lsylvie
-
Compteur de contenus
14 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Messages posté(e)s par lsylvie
-
-
Bonjour,
Voilà le rapport de Kaspersky On-line
KASPERSKY ON-LINE SCANNER REPORT
Friday, August 31, 2007 2:27:57 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 1 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 30/08/2007
Enregistrements dans la base antivirus Kaspersky : 375375
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
Statistiques de l'analyse
Total d'objets analysés 106593
Nombre de virus trouvés 6
Nombre d'objets infectés 275 / 0
Nombre d'objets suspects 3
Durée de l'analyse 07:01:57
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cert8.db L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\formhistory.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\GoogleToolbarData\googlesafebrowsing.db L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\history.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\key3.db L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\parent.lock L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\search.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbc2e.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbdam L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbdao L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbeam L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbeao L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbm L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbu2d.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbvm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\dbvmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\fii.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\fiih.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\hp L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\hpt2i.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\rpm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\rpm1m.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\rpm1mh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\rpmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-black-enchashm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-black-enchashmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-black-urlm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-black-urlmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-malware-domainm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-malware-domainmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-white-domainm.cf1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Google\Google Desktop\68f6b411467c\safeweb\goog-white-domainmh.ht1 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Historique\History.IE5\MSHist012007083020070831\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\Adobelm_Cleanup.0001.dir.0003\~efe2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\Adobelm_Cleanup.0001.dir.0004\~efe2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\Photoshop Temp75026 L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\~DF5053.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temp\~DF67B2.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\sl\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\sl\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\sl\NTUSER.DAT.LOG L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\config\configuration\org.eclipse.core.runtime\.manager\.tmp51253.instance L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ibdata1 L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile0 L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\ib_logfile1 L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhasset.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetcacheitem.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhassetversioncacheitem.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabel.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhlabeltoversion.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhmessage.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpqentry.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishlog.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishserver.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhpublishstateitem.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhresult.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreview.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhreviewcomment.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhrole.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhschemaversion.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsequence.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhserverglobals.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettings.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhsettingssection.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhthumbnail.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuser.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhuserrole.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpmetadata.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\data\versioncue\bhxmpproperty.ibd L'objet est verrouillé ignoré
C:\Program Files\Adobe\Adobe Version Cue CS2\logs\VersionCue.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx L'objet est verrouillé ignoré
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP19\A0111737.exe.mwt L'objet est verrouillé ignoré
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP26\A0200256.exe.mwt Infecté : Backdoor.Win32.VB.bco ignoré
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP26\A0200257.exe.mwt Infecté : Backdoor.Win32.VB.bco ignoré
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP31\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1BNSJB8K\lam[1].exe.mwt Infecté : Backdoor.Win32.IRCBot.wt ignoré
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1BNSJB8K\mmdmm[1].exe Infecté : Backdoor.Win32.VanBot.el ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\o Infecté : Trojan-Downloader.BAT.Ftp.ab ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\Temp\hsperfdata_SYSTEM\1856 L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ib80 L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ib81 L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ib82 L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd61diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd61diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd62diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd62diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd63diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd63diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd64adiaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd64bdiaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd64diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd65diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd65diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd66diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd66diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd67diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd67diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd68diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd68diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd69diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd69diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\100diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\100diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\101diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\101diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\102diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\102diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\103diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\103diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\104diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\104diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\105diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\105diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\106diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\106diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\107diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\107diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\108diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\108diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\109diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\10diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\10diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\110diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\111diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\112diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\113diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\114diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\115diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\116diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\117diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\118diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\119diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\11diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\11diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\120diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\121diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\122diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\123diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\124diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\125diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\126diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\127diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\128diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\129diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\12diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\12diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\130diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\131diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\132diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\133diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\134diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\135diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\136diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\137diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\138diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\139diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\13diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\13diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\140diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\141diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\142diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\143diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\144diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\145diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\146diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\147diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\148diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\149diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\14diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\14diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\150diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\15diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\15diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\16diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\16diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\17diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\17diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\18diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\18diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\19diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\19diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\20diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\20diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\21diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\21diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\22diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\22diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\23diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\23diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\24diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\24diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\25diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\25diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\26diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\26diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\27diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\27diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\28diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\28diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\29diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\29diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\30diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\30diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\31diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\31diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\32diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\32diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\33diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\33diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\34diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\34diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\35diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\35diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\36diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\36diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\37diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\37diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\38diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\38diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\39diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\39diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\40diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\40diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\41diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\41diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\42diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\42diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\43diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\43diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\44diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\44diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\45diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\45diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\46diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\46diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\47diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\47diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\48diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\48diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\49diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\49diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\50diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\50diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\51diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\51diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\52diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\52diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\53diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\53diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\54diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\54diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\55diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\55diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\56diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\56diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\57diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\57diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\58diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\58diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\59diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\59diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\60diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\60diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\61diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\61diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\62diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\62diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\63diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\63diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\64diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\64diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\65diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\66diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\66diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\67diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\67diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\68diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\68diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\69diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\69diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\70diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\70diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\71diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\71diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\72diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\72diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\73diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\73diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\74diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\74diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\75diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\75diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\76diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\76diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\77diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\77diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\78diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\78diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\79diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\79diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\80diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\80diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\81diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\81diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\82diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\82diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\83diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\83diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\84diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\84diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\85diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\85diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\86diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\86diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\87diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\87diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\88diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\88diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\89diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\89diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\90diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\90diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\91diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\91diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\92diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\92diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\93diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\93diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\94diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\94diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\95diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\95diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\96diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\96diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\97diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\97diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\98diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\98diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\99diaporama_campscout04.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\99diaporama_campscout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_1.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_2.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_3.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_4.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_5.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout05_6.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout1.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout2.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout3.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dd6\galeriescout4.html Infecté : Net-Worm.Win32.Allaple.a ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
E:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
J'ai encore 6 virus , 275 fichiers infectés et 3 objets suspect.
Merci
A bientôt
Sylvie
-
Je t'ai mis les deux rapports celui que j'ai copié/collé depuis la fenêtre Virus Log Information à l'adresse suivante : http://www.scoutsdefourmies.fr/rapport/escan2808.rtf et celui que j'ai trouvé dans le dossier C:\Kaspersky : http://www.scoutsdefourmies.fr/rapport/mwav.log
A bientôt.
Sylvie
-
Oui du rapport que j'ai copié/collé depuis la fenêtre Virus Log Information.
Apparement ca ne va pas, est-ce qu'il faut que je recommence ?
Sylvie
-
Voilà la fin du document que j'ai sauvegardé :
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198138.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198139.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198140.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198141.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198142.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198143.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198144.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198145.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198146.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198147.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198148.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198149.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198150.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198151.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198152.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198153.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198154.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198155.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198156.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198157.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198158.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198159.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198160.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198161.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198162.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198163.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198164.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198165.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198166.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198167.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198168.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198169.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198170.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198171.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198172.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198173.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198174.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198175.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198176.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198177.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198178.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198179.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198180.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198181.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198182.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198183.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198184.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198185.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198186.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198187.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198188.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198189.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198190.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198191.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198192.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198193.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198194.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198195.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198196.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198197.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198198.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198199.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198200.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198201.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198202.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198203.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198204.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198205.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198206.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198207.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198208.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198209.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198210.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198211.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198212.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198213.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198214.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198215.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198216.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198217.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198218.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198219.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198220.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198221.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198222.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198223.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198224.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198225.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198226.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198227.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198228.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198229.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198230.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198231.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198232.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198233.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198234.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198235.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198236.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198237.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198238.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198239.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198240.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198241.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198242.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198243.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198244.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198245.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198246.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198247.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198248.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198249.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198250.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
File E:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0198251.exe infected by "Net-Worm.Win32.Allaple.e" Virus. Action Taken: File Deleted.
Sylvie
-
Bonjour Bruce Lee,
Le rapport est trop long et trop lourd pour te l'envoyer.
Voilà une partie du rapport mwav.log que j'ai trouvé dossier C:\Kaspersky pour te donner une idée de la taille de mon fichier.
Est-ce que cela suffit ?
Tue Aug 28 19:38:34 2007 => ***** Checking for specific ITW Viruses *****
Tue Aug 28 19:38:34 2007 => Checking for Welchia Virus...
Tue Aug 28 19:38:34 2007 => Checking for LovGate Virus...
Tue Aug 28 19:38:34 2007 => Checking for CodeRed Virus...
Tue Aug 28 19:38:34 2007 => Checking for OpaServ Virus...
Tue Aug 28 19:38:34 2007 => Checking for Sobig.e Virus...
Tue Aug 28 19:38:34 2007 => Checking for Winupie Virus...
Tue Aug 28 19:38:34 2007 => Checking for Swen Virus...
Tue Aug 28 19:38:34 2007 => Checking for JS.Fortnight Virus...
Tue Aug 28 19:38:34 2007 => Checking for Novarg Virus...
Tue Aug 28 19:38:34 2007 => Checking for Pagabot Virus...
Tue Aug 28 19:38:34 2007 => Checking for Parite.b Virus...
Tue Aug 28 19:38:34 2007 => Checking for Parite.a Virus...
Tue Aug 28 19:38:35 2007 => ***** Scanning complete. *****
Tue Aug 28 19:38:35 2007 => Total Number of Files Scanned: 114246
Tue Aug 28 19:38:35 2007 => Total Number of Virus(es) Found: 17936
Tue Aug 28 19:38:35 2007 => Total Number of Disinfected Files: 10791
Tue Aug 28 19:38:35 2007 => Total Number of Files Renamed: 36
Tue Aug 28 19:38:35 2007 => Total Number of Deleted Files: 7100
Tue Aug 28 19:38:35 2007 => Total Number of Errors: 5
Tue Aug 28 19:38:35 2007 => Time Elapsed: 03:57:21
Tue Aug 28 19:38:35 2007 => Virus Database Date: 2007/08/28
Tue Aug 28 19:38:35 2007 => Virus Database Count: 393985
Tue Aug 28 19:38:35 2007 => Scan Completed.
Tue Aug 28 19:42:07 2007 => Virus Database Date: 2007/08/28
Tue Aug 28 19:42:07 2007 => Virus Database Count: 393985
Tue Aug 28 19:42:11 2007 => Generating Virus List... getvlist.exe C:\KASPER~1\vlist.txt
Sylvie
-
Le voilà :
File/Folder C:\WINDOWS\system32\flevob.exe not found.
File/Folder C:\WINDOWS\system32\msszbl.exe not found.
File/Folder C:\Documents and Settings\All Users\Application Data\nbkrjlbx.exe not found.
C:\vpgrugqxn.exe moved successfully.
C:\WINDOWS\system32\tjsm.bat moved successfully.
File/Folder C::\WINDOWS\system32\jjcdug.bat not found.
File/Folder C:\WINDOWS\help\lsass.exe not found.
File/Folder C:\WINDOWS\help\internat.exe not found.
Created on 08/24/2007 19:51:33
Sylvie
-
Bonjour Bruce Lee,
Voilà mes différents rapports :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:19:28 24/08/2007
+ Résultat de l'analyse:
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\1BNSJB8K\iea[1].exe -> Adware.BHO : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP24\A0173853.exe -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP22\A0164788.exe -> Backdoor.Rbot.bni : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP22\A0164789.exe -> Backdoor.Rbot.bni : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP24\A0171851.exe -> Downloader.ConHook.ah : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP24\A0171867.exe -> Downloader.ConHook.ah : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP24\A0171868.exe -> Downloader.ConHook.ah : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0191961.exe -> Downloader.ConHook.ah : Nettoyé.
C:\WINDOWS\system32\flevob.exe -> Dropper.Small : Nettoyé.
C:\WINDOWS\system32\msszbl.exe -> Dropper.Small : Nettoyé.
C:\Documents and Settings\sl\Bureau\EliBaglA.exe -> Heuristic.Win32.AVKiller : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP25\A0195761.exe -> Not-A-Virus.Exploit.DCom.58 : Nettoyé.
:mozilla.21:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.22:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.106:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.107:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.108:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.109:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.33:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.73:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.60:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.61:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.62:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.28:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.59:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.111:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.112:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.113:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.114:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.122:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.50:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.132:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.133:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.134:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.135:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.136:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.137:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.77:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.78:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.79:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.115:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.72:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.130:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.131:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP24\A0173852.dll -> Trojan.Klone.k : Nettoyé.
Fin du rapport
SDFix: Version 1.99
Run by sl on 24/08/2007 at 19:25
Microsoft Windows XP [version 5.1.2600]
Running From: C:\PROGRA~1\SDFix\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\system32\o - Deleted
C:\WINDOWS\system32\TFTP2960 - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
File Backups: - C:\PROGRA~1\SDFix\SDFix\backups\backups.zip
Registry Backups: - C:\PROGRA~1\SDFix\SDFix\backups\backupreg.zip
Full Registry Backup: - C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
Files with Hidden Attributes:
C:\dgkwclxjo.exe
C:\hugndcbst.exe
C:\idjybhijh.exe
C:\nokzaqjbo.exe
C:\nukfztsxx.exe
C:\vpgrugqxn.exe
C:\ykrwmocrr.exe
C:\yrjqxswgo.exe
C:\Program Files\Picasa2\setup.exe
C:\Documents and Settings\sl\Application Data\Microsoft\Word\~WRL0124.tmp
C:\WINDOWS\LastGood.Tmp\INF\NVAUtlml.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem11.inf
C:\WINDOWS\LastGood.Tmp\INF\oem11.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem12.inf
C:\WINDOWS\LastGood.Tmp\INF\oem12.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem13.inf
C:\WINDOWS\LastGood.Tmp\INF\oem13.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem14.inf
C:\WINDOWS\LastGood.Tmp\INF\oem14.PNF
Finished
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:20, on 28/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\NVATray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gsearching.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Microsoft OCX] C:\WINDOWS\System32\sphgsxcxh.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186517483380
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
--
End of file - 9959 bytes
Encore merci pour ton aide.
A bientôt.
Sylvie
-
Bonjour Bruce Lee,
Voilà mes deux rapports :
ComboFix 07-08-17.2 - "sl" 2007-08-23 17:32:24.3 - NTFSx86
Command switches used :: /v mmdute
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\mmdute.dll
((((((((((((((((((((((((( Files Created from 2007-07-23 to 2007-08-23 )))))))))))))))))))))))))))))))
2007-08-23 17:18 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-22 14:43 15,785 --a------ C:\WINDOWS\system32\flevob.exe
2007-08-22 14:34 <REP> d-------- C:\Program Files\Sunbelt Software
2007-08-22 14:24 15,785 --a------ C:\WINDOWS\system32\msszbl.exe
2007-08-22 13:52 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-21 20:44 <REP> d-------- C:\Program Files\SDFix
2007-08-21 20:28 <REP> d-------- C:\hijackthis
2007-08-21 20:26 <REP> d-------- C:\Program Files\Trend Micro
2007-08-21 14:10 99,744 --a------ C:\WINDOWS\system32\taskmgrr.exe
2007-08-21 00:30 78,336 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\nbkrjlbx.exe
2007-08-18 13:43 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Media Player Classic
2007-08-17 19:14 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-08-17 19:14 740,442 --a------ C:\WINDOWS\system32\divx.dll
2007-08-17 19:14 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-17 19:14 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-08-17 19:14 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-17 19:14 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-08-17 19:14 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-08-17 19:14 163,840 --a------ C:\WINDOWS\system32\unrar.dll
2007-08-17 19:14 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2007-08-17 19:14 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Real
2007-08-17 19:14 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
2007-08-16 23:54 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Opera
2007-08-16 12:43 28,880 --a------ C:\DOCUME~1\sl\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-08-16 12:36 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-08-15 19:14 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
2007-08-15 19:10 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared
2007-08-15 19:08 <REP> d--h----- C:\WINDOWS\PIF
2007-08-14 14:12 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-08-14 14:12 <REP> d-------- C:\WINDOWS\LastGood
2007-08-14 14:08 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-08-14 00:44 <REP> d-------- C:\WINDOWS\system32\MWWW
2007-08-13 17:00 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-13 16:44 <REP> d-------- C:\VundoFix Backups
2007-08-13 15:04 0 -rahs---- C:\vpgrugqxn.exe
2007-08-13 13:37 <REP> d-------- C:\WINDOWS\system32\appmgmt
2007-08-13 13:36 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\StarOffice8
2007-08-13 13:29 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-13 13:29 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-08-13 13:23 <REP> d--hs---- C:\WINDOWS\CSC
2007-08-12 16:43 101,944 --a------ C:\WINDOWS\system32\lion.exe
2007-08-12 00:18 114 --a------ C:\WINDOWS\system32\tjsm.bat
2007-08-11 23:56 119 --a------ C:\WINDOWS\system32\jjcdug.bat
2007-08-11 13:32 83,024 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-08-11 13:32 57,424 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-08-11 13:32 53,840 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-08-11 13:32 39,376 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-08-11 13:32 29,264 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-08-11 13:31 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-08-11 13:31 <REP> d-------- C:\Program Files\Spyware Doctor
2007-08-11 13:31 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\PC Tools
2007-08-11 13:15 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Google
2007-08-11 13:02 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-08-11 13:02 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-08-11 12:59 <REP> d-------- C:\Program Files\Picasa2
2007-08-11 12:49 <REP> d-------- C:\Program Files\Norton Security Scan
2007-08-11 12:29 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-08-11 12:28 <REP> d-------- C:\Program Files\Google
2007-08-11 00:14 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-08-11 00:14 57,472 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2007-08-11 00:14 530,816 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2007-08-11 00:14 44,416 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-08-11 00:14 4,096 -ra------ C:\WINDOWS\system32\nvack.dll
2007-08-11 00:14 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-08-11 00:14 162,304 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2007-08-11 00:14 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-08-11 00:14 131,712 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-08-11 00:14 13,056 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2007-08-11 00:13 13,502 -ra------ C:\WINDOWS\system32\drivers\nv_agp.SYS
2007-08-11 00:13 <REP> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdit.dll
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdfr.dll
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdel.dll
2007-08-11 00:10 282,624 -ra------ C:\WINDOWS\system32\NVAPanel.exe
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdzht.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdzhc.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdtr.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsv.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsk.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdru.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdptb.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdpt.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdpl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdno.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdnl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdko.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdja.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdhu.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdhe.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdfi.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdes.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdeng.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdde.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-23 15:39 165 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2007-08-22 21:27 49152 --a------ C:\WINDOWS\help\lsass.exe
2007-08-22 21:27 221184 --a------ C:\WINDOWS\help\internat.exe
2007-08-09 01:46 2410 --a------ C:\WINDOWS\pchealth\HelpCtr\PackageStore\SkuStore.bin
2007-08-07 22:04 8738 --a------ C:\WINDOWS\pchealth\HelpCtr\Config\Cntstore.bin
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9BD5F054-4694-4E17-B860-07C4629977B9}]
C:\WINDOWS\System32\geebc.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E5AEDD3-A47C-4532-896C-588073F754D9}]
C:\WINDOWS\System32\ddccd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Version Cue CS2"="C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 16:53]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49]
"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2001-11-28 12:43 C:\WINDOWS\system32\NVATray.exe]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-11 12:40]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-06-16 01:15]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-06-12 13:19]
"Microsoft OCX"="C:\WINDOWS\System32\sphgsxcxh.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-06-14 18:32]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"Local Security Authority Service"="C:\WINDOWS\System32\lssas.exe" []
"Windows Logon Application"="C:\WINDOWS\System32\logon.exe" []
"ICQ Agent"="C:\WINDOWS\System32\icq6.exe" []
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 11:45]
"Microsoft Office"="C:\WINDOWS\System32\mdm.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Windows Serces Agnt"=hwehrokmu.exe
"Windows Service Agent"=pmcoanej.exe
"ICQ Agent"=C:\WINDOWS\System32\icq6.exe
C:\Documents and Settings\sl\Menu D‚marrer\Programmes\D‚marrage\
StarOffice 8.lnk - C:\Program Files\Sun\StarOffice 8\program\quickstart.exe [2007-02-02 17:55:10]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
D‚marrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24]
Lancement rapide d'Adobe Acrobat.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000002}\SC_Acrobat.exe [2007-08-08 14:21:14]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-11 12:29:04]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebxxxu]
gebxxxu.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\geebc]
C:\WINDOWS\System32\geebc.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
R1 avipbb;avipbb;C:\WINDOWS\System32\DRIVERS\avipbb.sys
R1 fwdrv;Firewall Driver;C:\WINDOWS\System32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\System32\drivers\khips.sys
R1 ssmdrv;ssmdrv;C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe"
S4 Guarddy;Win32_Guard;"C:\WINDOWS\Win32Cam.exe"
Contents of the 'Scheduled Tasks' folder
2007-08-22 22:00:10 C:\WINDOWS\Tasks\HPpromotions psc 2350 series.job - C:\Program Files\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe
2007-08-17 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job - C:\Program Files\Norton Security Scan\Nss.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-23 17:48:18
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-23 17:55:28 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-23 17:55
C:\ComboFix2.txt ... 2007-08-22 14:21
C:\ComboFix3.txt ... 2007-08-14 14:00
--- E O F ---
_________________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:37:14, on 24/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\sdtrayapp.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\NVATray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\mmdmm.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\taskmgr.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gsearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {9BD5F054-4694-4E17-B860-07C4629977B9} - C:\WINDOWS\System32\geebc.dll (file missing)
O2 - BHO: (no name) - {9E5AEDD3-A47C-4532-896C-588073F754D9} - C:\WINDOWS\System32\ddccd.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Microsoft OCX] C:\WINDOWS\System32\sphgsxcxh.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe
O4 - HKLM\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [mmsass] mmdmm.exe
O4 - HKLM\..\RunServices: [mmsass] mmdmm.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-1960408961-1580818891-725345543-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-1960408961-1580818891-725345543-1003 Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe (User '?')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186517483380
O20 - Winlogon Notify: gebxxxu - gebxxxu.dll (file missing)
O20 - Winlogon Notify: geebc - C:\WINDOWS\System32\geebc.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
--
End of file - 10698 bytes
Sylvie
-
Re bonjour Bruce Lee,
Je suis bloquée lorsque je copie/colle le : "%userprofile%\Bureau\combofix.exe" /v mmdute
J'ai une fenetre d'antivir qui s'ouvre :
"A virus or unwanted prgram was found"
C:\Combox\nircmd.exe
Contains signature of the application APPL/NirCmd.1
Qu'est-ce que je dois faire ?
Merci
Sylvie
-
Voilà le rapport vundofix, est-ce que c'est le bon ?
C:\WINDOWS\System32\dccdd.bak1
C:\WINDOWS\System32\dccdd.bak2
C:\WINDOWS\System32\dccdd.ini
C:\WINDOWS\System32\dccdd.ini2
C:\WINDOWS\System32\dccdd.tmp
C:\WINDOWS\System32\ddccd.dll
C:\WINDOWS\System32\geebc.dll
______________________________
et voilà un nouveau rapport de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:25, on 23/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\NVATray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gsearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7e25076a-098d-48c5-94af-59f7f9a2bca7} - C:\WINDOWS\system32\mmdute.dll
O2 - BHO: (no name) - {9BD5F054-4694-4E17-B860-07C4629977B9} - C:\WINDOWS\System32\geebc.dll (file missing)
O2 - BHO: (no name) - {9E5AEDD3-A47C-4532-896C-588073F754D9} - C:\WINDOWS\System32\ddccd.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C84D8A0A-E708-42B6-90CA-9C30956A87C6} - C:\WINDOWS\System32\gebxxxu.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Microsoft OCX] C:\WINDOWS\System32\sphgsxcxh.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe
O4 - HKLM\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186517483380
O20 - Winlogon Notify: gebxxxu - gebxxxu.dll (file missing)
O20 - Winlogon Notify: geebc - C:\WINDOWS\System32\geebc.dll (file missing)
O20 - Winlogon Notify: mmdute - C:\WINDOWS\SYSTEM32\mmdute.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
--
End of file - 10764 bytes
Merci
Sylvie
-
Bonjour Bruce Lee,
Voilà le resultat pour la manip sur les fichiers de C:\WINDOWS\system32\lion.exe et C:\rundll32.exe, je n'ai pas trouvé le fichier C:\GooleToolbar.exe.
Service load:
0% 100%
File: lion.exe Status:
OK(Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 707e255093fc68588a648efb5e110998 Packers detected:
PE_PATCH
Bit9 reports: File not found
Service load:
0% 100%
File: rundll32.exe Status:
OK
MD5: ac0f912ea7571e9c1ad7b64c83f72bd9 Packers detected:
-
Bit9 reports:
Voilà maintenant le rappot de Vundofix :
C:\WINDOWS\System32\cbeeg.bak1
C:\WINDOWS\System32\cbeeg.ini
C:\WINDOWS\System32\geebc.dll
Merci.
Sylvie
-
Bonjour Bruce Lee,
Merci pour ton aide.
J'ai suivi toute la procédure et voilà mes différents rapports :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 13:47:20 22/08/2007
+ Résultat de l'analyse:
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Erreur lors du nettoyage.
HKU\S-1-5-21-1960408961-1580818891-725345543-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP19\A0103730.exe -> Backdoor.IRCBot.acp : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP19\A0104741.exe -> Backdoor.IRCBot.acp : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{C194E732-D9F3-4DA3-8753-19CAC5B41D72}\RP20\A0133759.exe -> Backdoor.IRCBot.acp : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8LYRKDIN\mmdmm[1].exe -> Backdoor.IRCBot.acp : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KPYN0T67\mmdmm[1].exe -> Backdoor.IRCBot.acp : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\.exe -> Backdoor.Rbot.bni : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\irdvxc.exe -> Backdoor.Rbot.bni : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.118:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.219:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.189:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.47:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.48:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.50:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.51:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.48:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.49:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.52:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.53:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.87:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.88:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.89:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.90:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.132:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.71:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.49:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.93:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.31:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.32:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.33:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.37:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.38:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.39:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.45:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.47:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.8:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.8:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.13:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.14:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.15:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.16:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.18:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.19:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.54:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.55:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.56:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.57:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.58:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.59:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.60:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.138:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.139:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.80:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.81:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.102:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.57:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.115:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.58:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.97:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.119:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.120:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.121:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.122:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.123:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.124:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.150:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.151:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.152:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.153:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.154:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.155:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.140:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.141:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.82:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.83:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.22:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.87:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.88:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.178:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.11:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.6:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.90:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.91:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.44:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.46:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.92:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.93:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.94:C:\Documents and Settings\sl\Application Data\Mozilla\Firefox\Profiles\bqb52rlr.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
Fin du rapport
_____________________________________________
SDFix: Version 1.99
Run by sl on 22/08/2007 at 13:53
Microsoft Windows XP [version 5.1.2600]
Running From: C:\PROGRA~1\SDFix\SDFix
Safe Mode:
Checking Services:
Name:
MSDisk
ImagePath:
"C:\WINDOWS\System32\irdvxc.exe" /service
MSDisk - Deleted
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
C:\WINDOWS\SYSTEM32\ANNOOA.EXE - Deleted
C:\WINDOWS\SYSTEM32\HD.EXE - Deleted
C:\WINDOWS\SYSTEM32\OW.EXE - Deleted
C:\WINDOWS\SYSTEM32\RW.EXE - Deleted
C:\WINDOWS\SYSTEM32\SYSINFO.EXE - Deleted
C:\WINDOWS\system32\mmdmm.exe - Deleted
C:\WINDOWS\system32\o - Deleted
C:\WINDOWS\system32\sysinfo.exe - Deleted
Removing Temp Files...
ADS Check:
C:\WINDOWS
No streams found.
C:\WINDOWS\system32
No streams found.
C:\WINDOWS\system32\svchost.exe
No streams found.
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
Remaining Files:
---------------
File Backups: - C:\PROGRA~1\SDFix\SDFix\backups\backups.zip
Registry Backups: - C:\PROGRA~1\SDFix\SDFix\backups\backupreg.zip
Full Registry Backup: - C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE
Files with Hidden Attributes:
C:\dgkwclxjo.exe
C:\GooleToolbar.exe
C:\hugndcbst.exe
C:\idjybhijh.exe
C:\nokzaqjbo.exe
C:\nukfztsxx.exe
C:\rundll32.exe
C:\vpgrugqxn.exe
C:\ykrwmocrr.exe
C:\yrjqxswgo.exe
C:\Program Files\Picasa2\setup.exe
C:\RECYCLER\S-1-5-21-1960408961-1580818891-725345543-1003\Dc16.exe
C:\WINDOWS\system32\a.exe
C:\WINDOWS\LastGood.Tmp\INF\NVAUtlml.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem11.inf
C:\WINDOWS\LastGood.Tmp\INF\oem11.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem12.inf
C:\WINDOWS\LastGood.Tmp\INF\oem12.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem13.inf
C:\WINDOWS\LastGood.Tmp\INF\oem13.PNF
C:\WINDOWS\LastGood.Tmp\INF\oem14.inf
C:\WINDOWS\LastGood.Tmp\INF\oem14.PNF
Finished
_____________________________________________
ComboFix 07-08-22.2 - "sl" 2007-08-22 14:16:16.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.82 [GMT 2:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Autorun.inf
E:\Autorun.inf
((((((((((((((((((((((((( Files Created from 2007-07-22 to 2007-08-22 )))))))))))))))))))))))))))))))
2007-08-22 14:15 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-22 14:04 53,760 ---hs---- C:\WINDOWS\system32\mdm.exe
2007-08-22 13:52 <REP> d-------- C:\WINDOWS\ERUNT
2007-08-21 20:55 262,144 --a------ C:\WINDOWS\system32\config\SYSTEM~1\NtUser.dat
2007-08-21 20:44 <REP> d-------- C:\Program Files\SDFix
2007-08-21 20:28 <REP> d-------- C:\hijackthis
2007-08-21 20:26 <REP> d-------- C:\Program Files\Trend Micro
2007-08-21 14:10 99,744 --a------ C:\WINDOWS\system32\taskmgrr.exe
2007-08-21 00:30 78,336 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\nbkrjlbx.exe
2007-08-20 14:34 48,128 ---hs---- C:\rundll32.exe
2007-08-20 01:13 48,128 ---hs---- C:\GooleToolbar.exe
2007-08-18 13:43 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Media Player Classic
2007-08-17 19:14 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2007-08-17 19:14 740,442 --a------ C:\WINDOWS\system32\divx.dll
2007-08-17 19:14 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
2007-08-17 19:14 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2007-08-17 19:14 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-08-17 19:14 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2007-08-17 19:14 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2007-08-17 19:14 163,840 --a------ C:\WINDOWS\system32\unrar.dll
2007-08-17 19:14 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2007-08-17 19:14 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Real
2007-08-17 19:14 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
2007-08-16 23:54 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Opera
2007-08-16 12:43 28,880 --a------ C:\DOCUME~1\sl\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-08-16 12:36 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AntiVir PersonalEdition Classic
2007-08-15 19:14 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Macrovision
2007-08-15 19:10 <REP> d-------- C:\Program Files\Fichiers communs\Macromedia Shared
2007-08-15 19:08 <REP> d--h----- C:\WINDOWS\PIF
2007-08-15 00:57 24 --a------ C:\WINDOWS\system32\g.bat
2007-08-14 14:12 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-08-14 14:12 <REP> d-------- C:\WINDOWS\LastGood
2007-08-14 14:08 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
2007-08-14 00:44 <REP> d-------- C:\WINDOWS\system32\MWWW
2007-08-13 17:00 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-13 16:44 <REP> d-------- C:\VundoFix Backups
2007-08-13 15:04 0 -rahs---- C:\vpgrugqxn.exe
2007-08-13 13:37 <REP> d-------- C:\WINDOWS\system32\appmgmt
2007-08-13 13:36 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\StarOffice8
2007-08-13 13:29 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-08-13 13:29 <REP> dr------- C:\DOCUME~1\ADMINI~1\Menu D‚marrer
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage r‚seau
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\Voisinage d'impression
2007-08-13 13:29 <REP> d--h----- C:\DOCUME~1\ADMINI~1\ModŠles
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Mes documents
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Favoris
2007-08-13 13:29 <REP> d-------- C:\DOCUME~1\ADMINI~1\Bureau
2007-08-13 13:23 <REP> d--hs---- C:\WINDOWS\CSC
2007-08-12 16:43 101,944 --a------ C:\WINDOWS\system32\lion.exe
2007-08-12 00:18 114 --a------ C:\WINDOWS\system32\tjsm.bat
2007-08-11 23:56 119 --a------ C:\WINDOWS\system32\jjcdug.bat
2007-08-11 13:32 83,024 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-08-11 13:32 57,424 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-08-11 13:32 53,840 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-08-11 13:32 39,376 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-08-11 13:32 29,264 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-08-11 13:31 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-08-11 13:31 <REP> d-------- C:\Program Files\Spyware Doctor
2007-08-11 13:31 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\PC Tools
2007-08-11 13:15 <REP> d-------- C:\DOCUME~1\sl\APPLIC~1\Google
2007-08-11 13:02 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-08-11 13:02 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-08-11 12:59 <REP> d-------- C:\Program Files\Picasa2
2007-08-11 12:49 <REP> d-------- C:\Program Files\Norton Security Scan
2007-08-11 12:29 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-08-11 12:28 <REP> d-------- C:\Program Files\Google
2007-08-11 00:14 57,856 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-08-11 00:14 57,472 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2007-08-11 00:14 530,816 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2007-08-11 00:14 44,416 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-08-11 00:14 4,096 -ra------ C:\WINDOWS\system32\nvack.dll
2007-08-11 00:14 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-08-11 00:14 162,304 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2007-08-11 00:14 134,272 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-08-11 00:14 131,712 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-08-11 00:14 13,056 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2007-08-11 00:13 13,502 -ra------ C:\WINDOWS\system32\drivers\nv_agp.SYS
2007-08-11 00:13 <REP> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdit.dll
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdfr.dll
2007-08-11 00:10 32,768 -ra------ C:\WINDOWS\system32\nvsdel.dll
2007-08-11 00:10 282,624 -ra------ C:\WINDOWS\system32\NVAPanel.exe
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdzht.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdzhc.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdtr.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsv.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdsk.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdru.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdptb.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdpt.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdpl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdno.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdnl.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdko.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdja.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdhu.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdhe.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdfi.dll
2007-08-11 00:10 28,672 -ra------ C:\WINDOWS\system32\nvsdes.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-09 01:46 2410 --a------ C:\WINDOWS\pchealth\HelpCtr\PackageStore\SkuStore.bin
2007-08-07 22:04 8738 --a------ C:\WINDOWS\pchealth\HelpCtr\Config\Cntstore.bin
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Version Cue CS2"="C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-06 16:53]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2004-12-14 02:12]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49]
"NVIDIA nForce APU1 Utilities"="NVATray.exe" [2001-11-28 12:43 C:\WINDOWS\system32\NVATray.exe]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-11 12:40]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-06-16 01:15]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-06-12 13:19]
"Microsoft OCX"="C:\WINDOWS\System32\sphgsxcxh.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-06-14 18:32]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35]
"Microsoft Office"="C:\WINDOWS\System32\mdm.exe" [2007-08-21 18:50]
"Local Security Authority Service"="C:\WINDOWS\System32\lssas.exe" [2002-08-29 11:45]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 11:45]
"Microsoft Office"="C:\WINDOWS\System32\mdm.exe" [2007-08-21 18:50]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Microsoft Office"=C:\WINDOWS\System32\mdm.exe
"Windows Serces Agnt"=hwehrokmu.exe
"Windows Service Agent"=pmcoanej.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{C84D8A0A-E708-42B6-90CA-9C30956A87C6}"= C:\WINDOWS\System32\gebxxxu.dll [2007-08-22 14:21 43542]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebxxxu]
gebxxxu.dll 2007-08-22 14:21 43542 C:\WINDOWS\system32\gebxxxu.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\windows\system32\ssqpnnl.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"
R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys
R1 avipbb;avipbb;C:\WINDOWS\System32\DRIVERS\avipbb.sys
R1 ssmdrv;ssmdrv;C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
S4 Guarddy;Win32_Guard;"C:\WINDOWS\Win32Cam.exe"
Contents of the 'Scheduled Tasks' folder
2007-08-19 22:00:10 C:\WINDOWS\Tasks\HPpromotions psc 2350 series.job - C:\Program Files\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe
2007-08-17 13:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job - C:\Program Files\Norton Security Scan\Nss.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-22 14:20:27
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-22 14:21:58
C:\ComboFix-quarantined-files.txt ... 2007-08-22 14:21
C:\ComboFix2.txt ... 2007-08-14 14:00
--- E O F ---
_____________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:21:19, on 22/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\NVATray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\System32\taskmgr.exe
C:\WINDOWS\System32\mdm.exe
C:\WINDOWS\System32\ctfmon.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.exe
C:\Program Files\Sun\StarOffice 8\program\soffice.BIN
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gsearching.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7e25076a-098d-48c5-94af-59f7f9a2bca7} - C:\WINDOWS\system32\mmdute.dll
O2 - BHO: (no name) - {9BD5F054-4694-4E17-B860-07C4629977B9} - C:\WINDOWS\System32\geebc.dll (file missing)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {C84D8A0A-E708-42B6-90CA-9C30956A87C6} - C:\WINDOWS\System32\gebxxxu.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Microsoft OCX] C:\WINDOWS\System32\sphgsxcxh.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [Local Security Authority Service] C:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\logon.exe
O4 - HKLM\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Windows Service Agent] pmcoanej.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [iCQ Agent] C:\WINDOWS\System32\icq6.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186517483380
O20 - Winlogon Notify: gebxxxu - C:\WINDOWS\SYSTEM32\gebxxxu.dll
O20 - Winlogon Notify: geebc - C:\WINDOWS\System32\geebc.dll (file missing)
O20 - Winlogon Notify: mmdute - C:\WINDOWS\SYSTEM32\mmdute.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
--
End of file - 10504 bytes
-
Bonjour,
Pouvez-vous m'aider à comprendre ce rapport et surtout ce qu'il arrive à mon ordinateur ?
Mes logiciels se bloquent (j'ai souvent le message "Ne réponds pas") et je suis obligée de redémarrer mon ordinateur.
Merci d'avance.
Sylvie
Logfile of HijackThis v1.99.1
Scan saved at 14:05:22, on 21/08/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\pmcoanej.exe
C:\Documents and Settings\sl\Bureau\hijackthis\Scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gsearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [mmsass] mmdmm.exe
O4 - HKLM\..\Run: [amsgupdate] C:\WINDOWS\system32\ams.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Advanced DHTML Enable] C:\WINDOWS\System32\ltsuzc.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKLM\..\Run: [MSN Messenger] C:\WINDOWS\lsass.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Windows Serces Agnt] hwehrokmu.exe
O4 - HKLM\..\Run: [NVIDIA nForce APU1 Utilities] NVATray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [sDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [Microsoft OCX] C:\WINDOWS\System32\sphgsxcxh.exe
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Windows Service Agent] pmcoanej.exe
O4 - HKLM\..\RunServices: [mmsass] mmdmm.exe
O4 - HKLM\..\RunServices: [MSN Messenger] C:\WINDOWS\lsass.exe
O4 - HKLM\..\RunServices: [Windows Serces Agnt] hwehrokmu.exe
O4 - HKLM\..\RunServices: [Windows Service Agent] pmcoanej.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [amsgupdate] C:\WINDOWS\system32\ams.exe
O4 - HKCU\..\Run: [Microsoft Office] C:\WINDOWS\System32\mdm.exe
O4 - HKCU\..\Run: [Windows Service Agent] vefyispe.exe
O4 - HKCU\..\Run: [MSN Messenger] C:\WINDOWS\lsass.exe
O4 - HKCU\..\Run: [Windows Serces Agnt] hwehrokmu.exe
O4 - Startup: StarOffice 8.lnk = C:\Program Files\Sun\StarOffice 8\program\quickstart.exe
O4 - Startup: TribalWeb.lnk = C:\Program Files\TribalWeb\tribalweb.exe
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1186517483380
O20 - AppInit_DLLs: NVDESK32.DLL C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Win32_Guard (Guarddy) - Unknown owner - C:\WINDOWS\Win32Cam.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
Rapport hijackthis
dans Analyses et éradication malwares
Posté(e)
Re,
Je pars en vacances aujourd'hui pour une quinzaine de jours.
Je referai un scan et ferai ce que me demande Malekal morte à mon retour.
A dans 15 jours.
Sylvie