nini1781

Bonjour, Je n'ai pas pu vous répondre plus tôt car j'étais à l'étranger. Apparemment maintenant tout est OK. J'ai désintallé Avast et j'ai mis Antivir à la place. Ci-joint le rapport ToolsCleaner : -->- Recherche: C:\SDFIX: trouvé ! C:\Combofix: trouvé ! C:\Qoobox: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\SdFix.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\SDFX\SDFIX: trouvé ! C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: trouvé ! --------------------------------- -->- Suppression: C:\Documents and Settings\Propriétaire\Bureau\SdFix.exe: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe: supprimé ! C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: supprimé ! C:\SDFIX: supprimé ! C:\Combofix: supprimé ! C:\Qoobox: supprimé ! C:\Documents and Settings\Propriétaire\Bureau\SDFX\SDFIX: supprimé ! J'ai également repassé Hijackthis, ci-joint le rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:43:17, on 15/06/2008 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\ScsiAccess.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\wanmpsvc.exe C:\WINDOWS\Explorer.EXE C:\windows\system\hpsysdrv.exe C:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe C:\WINDOWS\System32\hphmon05.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Microsoft Money\System\mnyexpr.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\rundll32.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\HTV6100\IRMONITOR.EXE C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe C:\Program Files\OLITEC\MOH\LtMoh.exe C:\WINDOWS\System32\Macromed\Shockwave 8\PostUpdate.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\Propriétaire\Bureau\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://srch-fr10.hpwis.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dbsarticles.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr10.hpwis.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr10.hpwis.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\hpdtlk02.dll O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\HP\Digital Imaging\Unload\hpqcmon.exe O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE O4 - HKLM\..\Run: [updateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe" O4 - HKCU\..\Run: [backupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBP4\plugin\bin\PCHButton.exe O4 - HKCU\..\Run: [Microsoft Windows Driver] C:\WINDOWS\rundll32.exe O4 - HKCU\..\Run: [Mr] C:\WINDOWS\rundll32.exe O4 - HKCU\..\RunOnce: [sWHelper] "C:\WINDOWS\System32\Macromed\Shockwave 8\PostUpdate.exe" 1014021 O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [Microsoft Oftice] C:\WINDOWS\System32\msmsgs.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Microsoft Oftice] C:\WINDOWS\System32\msmsgs.exe (User 'Default user') O4 - Startup: MOH.lnk = C:\Program Files\OLITEC\MOH\LtMoh.exe O4 - Global Startup: AOL 8.0 Icône AOL.lnk = C:\Program Files\AOL 8.0j\aoltray.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HTV6100 Remote Controller Service.lnk = ? O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb-7288971.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: LG SyncManager.lnk = C:\Program Files\LG PC Suite\LG PC Sync\LGSyncManager.exe O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: TMMonitor.lnk = C:\Program Files\ArcSoft\TotalMedia 3\TMMonitor.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab O16 - DPF: {5EDB10D9-7E95-4833-A218-62F375DAFCF1} (Aventail Installer ) - https://parici.sopragroup.com/postauthI/epi.cab O20 - Winlogon Notify: mLeCSiGY - mLeCSiGY.dll (file missing) O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe -- End of file - 7752 bytes J'ai fait la manip sur les lignes dont vous m'aviez parlé sauf les 2 ci-dessous que je n'avais pas : O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm Je vous remercie pour votre aide.

Bonjour, J'ai fait les manipulations, ci-dessous le rapport. Après les manipulations, j'ai remis la restauration système. Je n'ai pas encore installé Antivir. Sur mon poste actuellement j'ai Avast. Pour installer Antivir, je suppose que je dois enlever Avast et ensuite installer Antivir. Je vous remercie pour votre aide. J'espère que je vais arriver au bout de mes peines. File C:\WINDOWS\System32\msmsgs.exe infected by "Trojan-Downloader.Win32.Agent.ohy" Virus. Action Taken: File Deleted. File C:\WINDOWS\System32\urdvxc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\WINDOWS\System32\.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\WINDOWS\System32\a.exe infected by "Backdoor.Win32.IRCBot.dff" Virus. Action Taken: File Renamed. File C:\WINDOWS\System32\i infected by "Trojan-Downloader.BAT.Ftp.ab" Virus. Action Taken: File Deleted. File C:\WINDOWS\System32\m16538.exe infected by "Backdoor.Win32.SdBot.dzt" Virus. Action Taken: File Renamed. File C:\ADCDA2\FRE\lshksrzr.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\ADCDA2\FRE\RegMessage.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Backups\backups.zip infected by "Trojan-Downloader.Win32.Agent.ohy" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\ReadMe.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\ReadMeCamera.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\tvlhwjbt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSvpaht\program files\Kodak\Kodak EasyShare software\bin\data\vpahtmm\fra\kbewqkek.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSvpot\program files\Kodak\Kodak EasyShare software\bin\data\vpotmm\fra\zenwtlkx.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ksu\program files\KODAK\KODAK Software Updater\7288971\Program\README\rhbcslnn.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ksu\program files\KODAK\KODAK Software Updater\7288971\Program\README\Updater_Readme_1036.HTM infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\backuphelp.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bbceerkt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bdgtwlcm.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bsrwtjnh.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\cexznbkh.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\crjjnxhh.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\cwhteejj.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\debtwlcm.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\defenrll.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\defserv.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\eetknbwx.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\eheecktl.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ekhszlek.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\entbeshl.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hbsbczjx.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hlensnnc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\althome.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\guide.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\kkrllbbh.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\klbkjvbt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\knblkhlk.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\nbsblkvl.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\_althome.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\_altLeft.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hvbjjtnk.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvestmentQIFImport.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvestmentResearch.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvResearchOnline.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\jhecvtrq.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\jjehnjsb.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\khtsenls.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\kwxbjrtj.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\llzkhscx.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltvrvhhj.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltwelco2.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltwelcom.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\lvwrsktb.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\lwzwwshl.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mc.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mcleft.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mcright.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\nhbzstwt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\osudflt.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsBenifit.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsBkgnd.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsLost.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsScrty.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\plnwlcm2.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\pssprtbnftfaq.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\pssprtscrtyfaq.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\qkebwsxc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Repaircorruptedfiles.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Resolving Windows Cryptography Error.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\sbnthlen.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\sbwelcome.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\schstehk.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\shopping.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\taxevol.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\tbsswktn.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ttwtbhtz.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\tvjhnxhq.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\vkrenlhc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ztttslxw.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Documents\Mes images\Photos\hebdo papi mamie\cjclnzhz.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Documents\Mes images\Photos\hebdo papi mamie\index.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\All Users\Documents\Mes images\Photos\photospapimamie 002\zljzlven.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\rqrxcres.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Local Settings\Temp\tmp_69154.htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=195x560;tile=2;ord=1135967451281;[1].htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=275x560;tile=3;ord=1135967451281;[1].htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=275x560;tile=4;ord=1135967451281;[1].htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=760x93;tile=1;ord=1135967451281;[1].htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\visitor;tn=3;to=h;tr=1;!cat=statichp;tw=760;ta=center;szs=234x60,234x60,234x60;ord=1135967451281;[1] .htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\XYAS0VRT\slzhztvt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\ConstructFrame[1].html infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\error_copland_dns[1].htm infected by "Net-Worm.Win32.Allaple.a" Virus. Action Taken: File Disinfected. File C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\lxrktxcb.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 01\xjnnnelt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 02\rssrlzqs.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 02\vstnksjc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 03\nhjlcvkv.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 03\sjthwtjt.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\EME102\rtsrltrl.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 01\rvnvjcek.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 02\hhbttbjc.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 02\kzejhttr.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 03\enlevjjk.exe infected by "Net-Worm.Win32.Allaple.b" Virus. Action Taken: File Deleted. File C:\QooBox\Quarantine\C\WINDOWS\rundll32.exe.vir infected by "Backdoor.Win32.IRCBot.csq" Virus. Action Taken: File Renamed. File C:\QooBox\Quarantine\C\WINDOWS\system32\a.exe.vir infected by "Backdoor.Win32.IRCBot.crs" Virus. Action Taken: File Renamed. File C:\QooBox\Quarantine\C\WINDOWS\system32\msmsgs.exe.vir infected by "Backdoor.Win32.IRCBot.crs" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\3M8FBNZ4\mumie[1].exe infected by "Backdoor.Win32.IRCBot.dbx" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LJU9T77X\mmdmm[2].exe infected by "Backdoor.Win32.IRCBot.dbx" Virus. Action Taken: File Renamed. File C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M5UJU1S4\mixit[1].exe infected by "Backdoor.Win32.IRCBot.dbx" Virus. Action Taken: File Renamed.

Bonjour, C'est enfin réussi à passer Kaspersky. Ci-dessous le rapport. ------------------------------------------------------------------------------- KASPERSKY ON-LINE SCANNER REPORT Wednesday, May 28, 2008 11:53:24 PM Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600) Kaspersky On-line Scanner version : 5.0.98.0 Dernière mise à jour de la base antivirus Kaspersky : 28/05/2008 Enregistrements dans la base antivirus Kaspersky : 808891 ------------------------------------------------------------------------------- Paramètres d'analyse: Analyser avec la base antivirus suivante: étendue Analyser les archives: vrai Analyser les bases de messagerie: vrai Cible de l'analyse - Poste de travail: A:\ C:\ D:\ E:\ F:\ H:\ Statistiques de l'analyse: Total d'objets analysés: 171640 Nombre de virus trouvés: 7 Nombre d'objets infectés: 156 Nombre d'objets suspects: 0 Durée de l'analyse: 02:05:28 Nom de l'objet infecté / Nom du virus / Dernière action C:\ADCDA2\FRE\lshksrzr.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\ADCDA2\FRE\RegMessage.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Backups\backups.zip/backups/msmsgs.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\Backups\backups.zip/backups/rundll32.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\Backups\backups.zip ZIP: infecté - 2 ignoré C:\Documents and Settings\All Users\Application Data\Aventail\LogFiles\odxsp.log L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\ReadMe.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\ReadMeCamera.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSini\program files\Kodak\Kodak EasyShare software\fra\tvlhwjbt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSvpaht\program files\Kodak\Kodak EasyShare software\bin\data\vpahtmm\fra\kbewqkek.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ess\ESSvpot\program files\Kodak\Kodak EasyShare software\bin\data\vpotmm\fra\zenwtlkx.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ksu\program files\KODAK\KODAK Software Updater\7288971\Program\README\rhbcslnn.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\ksu\program files\KODAK\KODAK Software Updater\7288971\Program\README\Updater_Readme_1036.HTM Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp L'objet est verrouillé ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\backuphelp.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bbceerkt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bdgtwlcm.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\bsrwtjnh.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\cexznbkh.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\crjjnxhh.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\cwhteejj.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\debtwlcm.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\defenrll.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\defserv.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\eetknbwx.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\eheecktl.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ekhszlek.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\entbeshl.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hbsbczjx.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hlensnnc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\althome.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\guide.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\kkrllbbh.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\klbkjvbt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\knblkhlk.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\nbsblkvl.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\_althome.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Home\_altLeft.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\hvbjjtnk.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvestmentQIFImport.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvestmentResearch.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\InvResearchOnline.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\jhecvtrq.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\jjehnjsb.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\khtsenls.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\kwxbjrtj.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\llzkhscx.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltvrvhhj.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltwelco2.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ltwelcom.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\lvwrsktb.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\lwzwwshl.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mc.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mcleft.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\mcright.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\nhbzstwt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\osudflt.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsBenifit.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsBkgnd.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsLost.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\PassportFAQsScrty.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\plnwlcm2.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\pssprtbnftfaq.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\pssprtscrtyfaq.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\qkebwsxc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Repaircorruptedfiles.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\Resolving Windows Cryptography Error.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\sbnthlen.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\sbwelcome.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\schstehk.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\shopping.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\taxevol.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\tbsswktn.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ttwtbhtz.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\tvjhnxhq.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\vkrenlhc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Application Data\Microsoft\Money\12.0\Webcache\ztttslxw.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Documents\Mes images\Photos\hebdo papi mamie\cjclnzhz.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Documents\Mes images\Photos\hebdo papi mamie\index.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\All Users\Documents\Mes images\Photos\photospapimamie 002\zljzlven.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\All Users\Documents\Mes images\Échantillons d'images\rqrxcres.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temp\esrtlcev.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temp\tmp_69154.htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\0P6VSTE7\hrvxnsbr.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\0P6VSTE7\index[1].html Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\GL6ROLI7\srvqecsr.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\284332[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\ads[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\detect[2].html Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\entete[1].html Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\lqnselek.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=195x560;tile=2;ord=1135967451281;[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=275x560;tile=3;ord=1135967451281;[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=275x560;tile=4;ord=1135967451281;[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\version1;dcopt=ist;sz=760x93;tile=1;ord=1135967451281;[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\OUMNTGZI\visitor;tn=3;to=h;tr=1;!cat=statichp;tw=760;ta=center;szs=234x60,234x60,234x60;ord=1135967451281;[1] .htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\XYAS0VRT\slzhztvt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\ConstructFrame[1].html Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\error_copland_dns[1].htm Infecté : Net-Worm.Win32.Allaple.a ignoré C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\ZCHWSUQ9\lxrktxcb.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 01\xjnnnelt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 02\rssrlzqs.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 02\vstnksjc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 03\nhjlcvkv.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\Module 03\sjthwtjt.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\EME102\rtsrltrl.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 01\rvnvjcek.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 02\hhbttbjc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 02\kzejhttr.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\Default User\Mes documents\FOD\TET101\Module 03\enlevjjk.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Application Data\ArcSoft\TotalMedia\3.0.29\ArcPVR\epg.ldb L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Application Data\ArcSoft\TotalMedia\3.0.29\ArcPVR\epg.mdb L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Cookies\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Historique\History.IE5\MSHist012008052820080529\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\JETE9D4.tmp L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\me_0KEIt85NgNQatUa L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\me_0oB2VeMjhQK5LO9 L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\me_78p7cJSPKd0w7gO L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\me_muhaPvxwHUCcP6J L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temp\me_NbuDUQ4EeQgV3tr L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\NTUSER.DAT L'objet est verrouillé ignoré C:\Documents and Settings\Propriétaire\ntuser.dat.LOG L'objet est verrouillé ignoré C:\lox.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré C:\Program Files\Alwil Software\Avast4\DATA\log\selfdef.log L'objet est verrouillé ignoré C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.me L'objet est verrouillé ignoré C:\Program Files\Kodak\Kodak EasyShare software\bin\Catalog\EasyShare.mm L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\BWKDLogs\BWTargetInf.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\BWLocalWebListener.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chandir.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\chn.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\D0000000.FCS L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\FileDL.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\inuse.txt L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\L0000001.FCS L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\main.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_die.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_dnd.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_ext.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\prs_rcv.idx L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\RG.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\scheddbg.log L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.dat L'objet est verrouillé ignoré C:\Program Files\Kodak\KODAK Software Updater\7288971\Users\Default\Data\storydb.idx L'objet est verrouillé ignoré C:\Program Files\OLITEC\MOH\ltmoh.log L'objet est verrouillé ignoré C:\QooBox\Quarantine\C\WINDOWS\rundll32.exe.vir Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\QooBox\Quarantine\C\WINDOWS\system32\a.exe.vir Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\QooBox\Quarantine\C\WINDOWS\system32\msmsgs.exe.vir Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0090949.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0091018.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0092113.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0092226.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0092250.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0093245.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0093253.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0094247.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0094269.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP73\A0094272.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0094370.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0094371.exe Infecté : Backdoor.Win32.IRCBot.crs ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0094372.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0096350.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0097368.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0098363.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0098395.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP74\A0098420.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP75\A0099424.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0106650.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0107690.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0107724.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0107725.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0107731.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP76\A0107732.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP77\A0107817.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP77\A0108793.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP77\A0108818.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP77\A0108913.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0108939.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0108983.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0109006.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0109036.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0110098.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\A0110123.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\System Volume Information\_restore{D2B56700-B650-4C30-8071-D5EC1FCE58BB}\RP78\change.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\oakley.log L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\rundll32.exe Infecté : Backdoor.Win32.IRCBot.csq ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\WINDOWS\system32\a.exe Infecté : Backdoor.Win32.IRCBot.dff ignoré C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\3M8FBNZ4\mumie[1].exe Infecté : Backdoor.Win32.IRCBot.dbx ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LJU9T77X\mmdmm[2].exe Infecté : Backdoor.Win32.IRCBot.dbx ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\LJU9T77X\mmdmm[3].exe Infecté : Backdoor.Win32.IRCBot.dff ignoré C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\M5UJU1S4\mixit[1].exe Infecté : Backdoor.Win32.IRCBot.dbx ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\msmsgs.exe Infecté : Trojan-Downloader.Win32.Agent.ohy ignoré C:\WINDOWS\system32\urdvxc.exe Infecté : Net-Worm.Win32.Allaple.b ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\Temp\Perflib_Perfdata_4e0.dat L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré Analyse terminée. Je suis un peu inquiète car il a trouvé d'autres virus que je n'avais apparemment pas au début. J'attend de vos nouvelles. Merci d'avance.

Bonjour, J'ai effectué la première partie, ci-joint le rapport Toolscleaner : -->- Recherche: C:\SDFIX: trouvé ! C:\Combofix: trouvé ! C:\Qoobox: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\SdFix.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe: trouvé ! C:\Documents and Settings\Propriétaire\Bureau\SDFX\SDFIX: trouvé ! C:\Documents and Settings\Propriétaire\Recent\HijackThis.lnk: trouvé ! Pour la deuxième partie, j'ai plus de problème. J'ai essayé avec Kaspersky mais dès que le scan arrive vers 42%, je suis déconnectée d'Internet et je n'arrive pas à terminer le scan. C'est embêtant car il a détecté des virus. Est-ce que cela peut provenir d'un problème de paramètrage d'Active X ou bien parce que je n'ai qu'un débit de 56K ? Je vais vérifier mon paramètrage pour Active X Si je n'y arrrive pas, j'essaierai avec Scan Panda, j'espère que je n'aurais pas ce genre de problème. Pour ma connexion, je passe par une connexion Neuf RTC puis par AOL. Faut-il ensuite obligatoirement que je lance iexplore via le menu Démarrer Exécuter ou cela n'est pas nécessaire car j'ai fait les manips en accédant au site via google par la fenêtre AOL directement. Le problème peut-il venir de là ? Sinon comment puis-je procéder ? Merci d'avance.

Bonjour, Ci-joint les 2 rapport que vous m'avez demandé : SDFix: Version 1.182 Run by Propri‚taire on 17/05/2008 at 14:29 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HKCU HomePage Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\SYSTEM32\IALMCOIN.DLL - Deleted C:\WINDOWS\rundll32.exe - Deleted C:\WINDOWS\system32\msmsgs.exe - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-17 14:53:48 Windows 5.1.2600 Service Pack 1 NTFS scanning hidden processes ... scanning hidden services & system hive ... scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher] "TracesProcessed"=dword:00000030 "TracesSuccessful"=dword:0000002a scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Fri 26 May 2006 196 A.SHR --- "C:\BOOT.BAK" Thu 1 May 2008 44,696 ..SH. --- "C:\lox.exe" Wed 22 May 2002 49,222 A..H. --- "C:\Program Files\AOL 7.0\aolphx.exe" Wed 22 May 2002 32,842 A..H. --- "C:\Program Files\AOL 7.0\aoltray.exe" Fri 10 May 2002 40,960 A..H. --- "C:\Program Files\AOL 7.0\RBM.exe" Wed 22 May 2002 180,290 A..H. --- "C:\Program Files\AOL 7.0\waol.exe" Wed 23 Apr 2003 49,221 A..H. --- "C:\Program Files\AOL 8.0\aolphx.exe" Wed 23 Apr 2003 36,937 A..H. --- "C:\Program Files\AOL 8.0\aoltray.exe" Wed 23 Apr 2003 40,960 A..H. --- "C:\Program Files\AOL 8.0\RBM.exe" Wed 23 Apr 2003 237,633 A..H. --- "C:\Program Files\AOL 8.0\waol.exe" Wed 7 May 2003 49,221 A..H. --- "C:\Program Files\AOL 8.0j\aolphx.exe" Wed 7 May 2003 36,937 A..H. --- "C:\Program Files\AOL 8.0j\aoltray.exe" Wed 7 May 2003 40,960 A..H. --- "C:\Program Files\AOL 8.0j\RBM.exe" Wed 7 May 2003 237,633 A..H. --- "C:\Program Files\AOL 8.0j\waol.exe" Sat 24 Apr 2004 0 A.SH. --- "C:\WINDOWS\SMINST\HPCD.SYS" Tue 6 May 2008 42,281 ..SH. --- "C:\WINDOWS\system32\a.exe" Wed 22 May 2002 53,320 A..H. --- "C:\Program Files\AOL 7.0\COMIT\cswitch.exe" Wed 23 Apr 2003 49,223 A..H. --- "C:\Program Files\AOL 8.0\COMIT\cswitch.exe" Wed 7 May 2003 49,223 A..H. --- "C:\Program Files\AOL 8.0j\COMIT\cswitch.exe" Tue 6 May 2008 20,233,232 A..H. --- "C:\Documents and Settings\tintin\Local Settings\temp\BIT3.tmp" Sat 10 May 2008 2,280,312 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0a94bf6f4e8c990ce43db96944d76514\BIT9.tmp" Tue 11 Mar 2008 830,776 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0b94495512074d69b9e8ab1679d608d4\BITF.tmp" Mon 12 May 2008 8,548,984 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\27351338b61f8a3b1808532ac895046b\BIT8.tmp" Sat 17 May 2008 221,200 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\5f05a02af2e466787afe20ca24b06947\BIT4.tmp" Fri 15 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\694bb96fb87556e322fcc00fded58177\BITA.tmp" Sat 17 May 2008 602,864 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b81252ef70e0d4f53d4fb43336030927\BIT3.tmp" Fri 15 Feb 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\c8f95ed251aedea843abb9ea5b1a52d3\BITB.tmp" Wed 7 May 2003 106,496 A..H. --- "C:\Program Files\Fichiers communs\aolshare\shell\fr\shellext.dll" Thu 1 Apr 2004 2,713,880 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\08ac2268ef5b4b70d781e523cebc6a6c\BIT26.tmp" Fri 7 Oct 2005 497,392 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\1059f9fa18db5c659dd880c6bde1acd8\BIT9.tmp" Tue 16 May 2006 2,306,312 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\151d391a3b44491efc77d331ddebc3c6\BIT5.tmp" Sun 21 May 2006 2,382,600 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\16e8244bf5a1b1405ed107c5560969a5\BITB.tmp" Mon 7 Feb 2005 337,640 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\20b3cabb260cb882b3d8b497abda1f71\BITE.tmp" Wed 8 Feb 2006 151,539 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2188236ebfb773be9367bf47c988d6f4\BIT27.tmp" Mon 13 Jun 2005 1,032,464 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2922e248dc4a80f30a47f8b5c778e508\BIT17.tmp" Sat 11 Jun 2005 484,592 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\2d3de94317cec27c0fd13671114be92a\BIT2A.tmp" Tue 16 May 2006 484,080 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\4042804c2a776995a3f497dfcca87fe6\BIT8.tmp" Fri 19 May 2006 810,224 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\5f201913a8f93a6e18929e36593a37ea\BIT2.tmp" Sat 20 May 2006 993,544 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\623ce63b9c334339532616cd5ac18270\BIT11.tmp" Tue 14 Dec 2004 338,152 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\6b5f484130e76f990053cd368ea0c649\BIT28.tmp" Thu 18 May 2006 4,086,536 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\6c5ce2469da246bab67e1f6f42965b62\BIT1F.tmp" Tue 14 Dec 2004 338,664 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\7551d9aad32dabb2ef3aa5108dd69f4c\BIT1E.tmp" Tue 16 May 2006 1,076,448 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\88bc946b4137f56f1c71972dc636e2fe\BIT3.tmp" Thu 6 Oct 2005 28,093 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\8d239138b06338b78c9b793a6a9b5e6c\BIT16.tmp" Fri 5 Aug 2005 496,880 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\92187aedab601bb25548bba6adc50cc9\BIT2B.tmp" Wed 8 Mar 2006 493,808 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\92502e442cc623688d3e48699a4dfd6a\BIT1D.tmp" Thu 8 Dec 2005 149,349 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\9715b831942a0a690ff1a4bee9a5b683\BIT6.tmp" Fri 7 Oct 2005 902,384 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\97e754582377d850e2164a4adca20caa\BITD.tmp" Fri 19 May 2006 483,568 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\98091b7e393d32343cd6ee6419786bb1\BITF.tmp" Wed 29 Mar 2006 151,443 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\982e3592e6cb28f674d1d6319523b1b9\BIT21.tmp" Tue 8 Nov 2005 498,416 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a42f4d4aec80f787c077283561db7334\BIT23.tmp" Tue 16 May 2006 496,368 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a784624f51e504c24fcaaa117668f3b6\BIT1.tmp" Tue 14 Dec 2004 343,784 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a9e93f8b9968640870c66d6cd37b81d2\BIT29.tmp" Fri 5 Aug 2005 497,904 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\bec6ccdc2e87326a059fbc24a1ba98c2\BIT22.tmp" Wed 4 Jan 2006 151,828 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\ce8dd34f24716c36effd4f314c91c35b\BITC.tmp" Wed 8 Jun 2005 485,104 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d1b29ea9af60865342221d1a1dac1909\BIT12.tmp" Fri 19 May 2006 496,880 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d34105cbc07cfc82a840c12d5e028679\BIT25.tmp" Wed 4 Jan 2006 151,678 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\d4a37460d445a728eedf3490051e8fa1\BIT4.tmp" Mon 8 May 2006 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\eb441692f33d2f3e9fa2b18f882616b3\BIT1A.tmp" Fri 7 Oct 2005 31,269 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\fda4a07ab7a56c6d4616537d15334ad6\BIT10.tmp" Fri 19 May 2006 8,269,571 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\087c95038fa0513bb8de57c8b3f3084d\download\BIT3.tmp" Sat 20 May 2006 446,251 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\925c7afc2ba478434e358c78673b4a12\download\BIT8E.tmp" Fri 7 Oct 2005 3,876,749 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\S-1-5-18\a8951b6d268f6c7a9b16bcd7d84f73ba\download\BIT7.tmp" Finished! et : Malwarebytes' Anti-Malware 1.12 Version de la base de données: 758 Type de recherche: Examen complet (C:\|D:\|) Eléments examinés: 222460 Temps écoulé: 49 minute(s), 4 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 2 Valeur(s) du Registre infectée(s): 2 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7f3ea905-de65-4d00-bc1f-ff3a77f8ca30} (Trojan.Vundo) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c95fe080-8f5d-11d2-a20b-00aa003c157a} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{7f3ea905-de65-4d00-bc1f-ff3a77f8ca30} (Trojan.Vundo) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) J'attend de vos nouvelles. Merci d'avance.

Bonjour, D'abord merci pour tout. J'ai téléchargé tout ce dont j'avais besoin. Dès que j'ai fini toutes les manipulations, je vous envoi les rapports. A bientôt.