScn.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\VundoFix Backups\drvduh.dll.bad infected by "Trojan.Win32.Dialer.qn" Virus. Action Taken: File Deleted. File C:\VundoFix Backups\fcccdef.dll.bad tagged as not-a-virus:AdWare.Win32.Virtumonde.jp. No Action Taken. File C:\VundoFix Backups\winbjv32.dll.bad infected by "Trojan.Win32.Dialer.qn" Virus. Action Taken: File Deleted. File C:\VundoFix Backups\wmpstub.exe.bad infected by "Packed.Win32.Tibs" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB885836\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB886185\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887472\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887742\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887742\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887797\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB887797\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB888113\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB888113\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB888302\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB891781\update\update.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB922760\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB925454\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB931768\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\asr_fmt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\fontview.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\gprslt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\imjputy.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\medctrro.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\net.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\reg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\rsh.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\rsnotify.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\savedump.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\schtasks.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\services.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\setup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\setup50.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\skeys.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\snmp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\spider.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\spiisupd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\stimon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvadm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvwin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\svchost.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\telnet.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tlntadmn.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tlntsess.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tlntsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\tscupgrd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\ups.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\userinit.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\utilman.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wab.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wextract.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wscript.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB916281$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB922760$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB925454$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB928090$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB931768$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallKB937143$\iedw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ehome\snchk.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\inf\unregmp2.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\actmovie.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ahui.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\blastcln.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\caspol.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cipher.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cisvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cmd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cmstp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\comrepl.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\conime.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\copymar.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\csc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\cscript.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\davcdata.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\defrag.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dialer.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\diskpart.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\dumprep.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\evcreate.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\evntwin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\extrac32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\grpconv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\irftp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\osk.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\perfmon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\powercfg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\progman.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\shtml.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\shutdown.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\sigverif.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\skeys.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\slserv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\smbinst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\snchk.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\snmp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\spider.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\stimon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\svchost.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\unregmp2.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\ups.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\Com\comrereg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\imekrmig.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\imjpdadm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\inetmgr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\ipsec6.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\isignup.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\label.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\lights.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\lnkstub.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\lodctr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\logagent.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\logoff.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\lpq.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\lpr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\migisol.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\mountvol.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\mrinfo.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\msg.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\mshearts.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\msinfo32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\msswchx.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\mtstocom.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\nbtstat.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\notiflag.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\ntsd.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\nwscript.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\osuninst.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\pathping.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\pentnt.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\ping6.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\print.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\qappsrv.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\query.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\quser.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\qwinsta.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rasautou.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rasdial.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\recover.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\regini.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\register.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\regwiz.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\relog.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\replace.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\reset.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\route.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\routemon.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rsm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rsmsink.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rsmui.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rsopprov.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rsvp.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\runas.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rvsezm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\rwinsta.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\sapisvr.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\sc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\sfc.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\shadow.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\shvlzm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\sndvol32.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\w32tm.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\dllcache\winhstb.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\oobe\oobebaln.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\urqrsts.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.jp. No Action Taken. File C:\WINDOWS\system32\usmt\migwiz.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\carte tps\mkextract\Mk Extract 2.0.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.0.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.4.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.5.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.6.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. File E:\Eric\dreambox\VLC_Stream_106.rar tagged as not-a-virus:RiskTool.Win32.PsKill.1101. No Action Taken. File E:\films\Windows.Genuine.Advantage.Validation.v1.7.18.5.CRACKED-ETH0\WgaTray.exe infected by "Type_Win32" Virus. Action Taken: File Renamed. Voici les 3 rapports demandés. Cordialement

:: Db Post :: Rapport finis plus tot que prévu KASPERSKY ON-LINE SCANNER REPORT Sunday, September 16, 2007 11:52:45 PM Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 16/09/2007 Enregistrements dans la base antivirus Kaspersky : 393769 Paramètres d'analyse Analyser avec la base antivirus suivante standard Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail A:\ C:\ E:\ F:\ H:\ I:\ J:\ K:\ L:\ Statistiques de l'analyse Total d'objets analysés 55220 Nombre de virus trouvés 5 Nombre d'objets infectés 5 / 0 Nombre d'objets suspects 491 Durée de l'analyse 03:12:17 Nom de l'objet infecté Nom du virus Dernière action C:\CanonMP\MP150\cnmvsa.exe Suspect : Type_Win32 ignoré C:\check_LSA7.txt L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Adobe\Acrobat\7.0\Updater\udlog.txt L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Microsoft\Installer\{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}\NewShortcut1.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Application Data\Microsoft\Installer\{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}\NewShortcut2.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Application Data\Microsoft\Installer\{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}\NewShortcut4.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Application Data\Microsoft\Installer\{ADAED43C-BBD9-42C5-8B21-F4FBFA81E3C3}\NewShortcut6.4DA64122_6F1D_4317_BC6A_2B3299881D1B.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\cert8.db L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\formhistory.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\history.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\key3.db L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\parent.lock L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\search.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\EH\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\urlclassifier2.sqlite L'objet est verrouillé ignoré C:\Documents and Settings\EH\Bureau\DiagHelp\DiagHelp\grep.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Bureau\DiagHelp\DiagHelp\KProcCheck.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Bureau\DiagHelp\dumphive.exe Infecté : Trojan-PSW.Win32.Lmir.ayr ignoré C:\Documents and Settings\EH\Bureau\DiagHelp\FilesInfoCmd.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Bureau\Nouveau dossier (3)\Rustbfix\LS.exe Suspect : Type_Win32 ignoré C:\Documents and Settings\EH\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Application Data\Mozilla\Firefox\Profiles\vqy4h96v.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Temporary Internet Files\Content.IE5\MZYXMN25\43704[1].swf L'objet est verrouillé ignoré C:\Documents and Settings\EH\Local Settings\Temporary Internet Files\Content.IE5\QH4H29GD\44336[1].swf L'objet est verrouillé ignoré C:\Documents and Settings\EH\ntuser.dat L'objet est verrouillé ignoré C:\Documents and Settings\EH\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\kcnkirv.exe Infecté : Trojan-Dropper.Win32.Nulprot.g ignoré C:\keygen\Navigator 6 (Symbian UIQ 3rd edition)\TT6_kg_4_C4Pda.exe Suspect : Type_Win32 ignoré C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe Suspect : Type_Win32 ignoré C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA__\setup.exe Suspect : Type_Win32 ignoré C:\Program Files\Adobe\Acrobat 7.0\Setup Files\RdrBig\FRA____\setup.exe Suspect : Type_Win32 ignoré C:\Program Files\ASUSTek\ASUSDVD XP\ddtester.exe Suspect : Type_Win32 ignoré C:\Program Files\Canon\IJ Manual\MP150\uninstall.exe Suspect : Type_Win32 ignoré C:\Program Files\Diskeeper Corporation\Diskeeper\Diskeeper.exe Suspect : Type_Win32 ignoré C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe Suspect : Type_Win32 ignoré C:\Program Files\Diskeeper Corporation\Diskeeper\DkPerf.exe Suspect : Type_Win32 ignoré C:\Program Files\Diskeeper Corporation\Diskeeper\DkServiceMsg.exe Suspect : Type_Win32 ignoré C:\Program Files\Documents To Go\ptgxlat.exe Suspect : Type_Win32 ignoré C:\Program Files\EPSON\ScanToWeb\EpSCTWeb.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\ACD Systems\FR\Sync.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\Ahead\Lib\NeroScoutOptions.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\Ahead\Lib\NMFirstStart.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe Suspect : Type_Win32 ignoré C:\Program Files\Fichiers communs\Ahead\Lib\NMTvWizard.exe Suspect : Type_Win32 ignoré C:\Program Files\InstallShield Installation Information\{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}\Setup.exe Suspect : Type_Win32 ignoré C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\Setup.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe Suspect : Type_Win32 ignoré C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe Suspect : Type_Win32 ignoré C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe Suspect : Type_Win32 ignoré C:\Program Files\IVT Corporation\BlueSoleil\hid2hci.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\java.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\javacpl.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\javaw.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\jucheck.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\keytool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\kinit.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\klist.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\ktab.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\orbd.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\pack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\policytool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\rmid.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\rmiregistry.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\servertool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\tnameserv.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_06\bin\unpack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\java.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\javacpl.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\javaw.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\javaws.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\jucheck.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\keytool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\kinit.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\klist.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\ktab.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\orbd.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\pack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\policytool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\rmid.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\rmiregistry.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\servertool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\tnameserv.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_08\bin\unpack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\java.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\javacpl.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\javaw.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\javaws.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\keytool.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\kinit.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\klist.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\ktab.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\orbd.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_09\bin\pack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_10\bin\javaws.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_10\bin\orbd.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.5.0_10\bin\pack200.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.6.0_01\bin\java-rmi.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.6.0_01\bin\java.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.6.0_01\bin\javacpl.exe Suspect : Type_Win32 ignoré C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe Suspect : Type_Win32 ignoré C:\Program Files\Nero\Nero 7\Nero Toolkit\DriveSpeed.exe Suspect : Type_Win32 ignoré C:\Program Files\ScanSoft\OmniPageSE2.0\opa11.exe Suspect : Type_Win32 ignoré C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe Suspect : Type_Win32 ignoré C:\Program Files\ScanSoft\OmniPageSE2.0\SetRgScn.exe Suspect : Type_Win32 ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\VundoFix Backups\drvduh.dll.bad Infecté : Trojan.Win32.Dialer.qn ignoré C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB885836\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB886185\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887472\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887742\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887742\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887797\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB887797\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB888113\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB888113\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB888302\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB891781\update\update.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB933566\SP2QFE\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$hf_mig$\KB937143\SP2QFE\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\reg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\rsh.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\rsnotify.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\savedump.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\schtasks.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\services.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\setup.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\setup50.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\skeys.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\snmp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\spider.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\spiisupd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\stimon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvadm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\stub_fpsrvwin.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\telnet.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tlntadmn.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tlntsess.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tlntsvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\ups.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\userinit.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\utilman.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wab.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wextract.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wscript.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB916281$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB922760$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB925454$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB928090$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB931768$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallKB937143$\iedw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Aubade.scr Suspect : Type_Win32 ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\ehome\snchk.exe Suspect : Type_Win32 ignoré C:\WINDOWS\inf\unregmp2.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Installer\{350C97B8-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe Suspect : Type_Win32 ignoré C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe Suspect : Type_Win32 ignoré C:\WINDOWS\S2607D79C.tmp L'objet est verrouillé ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINDOWS\ServicePackFiles\i386\actmovie.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ahui.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\blastcln.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\caspol.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cipher.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cisvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cmd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cmstp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\comrepl.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\conime.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\copymar.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\csc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\cscript.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\davcdata.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\defrag.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\dialer.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\evcreate.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\evntwin.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\extrac32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\grpconv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\osk.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\perfmon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\powercfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\progman.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\shtml.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\shutdown.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\sigverif.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\skeys.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\slrundll.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\slserv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\smbinst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\snchk.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\snmp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\spider.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\stimon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvadm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\stub_fpsrvwin.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\svchost.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\unregmp2.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\ups.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\wmic.exe Suspect : Type_Win32 ignoré C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe Suspect : Type_Win32 ignoré C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\actmovie.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\alg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\asr_fmt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\asr_ldm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\at.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\Ati2mdxx.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\bootcfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\bootvrfy.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\CanonMP Uninstaller Information\{CA9A3609-3ECC-4574-8824-A8161A71A603}\DelDrv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré C:\WINDOWS\system32\chkdsk.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cidaemon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cipher.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cliconfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\clipbrd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\clspack.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cmdl32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cmmon32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cmstp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\Com\comrepl.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\Com\comrereg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\comp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\compact.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\comsdupd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\ODiag.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\OSession.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\WINDOWS\system32\conime.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\convert.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\cscript.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dcomcnfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ddeshare.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\defrag.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dfrgfat.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\diskpart.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\diskperf.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\imekrmig.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\imjpdadm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\inetmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\ipsec6.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\isignup.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\label.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\lights.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\lnkstub.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\lodctr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\logagent.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\logoff.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\lpq.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\lpr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\migisol.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\mountvol.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\mpnotify.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\mrinfo.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\msg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\mshearts.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\msinfo32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\msswchx.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\mtstocom.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\nbtstat.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\notiflag.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\ntsd.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\nwscript.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\osuninst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\pathping.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\pentnt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\ping6.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\print.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\qappsrv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\query.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\quser.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\qwinsta.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rasautou.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rasdial.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\recover.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\regini.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\register.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\regwiz.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\relog.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\replace.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\reset.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\route.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\routemon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rsm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rsmsink.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rsmui.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rsopprov.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rsvp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\runas.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rvsezm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\rwinsta.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\sapisvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\sc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\sfc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\shadow.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\shvlzm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\sndvol32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\w32tm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dllcache\winhstb.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\doskey.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dplaysvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\dpnsvr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré C:\WINDOWS\system32\finger.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\fsutil.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ftp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\getmac.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\gpresult.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\gpupdate.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\help.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ipsec6.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ipv6.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ipxroute.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\java.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\javaw.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\javaws.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\jdbgmgr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\jview.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\keystone.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\KitVb6.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\label.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\lights.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\lnkstub.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\makecab.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\mpnotify.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\mqbkup.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\msswchx.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\mstinit.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\narrator.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\nbtstat.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\nvappbar.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\nvcolor.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\odbcad32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\odbcconf.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\oobe\oobebaln.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\openfiles.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\packager.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\pentnt.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\ping.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\powercfg.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\print.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\progman.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\proquota.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\qappsrv.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\qwinsta.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rasautou.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rcp.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rdsaddin.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\recover.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\regini.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\regwiz.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\replace.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\reset.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rexec.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\route.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\routemon.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsh.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsm.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsmsink.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsmui.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsnotify.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rsopprov.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rtcshare.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\runas.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\runonce.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\rwinsta.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\savedump.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\sc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\schtasks.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\scrnsave.scr Suspect : Type_Win32 ignoré C:\WINDOWS\system32\sdbinst.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\secedit.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\sethc.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\unlodctr.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\usmt\migwiz.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\winbjv32.dll Infecté : Trojan.Win32.Dialer.qn ignoré C:\WINDOWS\system32\winhlp32.exe Suspect : Type_Win32 ignoré C:\WINDOWS\system32\wmpstub.exe Infecté : Packed.Win32.Tibs ignoré C:\WINDOWS\Temp\Perflib_Perfdata_280.dat L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré E:\emule\LinkCreator.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\cardsharing\partage abonnement\tcptunnel.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\carte tps\mkextract\Mk Extract 2.0.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.0.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.4.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.5.exe Suspect : Type_Win32 ignoré E:\Eric\dreambox\carte tps\mkextract\MK Extract v1.6.exe Suspect : Type_Win32 ignoré E:\films\Windows.Genuine.Advantage.Validation.v1.7.18.5.CRACKED-ETH0\WgaTray.exe Suspect : Type_Win32 ignoré E:\jojo\TOEIC Mastery - Tests d'entrainement au TOEIC\QICU.EXE Suspect : Type_Win32 ignoré E:\software\fuck windows\Nouveau dossier (4)\Windows XP CD Key and Product ID Changer.exe Suspect : Type_Win32 ignoré E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré Analyse terminée. Indisponible jusqu'à demain 18 heures à cause des études. Bonne soirée. Cordialement.

Vundo VundoFix V6.5.8 Checking Java version... Java version is 1.5.0.6 Old versions of java are exploitable and should be removed. Java version is 1.5.0.8 Old versions of java are exploitable and should be removed. Java version is 1.5.0.9 Old versions of java are exploitable and should be removed. Java version is 1.5.0.10 Java version is 1.5.0.11 Scan started at 19:53:33 16/09/2007 Listing files found while scanning.... C:\windows\system32\drvduh.dll C:\windows\system32\drvduhr.dll Beginning removal... Attempting to delete C:\windows\system32\drvduh.dll C:\windows\system32\drvduh.dll Has been deleted! Attempting to delete C:\windows\system32\drvduhr.dll C:\windows\system32\drvduhr.dll Has been deleted! Performing Repairs to the registry. Done! PS : Icône barre des tâches disparu (processus masqué), popups toujours existants, tel que winAntiSpyware2007 c'est drôle non ?

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:35:26, on 16/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE E:\pestpatrol\PPActiveDetection.exe C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe C:\Program Files\Palm\Hotsync.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\scanner.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {28ED8EFF-8D4A-495D-8170-DC45D6C0A14A} - C:\WINDOWS\system32\ssqrp.dll O2 - BHO: (no name) - {733E9132-53CA-4C97-9AC9-145C4502FA20} - C:\WINDOWS\system32\fcccdef.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [eTrustPPAP] "E:\pestpatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvduh.dll,startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O20 - Winlogon Notify: fcccdef - C:\WINDOWS\SYSTEM32\fcccdef.dll O20 - Winlogon Notify: winbjv32 - C:\WINDOWS\SYSTEM32\winbjv32.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 4436 bytes PS: sert à quoi de renommer en scanner.exe à part le détecter plus facilement ? (je m'étais trompé de fichier tout a l'heure) Pour le log DiagHelp, rien n'indique qu'il n'a finis malgré le rapport crée avec un nom nom reconnaissable sans exploration du log. catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-16 19:39:44 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\com\AllowedPaths] @=hex:4e,e1,43,44,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:4721ae33 "s2"=dword:566c2b14 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\CfgD79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:b1,7b,d2,5c,81,cd,6d,ad,17,53,4b,16,0a,d0,f1,bd,ee,b0,89,81,26,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:97,c3,f4,e7,fb,d4,ff,12,5c,4c,19,2d,e3,c1,1e,c1,56,7b,9f,f1,6f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurePipeServers\com\AllowedPaths] @=hex:4e,e1,43,44,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\CfgD79C293C1ED61418462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:b1,7b,d2,5c,81,cd,6d,ad,17,53,4b,16,0a,d0,f1,bd,ee,b0,89,81,26,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:97,c3,f4,e7,fb,d4,ff,12,5c,4c,19,2d,e3,c1,1e,c1,56,7b,9f,f1,6f,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Nls\com\AllowedPaths] @=hex:3a,6c,1f,45,00,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Nls\net\AllowedPaths] @=hex:7f,34,cf,46,00,00,00,00 scanning hidden files ... scan completed successfully hidden files: 0 Si c'est pas ca, ca bug

Désolé pour le temps de réponse (autre problème : msconfig inconnu) Voici les 3 rapports demandés, malgrès que je ne sois certain que DiagHelp ai été achevé, je l'ai copié directement depuis la fenetre Dos. hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:06:54, on 16/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE E:\pestpatrol\PPActiveDetection.exe C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe C:\Program Files\Palm\Hotsync.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [eTrustPPAP] "E:\pestpatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvduh.dll,startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- End of file - 3569 bytes Blacklight 09/16/07 18:07:47 [info]: BlackLight Engine 1.0.64 initialized 09/16/07 18:07:47 [info]: OS: 5.1 build 2600 (Service Pack 2) 09/16/07 18:07:51 [Note]: 7019 4 09/16/07 18:07:51 [Note]: 7005 0 09/16/07 18:08:31 [Note]: 7006 0 09/16/07 18:08:31 [Note]: 7011 1956 09/16/07 18:08:31 [Note]: 7026 0 09/16/07 18:08:32 [Note]: 7026 0 09/16/07 18:08:36 [Note]: FSRAW library version 1.7.1022 09/16/07 18:24:38 [Note]: 2000 1012 09/16/07 18:24:38 [Note]: 2000 1012 09/16/07 18:24:38 [Note]: 2000 1012 09/16/07 18:24:38 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:24:48 [Note]: 2000 1012 09/16/07 18:27:46 [Note]: 7007 0 DiagHelp !!!! ATTENTION !!! Le programme va maintenant lancer scan catchme. une fois le scan termine (avec le nombre de files/processes/services hidden dete ctes).. Appuyez sur la touche ENTREE du clavier pour continuer l'analyse avec DiagHelp ! !!!! ATTENTION !!! catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http:/ /www.gmer.net Rootkit scan 2007-09-16 18:57:30 Windows 5.1.2600 Service Pack 2 NTFS detected NTDLL code modification: ZwOpenFile scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\com\Allow edPaths] @=hex:4e,e1,43,44,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:4721ae33 "s2"=dword:566c2b14 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\CfgD79C293C1ED61418 462E24595C90D04] "h0"=dword:00000001 "ujdew"=hex:b1,7b,d2,5c,81,cd,6d,ad,17,53,4b,16,0a,d0,f1,bd,ee,b0,89,81,26,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E36468 2FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:97,c3,f4,e7,fb,d4,ff,12,5c,4c,19,2d,e3,c1,1e,c1,56,7b,9f,f1,6f,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\SecurePipeServers\com\AllowedPa ths] @=hex:4e,e1,43,44,00,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\CfgD79C293C1ED61418462E 24595C90D04] "h0"=dword:00000001 "ujdew"=hex:b1,7b,d2,5c,81,cd,6d,ad,17,53,4b,16,0a,d0,f1,bd,ee,b0,89,81,26,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4 BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:97,c3,f4,e7,fb,d4,ff,12,5c,4c,19,2d,e3,c1,1e,c1,56,7b,9f,f1,6f,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Nls\com\AllowedPat hs] @=hex:3a,6c,1f,45,00,00,00,00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Nls\net\AllowedPat hs] @=hex:7f,34,cf,46,00,00,00,00 scanning hidden files ... scan completed successfully hidden files: 0 --------------------------------------------------------------------------------------------------------------------------- --------------------------------------------------------------------------------------------------------------------------- PS : Merci pour la réponse rapide ainsi que le temps accordé

Bonjour, Ci-joint, mon log hijackthis ouvert depuis un autre ordinateur. Celui sur lequel il a été effectué n'ouvre plus les txt. Logfile of HijackThis v1.99.1 Scan saved at 17:19:21, on 16/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE E:\pestpatrol\PPActiveDetection.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe C:\Program Files\Palm\Hotsync.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [eTrustPPAP] "E:\pestpatrol\PPActiveDetection.exe" O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvduh.dll,startup O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe O4 - Global Startup: HOTSYNCSHORTCUTNAME.lnk = C:\Program Files\Palm\Hotsync.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111...all/xscan53.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe Pour une description du problème, je dirai : - apparition fenetres de virus fréquentes - processus masqué "spyware detection alert" - ouverture de popups pendant le surf - ... Merci d'avance de m'aider à régler ces problèmes

J'y est pensé mais j'ai pas pris le temps de le faire encore . Peux toujours essayer. Comme prévu cela n'a servi à rien . Il va certainement partir en garentie

Pas de problème lol c'est vrai que je n'en ai pas parlé car pour moi ca coulait de source en indiquant que c'étais un pc portable

Salut, Désolé d'etre si direct As tu lu ce que j'ai écris ? J'ai également fournit une screenshot, sur celle-ci tu vois que je suis connecté en WiFi d'où l'accès à Internet ^^. Pour ta question sur les pilotes, apres avoir désinstallé/réinstallé plusieurs fois la carte réseau, j'ai mis les derniers. Oui la carte réseau est détectée comme installée et opérationnelle dans le gestionnaire de périphérique.

Tu parles du cable RJ45 ou l'encoche pour le mettre ? Si ta question est : Est-ce un cable fabriqué et est-il correct ? Je te dirai non c'est un cable acheté et fonctionnant. Maintenant pour ce qui s'agit des contacts "or" de la carte, aucun ne manque. Pour donner plus de détails, j'ai formaté il y a 3 jours (utilisation ghost d'usine fournit par le fabriquant), la carte réseau ne me prend plus les câbles.

Je suis actuellement sur le Pc portable sur lequel se situe le problème. La carte réseau est visible en démarrant l'OS ainsi que dans le BIOS. Le problème est que la carte réseau ne capte plus les câbles qui y sont encochés. Que ce soit le cable connecté au routeur ainsi que les tests effectués de Pc à Pc avec plusieurs cables qui sont fonctionnels. Le problème est donc de savoir si c'est un probleme matériel Si quelqu'un peut m'orienter / aider je l'en remercie.

Va sur le forum dédié aux analyses hijackthis et réalise un pré-nettoyage. Poste les rapports et hop te voici apte à être aidé

Bien le bonsoir, Pourrais-tu poster un log hijackthis afin que tu puisses être aiguillé ? Car avec si peu d'informations, c'est comme chercher une aiguille dans une botte de foin. En effet, les codes ne se comptent plus et leurs méfaits également. Cordialement

Bonjour à toi mya et bienvenu sur le forum de Zébulon. Ca ne marche pas comme ca , il te faut créer ton propre topic en indiquant tes problèmes et en suivant la procédure de pré-néttoyage

Bonjour jc07 et bienvenu sur le forum de zébulon. En attendant qu'un membre qualifié s'occupe de toi, je te conseille d'éffectuer la procédure de pré-néttoyage ici. Ne t'inquiete pas et patiente en attendant de l'aide.

N'oubli pas d'effectuer une edition complete de ton premier message si tu n'as plus de problèmes en indiquant [résolu]. Cordialement

Et bien, le forum est ouvert à tout le monde , il lui suffit de faire le pré-néttoyage, ainsi q'une description de son problème dans un nouveau poste.

Lol ^^ ravi de vous avoir fait progressé par mon infection

Voilà c'est fait Merci du temps que tu m'as accordé.

Oui je sais Dois-je supprimer le contenu de MovedFiles ?

Et bien, j'avais réglé les autres soucis avant de venir ici... Quelques petits trucs comme une redirection web par exemple. Et dire que tout ca aura été provoqué par ma stupidité (j'avais désactivé l'antivirus pour installer un truc j'ai oublié de le remettre, j'ai été modéré un forum et en checkant un lien posté, me voici infecté Bref ! Merci à toute les personnes ayant participées à ma désinfection. je vous souhaite une bonne continuation. En remerciant toute l'équipe sécurité, bonne soirée à tous et encore merci (1/2 journée à la place de formater ) Cordialement T@r!

Le processus a disparu de la barre des tâches, je finis avec le .reg et le OTmoveIt ?

Bonsoir a tous, Ok, je poste le rapport smitfraudfix apres le nettoyage base de registre ? SmitFraudFix v2.197 Rapport fait à 20:03:04,40, 01/07/2007 Executé à partir de C:\Documents and Settings\sundering-pc\Bureau\Fix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{94524218-9af3-4643-9687-cbc2880e54da}"="fagging" [HKEY_CLASSES_ROOT\CLSID\{94524218-9af3-4643-9687-cbc2880e54da}\InProcServer32] @="C:\WINDOWS\system32\nuqjici.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{94524218-9af3-4643-9687-cbc2880e54da}\InProcServer32] @="C:\WINDOWS\system32\nuqjici.dll" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Realtek RTL8168/8111 PCI-E Gigabit Ethernet NIC - Miniport d'ordonnancement de paquets DNS Server Search Order: 80.10.246.130 DNS Server Search Order: 80.10.246.3 DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{B3BE324A-D2D6-474E-90F8-D0E811F343A4}: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B3BE324A-D2D6-474E-90F8-D0E811F343A4}: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{B3BE324A-D2D6-474E-90F8-D0E811F343A4}: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=80.10.246.130 80.10.246.3 192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{94524218-9af3-4643-9687-cbc2880e54da}"="fagging" [HKEY_CLASSES_ROOT\CLSID\{94524218-9af3-4643-9687-cbc2880e54da}\InProcServer32] @="C:\WINDOWS\system32\nuqjici.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{94524218-9af3-4643-9687-cbc2880e54da}\InProcServer32] @="C:\WINDOWS\system32\nuqjici.dll" »»»»»»»»»»»»»»»»»»»»»»»» Fin

Et voici, 07/01/07 19:57:01 [info]: BlackLight Engine 1.0.64 initialized 07/01/07 19:57:01 [info]: OS: 5.1 build 2600 (Service Pack 2) 07/01/07 19:57:01 [Note]: 7019 4 07/01/07 19:57:01 [Note]: 7005 0 07/01/07 19:57:03 [Error]: 6024 1 07/01/07 19:57:03 [Error]: 6024 1 07/01/07 19:57:03 [Note]: 7006 0 07/01/07 19:57:03 [Note]: 7011 1660 07/01/07 19:57:03 [Note]: 7026 0 07/01/07 19:57:03 [Note]: 7026 0 07/01/07 19:57:03 [Note]: 7015 2264 07/01/07 19:57:03 [Note]: 7015 87 07/01/07 19:57:05 [Note]: FSRAW library version 1.7.1022 07/01/07 19:58:20 [Note]: 7007 0