Virus demande aide....
roleca06
Messages postés
18
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
depuis quelques jours mon pc devient fou...
norton antivirus desactivé et qui a disparu, connection wifi envolée, et la plupart des logiciels (spyboot, avg, avast) en application win32 non valide...
d'apres ce que j'ai lu sur le forum, j'ai utilise elibagle dont voici le rapport mais dont je ne sais quoi faire apres...
Mon Jun 23 22:41:38 2008
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Mon Jun 23 22:42:00 2008
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Synaptics\SynTP\SYNTPENH.EXE --> Eliminado Bagle.dldr
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000040.SYS --> Eliminado Bagle (rootkit)
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000045.EXE --> Eliminado Bagle.dldr
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000097.EXE --> Eliminado Bagle.dldr
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\SROSA.SYS.VIR --> Eliminado Bagle (rootkit)
Nº Total de Directorios: 6920
Nº Total de Ficheros: 84033
Nº de Ficheros Analizados: 14104
Nº de Ficheros Infectados: 5
Nº de Ficheros Limpiados: 5
y a t il quelqu'un qui peut me sauver?
merci d'avance...
depuis quelques jours mon pc devient fou...
norton antivirus desactivé et qui a disparu, connection wifi envolée, et la plupart des logiciels (spyboot, avg, avast) en application win32 non valide...
d'apres ce que j'ai lu sur le forum, j'ai utilise elibagle dont voici le rapport mais dont je ne sais quoi faire apres...
Mon Jun 23 22:41:38 2008
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Acción Directa):
Mon Jun 23 22:42:00 2008
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\Program Files\Synaptics\SynTP\SYNTPENH.EXE --> Eliminado Bagle.dldr
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000040.SYS --> Eliminado Bagle (rootkit)
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000045.EXE --> Eliminado Bagle.dldr
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000097.EXE --> Eliminado Bagle.dldr
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\SROSA.SYS.VIR --> Eliminado Bagle (rootkit)
Nº Total de Directorios: 6920
Nº Total de Ficheros: 84033
Nº de Ficheros Analizados: 14104
Nº de Ficheros Infectados: 5
Nº de Ficheros Limpiados: 5
y a t il quelqu'un qui peut me sauver?
merci d'avance...
A voir également:
- Virus demande aide....
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
15 réponses
Bonsoir,
Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance le programme, puis sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie, par collier/coller, ton log Hijackthis sur le forum,
A+
Commence par poster un rapport HijackThis stp,
>Télécharge HiJackThis : https://www.commentcamarche.net/telecharger/securite/11747-hijackthis/
- Lance le programme, puis sélectionne < do a system scan and save a logfile >
- Enregistre le rapport sur ton bureau.
Et envoie, par collier/coller, ton log Hijackthis sur le forum,
A+
Ok,
Alors,
Relance le moins possible ton PC (chaque reboot => favorise l'infection)
Bon ton infection est due très souvent à des cracks. Il faut que tu supprimes les programmes crackés que tu as car sinon on va tourner en rond....
Je m'explique : à chaque fois que tu lances le programme cracké en question l'infection revient. Alors si ce programme se lance automatiquement au démarrage windows, à chaque fois que tu relances ton PC la crasse réapparait.
> Télécharge sur ton bureau ELIBAGLA en bas de la page : http://www.zonavirus.com/datos/descargas/95/elibagla.asp (clique sur le bouton Descargar Elibagla tout en bas de la page => téléchargement)
- Lance le programme, si possible en mode sans échec.
- Assure toi que Unidad affiche C:\ et que la case Eliminar Ficheros Automaticamente est bien cochée.
- Lance le scan.
- Poste le contenu du fichier infoSat.txt qui se trouve dans C:/
Bon courage,
A+
Alors,
Relance le moins possible ton PC (chaque reboot => favorise l'infection)
Bon ton infection est due très souvent à des cracks. Il faut que tu supprimes les programmes crackés que tu as car sinon on va tourner en rond....
Je m'explique : à chaque fois que tu lances le programme cracké en question l'infection revient. Alors si ce programme se lance automatiquement au démarrage windows, à chaque fois que tu relances ton PC la crasse réapparait.
> Télécharge sur ton bureau ELIBAGLA en bas de la page : http://www.zonavirus.com/datos/descargas/95/elibagla.asp (clique sur le bouton Descargar Elibagla tout en bas de la page => téléchargement)
- Lance le programme, si possible en mode sans échec.
- Assure toi que Unidad affiche C:\ et que la case Eliminar Ficheros Automaticamente est bien cochée.
- Lance le scan.
- Poste le contenu du fichier infoSat.txt qui se trouve dans C:/
Bon courage,
A+
en mode sans echec j'ai reussi à lancer hijackthis... voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:25, on 23/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:25, on 23/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eLockMonitor] C:\Acer\Empowering Technology\eLock\Monitor\LaunchMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Ok,
Très bien.
Peux-tu faire un Eligagla en mode sans échec ?
Puis,
> Les logiciels suivants (MalwareByte's Anti-Malware et Ccleaner) te seront utiles par la suite - ils sont à conserver...
En mode sans échec avec prise en charge du réseau :
> Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour") puis ferme le programme.
NB : Si tu as besoin : Tuto
> Télécharge et installe Ccleaner :
- Fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux : ici, ici et là.
> Télécharge Clean (de Malekal Morte) (différent de Ccleaner)
> Télécharge SDFix (de AndyManchesta) sur ton bureau :
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix. Ferme ensuite le programme.
> Lance MalwareByte's Anti-Malware,
- Clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin du scanne, clique sur "supprimer" (Si des éléments sont difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- après suppression des infections : un rapport va être généré : sauvegarde le et poste le sur forum.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin : Tuto
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis,
Bon courage,
:)
NB : N'oublie pas de poster TOUS les rapports stp ( Elibagla, MalwareByte's Anti-Malware, Clean (différent de Ccleaner - ne poste pas celui de Ccleaner), SDFix puis HiJAckT).
Je sais : gros nettoyage.
A+
Très bien.
Peux-tu faire un Eligagla en mode sans échec ?
Puis,
> Les logiciels suivants (MalwareByte's Anti-Malware et Ccleaner) te seront utiles par la suite - ils sont à conserver...
En mode sans échec avec prise en charge du réseau :
> Télécharge MalwareByte's Anti-Malware :
- Installe le programme puis lance le stp.
NB : S'il te manque COMCTL32.OCX alors télécharge le ici
- Fais les mises à jour (clique sur "Mises à jour" puis "Recherche de mises à jour") puis ferme le programme.
NB : Si tu as besoin : Tuto
> Télécharge et installe Ccleaner :
- Fais les mises à jour puis ferme le programme.
Si besoin est tu trouveras des Tutoriaux : ici, ici et là.
> Télécharge Clean (de Malekal Morte) (différent de Ccleaner)
> Télécharge SDFix (de AndyManchesta) sur ton bureau :
- Double clique sur l'archive SDFix qui à été créé sur le Bureau et installe le programme (l'installation va créer un dossier (à la racine du disque dur par défaut) nommé SDFix. Ferme ensuite le programme.
> Lance MalwareByte's Anti-Malware,
- Clique sur "Executer un examen complet" puis "Rechercher" et sélectionne tous tes disques durs => le scan débute....patiente...
- A la fin du scanne, clique sur "supprimer" (Si des éléments sont difficiles à supprimer, un message te demandera de redémarrer : clique sur "Oui" alors)
- après suppression des infections : un rapport va être généré : sauvegarde le et poste le sur forum.
> Lance Ccleaner,
- Choisi l’onglet "Options" puis clique sur "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier temp de Windows, plus vieux que 48 heures" (tout doit être supprimé).
- Dans l'onglet "Nettoyeur" clique sur "Analyse".
- Une fois l'analyse terminée, clique sur "Lancer le Nettoyage".
- Dans l'onglet "registre" => Recherches des erreurs => Réparer les erreurs sélectionnées => enregistre une sauvegarde => corriger toutes erreurs sélectionnées => ok => fermer.
N.B : Si Ccleaner te propose d'enregistrer une sauvegarde, reponds oui et enregistre sous 'Bureau'
Recommence jusqu’à ce qu’il ne trouve plus rien (cela varie en général entre 1 et 4 fois).
> Pour Clean (encore en mode sans échec) :
- Double-clic sur clean.cmd
- Une fenêtre va apparaître, choisis l'option 2, suis les consignes et poste le rapport clean (Le rapport clean se trouve ici : C:\rapport_clean.txt)
NB : Si besoin : Tuto
> Pour SDFix (toujours en mode sans échec) :
- Vas dans c:/SDFix et double-clique sur RunThis.bat
- Appuie sur < Y > puis < Entrée >....Le nettoyage commence....patience...
- Le programme va te demander de relancer le PC, frappe une touche...
- Le nettoyage se termine...un rapport apparait...
-Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse
> Relance ton PC en mode normal
> Relance Hijackthis :
Puis sélectionne < do a system scan and save a logfile >,
Et envoie moi, par collier/coller, ton log Hijackthis,
Bon courage,
:)
NB : N'oublie pas de poster TOUS les rapports stp ( Elibagla, MalwareByte's Anti-Malware, Clean (différent de Ccleaner - ne poste pas celui de Ccleaner), SDFix puis HiJAckT).
Je sais : gros nettoyage.
A+
Tue Jun 24 00:18:49 2008
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 6903
Nº Total de Ficheros: 84036
Nº de Ficheros Analizados: 14103
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 883
00:50:47 24/06/2008
mbam-log-6-24-2008 (00-50-47).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 125959
Temps écoulé: 19 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 24/06/2008 a 1:02:34,50
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\RUNXMLPL.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
[b]SDFix: Version 1.196 /b
Run by pascal on 24/06/2008 at 01:09
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
No Trojan Files Found
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:22, on 24/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
EliBagle v11.51 (c)2008 S.G.H. / Satinfo S.L. (Actualizado el 23 de Junio del 2008)
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 6903
Nº Total de Ficheros: 84036
Nº de Ficheros Analizados: 14103
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Malwarebytes' Anti-Malware 1.18
Version de la base de données: 883
00:50:47 24/06/2008
mbam-log-6-24-2008 (00-50-47).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 125959
Temps écoulé: 19 minute(s), 59 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 0
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 24/06/2008 a 1:02:34,50
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
tentative de suppression de C:\WINDOWS\RUNXMLPL.exe
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de "C:\WINDOWS\Downloaded Program Files\CONFLICT.1"
*** Suppression des fichiers dans C:\Program Files
*** Suppression des clefs du registre effectuee..
[b]SDFix: Version 1.196 /b
Run by pascal on 24/06/2008 at 01:09
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services /b:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting
[b]Checking Files /b:
No Trojan Files Found
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:17:22, on 24/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Program Files\Fichiers communs\Symantec Shared\SymProbe.exe -r "C:\Program Files\Norton AntiVirus\CfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Ok,
Bonsoir..
Alors,
Essaye de réinstaller Norton.
Si tu veux un autre antivirus, je peux te conseiller.
Dis moi.
Ensuite,
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
A+
Bonsoir..
Alors,
Essaye de réinstaller Norton.
Si tu veux un autre antivirus, je peux te conseiller.
Dis moi.
Ensuite,
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
A+
ok...
je fais ce que tu me dis des que je rentre ce midi
pour le cd de windows c'est non...
j'ai un acer et il n'etait pa fourni... juste un dvdd que j'ai gravé à la premiere utilisation ou on peut faire une restauration du systeme en effacant toutes les donnees!!!!
pour info; la connexion a disparu en meme temps que sont survenues la disparition de norton, les fenetres applications win32 non valide...
A tout à l'huere pour le rapport
merci
je fais ce que tu me dis des que je rentre ce midi
pour le cd de windows c'est non...
j'ai un acer et il n'etait pa fourni... juste un dvdd que j'ai gravé à la premiere utilisation ou on peut faire une restauration du systeme en effacant toutes les donnees!!!!
pour info; la connexion a disparu en meme temps que sont survenues la disparition de norton, les fenetres applications win32 non valide...
A tout à l'huere pour le rapport
merci
alors j'ai installe avgfree car norton ne veut pas s'installer
ensuite j'ai fait kaspersky scan on ligne et voici le rapport
Tuesday, June 24, 2008 11:00:25 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/06/2008
Enregistrements dans la base antivirus Kaspersky : 784615
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 94443
Nombre de virus trouvés 3
Nombre d'objets infectés 263 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:48:36
Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\Temp\T30DebugLogFile.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_1bc.dat L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{307F1915-823A-48C1-B408-8B90163D410C}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{8C4EFDCE-996E-49B0-BD07-9C6748B38512}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-06-24_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgrs.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgwd.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgsched.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log.2 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\emc\Log\emc.log L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\logiciel\crux\crux\CruxCalc.exe L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\logiciel\teleport\keygen\keygen.exe L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\nintendo\dualis\plugins\arm7.dll L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\nintendo\dualis\plugins\arm9.dll L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip/Signer_eng.exe/XpressSigner_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip/Signer_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip ZIP: infecté - 2 ignoré
C:\Documents and Settings\pascal\Cookies\index.dat L'objet est verrouillé ignoré
C:\Program Files\ALO Power Audio Converter\audio.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000041.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000042.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\change.log L'objet est verrouillé ignoré
C:\Signer\XpressSigner_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir/Wondershare PPT to YouTube 1.1.0.7.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir/Word Password Recovery 2.0.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir/Wondershare PPT to Zune 4.7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir/Word Password Recovery Genie 1.30.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir/Wondershare PPT2Flash 4.1.0 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir/Wondershare PPT2Flash Professional 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir/Wondershare PPT2Flash SDK 4.0.0.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir/Word Password Recovery Key 8.0 build 2514.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir/Wondershare PPT2Flash Standard 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir/Word Password Recovery Master 3.0.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir/Wondershare PPT2Video Converter 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir/Wondershare PSP Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir/Wondershare PSP Video Suite 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir/Wondershare Quizcreator 2.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir/Wondershare Rapid E-learning Suite 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir/Wondershare Rapid E-learning Suite Standard 4.6.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir/Wondershare Ripper Pack Platinum 3.0.19.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir/Wondershare RM Video Converter 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir/Wondershare Scrapbook Studio 1.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir/Wondershare Video Converter for Blackberry 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir/Wondershare Video Converter for Mobile Phone 3.2.50.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir/Wondershare Video Converter Platinum 3.2.53.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir/Wondershare Video Converter Suite 3.2.53.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir/Wondershare Video Presenter 1.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir/Wondershare Video to Apple TV Converter 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir/Wondershare Video to Audio Converter 3.2.50.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir/Wondershare Video to DVD Burner 2.1.32.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir/Wondershare Video to Flash Encoder 2.4.81.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir/Wondershare Video to iPod Converter 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir/Wondershare Video to iRiver Converter 3.2.48.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir/Wondershare Video to PSP Converter 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir/Wondershare Video to Walkman Converter 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir/Wondershare Video to Zune Converter 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir/Wondershare Walkman Video Suite 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir/Wondershare WebVideo Author 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir/Wondershare WMV Movie Converter 3.2.41.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir/Wondershare WMV to DVD Burner 2.1.30.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir/Wondershare Xbox 360 Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir/Wondershare YouTube Downloader 1.1.26.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir/Wondershare YouTube to iPhone Converter 1.1.23.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir/Wondershare YouTube to iPod Converter 1.1.25.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir/Wondershare YouTube to PSP Converter 1.1.23.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir/Wondershare Zune Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir/Wondershare Zune Video Suite 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir/WonderWebWare CleanPage Template Shaker 2.3.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir/WonderWebWare Duplicate Line Finder 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir/WonderWebWare File Splitter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir/WonderWebWare HTML to Script Converter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir/Wonderwebware RTF to HTML Converter 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir/WonderWebware Screen Capturer 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir/WonderWebware Screen Ruler 3.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir/WonderWebWare SiteMap Generator 0.94 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir/Wondrous Works 1.0.6.2634.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir/Woocha Clip Board 2.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir/Wood Clips Graphics Collection 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir/Wood Workshop 1.01.0574.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir/Wooded Areas Screensaver 1.0.6.2634.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir/Wooden Web 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir/WoodenNet 2.18.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir/Woodland Dreams Screensaver 4.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir/Woodpecker Screensaver 1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir/Woodrat Reader 0.3 Alpha.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir/Woodstar Field Diary 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir/Woodstock Personal Digital Server - Std. Edition 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir/Woodworking Projects for Everyone 2.0.002.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir/woodworm toolbox 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir/woodworm toolbox pro 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir/Woody Woodpecker Screensaver 2.4.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir/Woofy 0.4.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir/Woolamai Surf Cam 1.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir/Woopra 1.1.0.4 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir/Woot Vista Gadget 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir/Woot Watcher 0.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir/Woot! 2.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir/Woot!Widget 1.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir/WootAgent 2.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir/Wootalyzer! 3.3.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir/WootGadget 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir/Wootificator 1.0.0.40100.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir/wootSnoop 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir/WOOWEB 2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir/WOOWEB-PRO 4.47.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir/Wopla - Woman's Planner 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir/Wopti Utilities 7.81.8.408.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir/Word - Language Analyzer 1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir/Word 2 PDF 1.1.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir/Word 2007 Password 1.0 Build 242.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir/Word Advance Compressor 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir/Word AutoPaster 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir/Word Check 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir/Word Cleaner 4.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir/Word Color 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir/Word Converter - Word to HTML 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir/Word Correct Control 1.0.10.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir/Word Count Machine 2.5.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir/Word Counter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir/Word Counter Widget 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir/Word Doc to PDF Batch Convert Multiple Files Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir/Word Document Property Tool 7-09A.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir/Word Dummy 4.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir/Word Extract Data & Text In Multiple Documents Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir/Word Extractor 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir/Word Finder 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir/Word Finder Pro 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir/Word FindReplacer 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir/Word FontReplacer 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir/Word Freqency Checker 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir/Word Frequency Count In Multiple Text & HTML Files Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir/Word Frequency Count Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir/Word Fusion Beta 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir/Word Generator 5.7.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir/Word Highlighter 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir/Word Hunt 2.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir/Word Icon Library 3.10.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir/Word Icons 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir/Word Image Exporter 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir/Word Join Multiple Documents Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir/Word Kards 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir/Word Link 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir/Word Link for MS Access 97 4.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir/Word List Builder 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir/Word List Creator 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir/Word List Maker 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir/Word Net 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir/Word OCX 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir/Word Of The Day 1.00.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir/Word Password 10.1.6805.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir/Word Password Recovery 1.0M.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir/Word Password Recovery 2.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infecté : Trojan-Downloader.Win32.Bagle.hp ignoré
D:\System Volume Information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\change.log L'objet est verrouillé ignoré
D:\film\DVD Audio Extractor 4.2.8+serial\dvdaudioextractor.exe L'objet est verrouillé ignoré
Analyse terminée.
en attente de tes conseils avises.
merci
ensuite j'ai fait kaspersky scan on ligne et voici le rapport
Tuesday, June 24, 2008 11:00:25 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/06/2008
Enregistrements dans la base antivirus Kaspersky : 784615
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 94443
Nombre de virus trouvés 3
Nombre d'objets infectés 263 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:48:36
Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\Temp\T30DebugLogFile.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_1bc.dat L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{307F1915-823A-48C1-B408-8B90163D410C}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{8C4EFDCE-996E-49B0-BD07-9C6748B38512}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2008-06-24_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgrs.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgwd.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgsched.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log.2 L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\Log\avgcore.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\avg8\emc\Log\emc.log L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\logiciel\crux\crux\CruxCalc.exe L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\logiciel\teleport\keygen\keygen.exe L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\nintendo\dualis\plugins\arm7.dll L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\nintendo\dualis\plugins\arm9.dll L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip/Signer_eng.exe/XpressSigner_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip/Signer_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip ZIP: infecté - 2 ignoré
C:\Documents and Settings\pascal\Cookies\index.dat L'objet est verrouillé ignoré
C:\Program Files\ALO Power Audio Converter\audio.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000041.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000042.exe L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\change.log L'objet est verrouillé ignoré
C:\Signer\XpressSigner_eng.exe Infecté : Trojan-Dropper.Win32.Agent.qnx ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir/Wondershare PPT to YouTube 1.1.0.7.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir/Word Password Recovery 2.0.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir/Wondershare PPT to Zune 4.7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir/Word Password Recovery Genie 1.30.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir/Wondershare PPT2Flash 4.1.0 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir/Wondershare PPT2Flash Professional 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir/Wondershare PPT2Flash SDK 4.0.0.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir/Word Password Recovery Key 8.0 build 2514.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir/Wondershare PPT2Flash Standard 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir/Word Password Recovery Master 3.0.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir/Wondershare PPT2Video Converter 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir/Wondershare PSP Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir/Wondershare PSP Video Suite 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir/Wondershare Quizcreator 2.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir/Wondershare Rapid E-learning Suite 4.8.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir/Wondershare Rapid E-learning Suite Standard 4.6.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir/Wondershare Ripper Pack Platinum 3.0.19.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir/Wondershare RM Video Converter 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir/Wondershare Scrapbook Studio 1.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir/Wondershare Video Converter for Blackberry 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir/Wondershare Video Converter for Mobile Phone 3.2.50.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir/Wondershare Video Converter Platinum 3.2.53.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir/Wondershare Video Converter Suite 3.2.53.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir/Wondershare Video Presenter 1.2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir/Wondershare Video to Apple TV Converter 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir/Wondershare Video to Audio Converter 3.2.50.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir/Wondershare Video to DVD Burner 2.1.32.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir/Wondershare Video to Flash Encoder 2.4.81.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir/Wondershare Video to iPod Converter 3.2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir/Wondershare Video to iRiver Converter 3.2.48.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir/Wondershare Video to PSP Converter 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir/Wondershare Video to Walkman Converter 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir/Wondershare Video to Zune Converter 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir/Wondershare Walkman Video Suite 3.2.49.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir/Wondershare WebVideo Author 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir/Wondershare WMV Movie Converter 3.2.41.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir/Wondershare WMV to DVD Burner 2.1.30.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir/Wondershare Xbox 360 Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir/Wondershare YouTube Downloader 1.1.26.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir/Wondershare YouTube to iPhone Converter 1.1.23.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir/Wondershare YouTube to iPod Converter 1.1.25.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir/Wondershare YouTube to PSP Converter 1.1.23.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir/Wondershare Zune Slideshow 1.1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir/Wondershare Zune Video Suite 3.2.52.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir/WonderWebWare CleanPage Template Shaker 2.3.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir/WonderWebWare Duplicate Line Finder 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir/WonderWebWare File Splitter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir/WonderWebWare HTML to Script Converter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir/Wonderwebware RTF to HTML Converter 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir/WonderWebware Screen Capturer 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir/WonderWebware Screen Ruler 3.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir/WonderWebWare SiteMap Generator 0.94 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir/Wondrous Works 1.0.6.2634.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir/Woocha Clip Board 2.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir/Wood Clips Graphics Collection 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir/Wood Workshop 1.01.0574.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir/Wooded Areas Screensaver 1.0.6.2634.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir/Wooden Web 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir/WoodenNet 2.18.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir/Woodland Dreams Screensaver 4.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir/Woodpecker Screensaver 1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir/Woodrat Reader 0.3 Alpha.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir/Woodstar Field Diary 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir/Woodstock Personal Digital Server - Std. Edition 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir/Woodworking Projects for Everyone 2.0.002.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir/woodworm toolbox 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir/woodworm toolbox pro 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir/Woody Woodpecker Screensaver 2.4.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir/Woofy 0.4.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir/Woolamai Surf Cam 1.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir/Woopra 1.1.0.4 Beta.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir/Woot Vista Gadget 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir/Woot Watcher 0.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir/Woot! 2.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir/Woot!Widget 1.6.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir/WootAgent 2.5.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir/Wootalyzer! 3.3.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir/WootGadget 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir/Wootificator 1.0.0.40100.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir/wootSnoop 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir/WOOWEB 2.51.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir/WOOWEB-PRO 4.47.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir/Wopla - Woman's Planner 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir/Wopti Utilities 7.81.8.408.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir/Word - Language Analyzer 1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir/Word 2 PDF 1.1.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir/Word 2007 Password 1.0 Build 242.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir/Word Advance Compressor 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir/Word AutoPaster 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir/Word Check 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir/Word Cleaner 4.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir/Word Color 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir/Word Converter - Word to HTML 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir/Word Correct Control 1.0.10.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir/Word Count Machine 2.5.0.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir/Word Counter 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir/Word Counter Widget 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir/Word Doc to PDF Batch Convert Multiple Files Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir/Word Document Property Tool 7-09A.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir/Word Dummy 4.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir/Word Extract Data & Text In Multiple Documents Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir/Word Extractor 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir/Word Finder 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir/Word Finder Pro 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir/Word FindReplacer 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir/Word FontReplacer 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir/Word Freqency Checker 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir/Word Frequency Count In Multiple Text & HTML Files Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir/Word Frequency Count Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir/Word Fusion Beta 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir/Word Generator 5.7.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir/Word Highlighter 1.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir/Word Hunt 2.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir/Word Icon Library 3.10.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir/Word Icons 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir/Word Image Exporter 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir/Word Join Multiple Documents Software 7.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir/Word Kards 1.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir/Word Link 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir/Word Link for MS Access 97 4.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir/Word List Builder 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir/Word List Creator 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir/Word List Maker 1.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir/Word Net 1.2.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir/Word OCX 2.0.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir/Word Of The Day 1.00.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir/Word Password 10.1.6805.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir/Word Password Recovery 1.0M.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir/Word Password Recovery 2.0.1.exe Infecté : Trojan.Win32.Agent.sad ignoré
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir ZIP: infecté - 1 ignoré
C:\QooBox\Quarantine\Registry_backups\Legacy_SROSA.reg.dat Infecté : Trojan-Downloader.Win32.Bagle.hp ignoré
D:\System Volume Information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\change.log L'objet est verrouillé ignoré
D:\film\DVD Audio Extractor 4.2.8+serial\dvdaudioextractor.exe L'objet est verrouillé ignoré
Analyse terminée.
en attente de tes conseils avises.
merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonsoir,
Tu as utilisé Combofix ?
Je te conseille Antivir (plus efficace).
Bon alors,
puisqu'on en est là,
désinstalle AVG depuis ajout/supp. de programmes.
Ensuite,
> Essaye d'installer Antivir : : ouvre ce lien, lis le tuto, télécharge Antivir et installe le
- Tu peux aussi télécharger Antivir ICI.
- Lance Antivir, fais les mises à jours, puis lance un scan (si des virus sont découverts, mets les en quarantaine. Si tu ne peux pas alors supprime les).
- A la fin du scan clique sur 'report', enregistre ce rapport sur le bureau (fichier => enregistrer sous), puis fait un copier/coller de ce rapport dans ton prochain message.
> Relance ton PC
> Dis-moi les résultats....et si ton PC vas mieux...
Si tu préfère conserver AVG, alors on passe à autre chose.
Dis-moi.
A+
Tu as utilisé Combofix ?
Je te conseille Antivir (plus efficace).
Bon alors,
puisqu'on en est là,
désinstalle AVG depuis ajout/supp. de programmes.
Ensuite,
> Essaye d'installer Antivir : : ouvre ce lien, lis le tuto, télécharge Antivir et installe le
- Tu peux aussi télécharger Antivir ICI.
- Lance Antivir, fais les mises à jours, puis lance un scan (si des virus sont découverts, mets les en quarantaine. Si tu ne peux pas alors supprime les).
- A la fin du scan clique sur 'report', enregistre ce rapport sur le bureau (fichier => enregistrer sous), puis fait un copier/coller de ce rapport dans ton prochain message.
> Relance ton PC
> Dis-moi les résultats....et si ton PC vas mieux...
Si tu préfère conserver AVG, alors on passe à autre chose.
Dis-moi.
A+
voila le rapport antivir
en parallele, encore des erreurs applications32 non valide, et ma connection internet tjs hs
Avira AntiVir Personal
Report file date: mercredi 25 juin 2008 00:31
Scanning for 1358316 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Windows XP
Username: pascal
Computer name: VALUED-12EF4461
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 22:25:20
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 22:25:22
ANTIVIR3.VDF : 7.0.5.3 2048 Bytes 24/06/2008 22:25:22
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 24/06/2008 22:26:52
AESCN.DLL : 8.1.0.22 119157 Bytes 24/06/2008 22:26:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/06/2008 22:26:44
AEPACK.DLL : 8.1.1.6 364918 Bytes 24/06/2008 22:26:30
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 24/06/2008 22:26:22
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 24/06/2008 22:26:12
AEHELP.DLL : 8.1.0.15 115063 Bytes 24/06/2008 22:25:44
AEGEN.DLL : 8.1.0.29 307573 Bytes 24/06/2008 22:25:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 24/06/2008 22:25:32
AECORE.DLL : 8.1.0.31 168310 Bytes 24/06/2008 22:25:26
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 25 juin 2008 00:31
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'lxdecoms.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\pascal\Bureau\SmitfraudFix.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.102
[NOTE] The file was moved to '48ca79ef.qua'!
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip
[0] Archive type: ZIP
--> Signer_eng.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was moved to '48c87a86.qua'!
C:\Documents and Settings\pascal\Bureau\SOFT SYMBIAN\20060619200338.sis
[DETECTION] Contains the SymbianOS virus SYMBOS/Drever.A
[NOTE] The file was moved to '48917b78.qua'!
C:\Program Files\NODouble\NODouble.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The file was moved to '48a57ee0.qua'!
C:\Program Files\KVT SoftWare\KVT Symbian Installer 2\KVT_Symbian_Installer_2.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The file was moved to '48b57f40.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000041.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f4a.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000042.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f4e.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000043.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f51.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000044.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f54.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000937.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.102
[NOTE] The file was moved to '48917f83.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000938.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The file was moved to '48917f88.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000939.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The file was moved to '48917f8b.qua'!
C:\Signer\XpressSigner_eng.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was moved to '48d37fe9.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48cf7fed.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c67fea.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c57ffb.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c67ffd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT to YouTube 1.1.0.7.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8009.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 2.0.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38009.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT to Zune 4.7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Genie 1.30.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash 4.1.0 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash Professional 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash SDK 4.0.0.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Key 8.0 build 2514.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash Standard 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Master 3.0.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Video Converter 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PSP Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare PSP Video Suite 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Quizcreator 2.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Rapid E-learning Suite 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8000.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Rapid E-learning Suite Standard 4.6.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir
[0] Archive type: ZIP
--> Wondershare Ripper Pack Platinum 3.0.19.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8011.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare RM Video Converter 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8010.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Scrapbook Studio 1.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter for Blackberry 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8012.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter for Mobile Phone 3.2.50.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ea.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter Platinum 3.2.53.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8013.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter Suite 3.2.53.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4eb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Presenter 1.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8014.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Apple TV Converter 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ec.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Audio Converter 3.2.50.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8015.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to DVD Burner 2.1.32.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Flash Encoder 2.4.81.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8016.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to iPod Converter 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to iRiver Converter 3.2.48.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8017.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to PSP Converter 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ef.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Walkman Converter 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8008.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Zune Converter 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare Walkman Video Suite 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8019.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare WebVideo Author 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8018.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir
[0] Archive type: ZIP
--> Wondershare WMV Movie Converter 3.2.41.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir
[0] Archive type: ZIP
--> Wondershare WMV to DVD Burner 2.1.30.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Xbox 360 Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube Downloader 1.1.26.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to iPhone Converter 1.1.23.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to iPod Converter 1.1.25.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to PSP Converter 1.1.23.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Zune Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Zune Video Suite 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir
[0] Archive type: ZIP
--> WonderWebWare CleanPage Template Shaker 2.3.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir
[0] Archive type: ZIP
--> WonderWebWare Duplicate Line Finder 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir
[0] Archive type: ZIP
--> WonderWebWare File Splitter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir
[0] Archive type: ZIP
--> WonderWebWare HTML to Script Converter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir
[0] Archive type: ZIP
--> Wonderwebware RTF to HTML Converter 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir
[0] Archive type: ZIP
--> WonderWebware Screen Capturer 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4d8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir
[0] Archive type: ZIP
--> WonderWebware Screen Ruler 3.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8021.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir
[0] Archive type: ZIP
--> WonderWebWare SiteMap Generator 0.94 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir
[0] Archive type: ZIP
--> Wondrous Works 1.0.6.2634.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8020.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir
[0] Archive type: ZIP
--> Woocha Clip Board 2.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08021.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir
[0] Archive type: ZIP
--> Wood Clips Graphics Collection 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir
[0] Archive type: ZIP
--> Wood Workshop 1.01.0574.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08023.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir
[0] Archive type: ZIP
--> Wooded Areas Screensaver 1.0.6.2634.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08022.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir
[0] Archive type: ZIP
--> Wooden Web 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4db.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir
[0] Archive type: ZIP
--> WoodenNet 2.18.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4dc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir
[0] Archive type: ZIP
--> Woodland Dreams Screensaver 4.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08025.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir
[0] Archive type: ZIP
--> Woodpecker Screensaver 1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4de.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir
[0] Archive type: ZIP
--> Woodrat Reader 0.3 Alpha.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08024.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir
[0] Archive type: ZIP
--> Woodstar Field Diary 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4dd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir
[0] Archive type: ZIP
--> Woodstock Personal Digital Server - Std. Edition 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08027.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir
[0] Archive type: ZIP
--> Woodworking Projects for Everyone 2.0.002.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir
[0] Archive type: ZIP
--> woodworm toolbox 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08026.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir
[0] Archive type: ZIP
--> woodworm toolbox pro 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4df.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir
[0] Archive type: ZIP
--> Woody Woodpecker Screensaver 2.4.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08018.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir
[0] Archive type: ZIP
--> Woofy 0.4.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08029.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir
[0] Archive type: ZIP
--> Woolamai Surf Cam 1.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir
[0] Archive type: ZIP
--> Woopra 1.1.0.4 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08028.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir
[0] Archive type: ZIP
--> Woot Vista Gadget 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir
[0] Archive type: ZIP
--> Woot Watcher 0.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir
[0] Archive type: ZIP
--> Woot! 2.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir
[0] Archive type: ZIP
--> Woot!Widget 1.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir
[0] Archive type: ZIP
--> WootAgent 2.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir
[0] Archive type: ZIP
--> Wootalyzer! 3.3.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir
[0] Archive type: ZIP
--> WootGadget 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir
[0] Archive type: ZIP
--> Wootificator 1.0.0.40100.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir
[0] Archive type: ZIP
--> wootSnoop 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir
[0] Archive type: ZIP
--> WOOWEB 2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48b0800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir
[0] Archive type: ZIP
--> WOOWEB-PRO 4.47.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4916d4f5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir
[0] Archive type: ZIP
--> Wopla - Woman's Planner 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d1802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir
[0] Archive type: ZIP
--> Wopti Utilities 7.81.8.408.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4977d4d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir
[0] Archive type: ZIP
--> Word - Language Analyzer 1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir
[0] Archive type: ZIP
--> Word 2 PDF 1.1.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir
[0] Archive type: ZIP
--> Word 2007 Password 1.0 Build 242.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4d7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir
[0] Archive type: ZIP
--> Word Advance Compressor 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir
[0] Archive type: ZIP
--> Word AutoPaster 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir
[0] Archive type: ZIP
--> Word Check 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38030.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir
[0] Archive type: ZIP
--> Word Cleaner 4.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir
[0] Archive type: ZIP
--> Word Color 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38031.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir
[0] Archive type: ZIP
--> Word Converter - Word to HTML 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ca.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir
[0] Archive type: ZIP
--> Word Correct Control 1.0.10.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38032.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir
[0] Archive type: ZIP
--> Word Count Machine 2.5.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir
[0] Archive type: ZIP
--> Word Counter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38033.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir
[0] Archive type: ZIP
--> Word Counter Widget 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Doc to PDF Batch Convert Multiple Files Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38035.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir
[0] Archive type: ZIP
--> Word Document Property Tool 7-09A.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38034.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir
[0] Archive type: ZIP
--> Word Dummy 4.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Extract Data & Text In Multiple Documents Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ce.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir
[0] Archive type: ZIP
--> Word Extractor 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38036.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir
[0] Archive type: ZIP
--> Word Finder 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cf.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir
[0] Archive type: ZIP
--> Word Finder Pro 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38028.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word FindReplacer 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38037.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word FontReplacer 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38038.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir
[0] Archive type: ZIP
--> Word Freqency Checker 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Frequency Count In Multiple Text & HTML Files Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Frequency Count Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38039.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir
[0] Archive type: ZIP
--> Word Fusion Beta 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir
[0] Archive type: ZIP
--> Word Generator 5.7.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word Highlighter 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir
[0] Archive type: ZIP
--> Word Hunt 2.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir
[0] Archive type: ZIP
--> Word Icon Library 3.10.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir
[0] Archive type: ZIP
--> Word Icons 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir
[0] Archive type: ZIP
--> Word Image Exporter 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Join Multiple Documents Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir
[0] Archive type: ZIP
--> Word Kards 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir
[0] Archive type: ZIP
--> Word Link 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4b8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir
[0] Archive type: ZIP
--> Word Link for MS Access 97 4.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38041.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Builder 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Creator 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Maker 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4d1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir
[0] Archive type: ZIP
--> Word Net 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ba.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir
[0] Archive type: ZIP
--> Word OCX 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38043.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir
[0] Archive type: ZIP
--> Word Of The Day 1.00.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38040.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir
[0] Archive type: ZIP
--> Word Password 10.1.6805.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4b9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 1.0M.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38042.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 2.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4bc.qua'!
Begin scan in 'D:\' <ACERDATA>
End of the scan: mercredi 25 juin 2008 01:23
Used time: 51:42 min
The scan has been done completely.
7936 Scanning directories
351873 Files were scanned
142 viruses and/or unwanted programs were found
4 Files were classified as suspicious:
0 files were deleted
0 files were repaired
146 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
351731 Files not concerned
11439 Archives were scanned
2 Warnings
146 Notes
a demain pour la suite...
merci
en parallele, encore des erreurs applications32 non valide, et ma connection internet tjs hs
Avira AntiVir Personal
Report file date: mercredi 25 juin 2008 00:31
Scanning for 1358316 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Windows XP
Username: pascal
Computer name: VALUED-12EF4461
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 22:25:20
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 22:25:22
ANTIVIR3.VDF : 7.0.5.3 2048 Bytes 24/06/2008 22:25:22
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 24/06/2008 22:26:52
AESCN.DLL : 8.1.0.22 119157 Bytes 24/06/2008 22:26:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/06/2008 22:26:44
AEPACK.DLL : 8.1.1.6 364918 Bytes 24/06/2008 22:26:30
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 24/06/2008 22:26:22
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 24/06/2008 22:26:12
AEHELP.DLL : 8.1.0.15 115063 Bytes 24/06/2008 22:25:44
AEGEN.DLL : 8.1.0.29 307573 Bytes 24/06/2008 22:25:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 24/06/2008 22:25:32
AECORE.DLL : 8.1.0.31 168310 Bytes 24/06/2008 22:25:26
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 25 juin 2008 00:31
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'IEXPLORE.EXE' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'lxdecoms.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
42 processes with 42 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\pascal\Bureau\SmitfraudFix.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.102
[NOTE] The file was moved to '48ca79ef.qua'!
C:\Documents and Settings\pascal\Bureau\GPS\Signer_eng.zip
[0] Archive type: ZIP
--> Signer_eng.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was moved to '48c87a86.qua'!
C:\Documents and Settings\pascal\Bureau\SOFT SYMBIAN\20060619200338.sis
[DETECTION] Contains the SymbianOS virus SYMBOS/Drever.A
[NOTE] The file was moved to '48917b78.qua'!
C:\Program Files\NODouble\NODouble.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The file was moved to '48a57ee0.qua'!
C:\Program Files\KVT SoftWare\KVT Symbian Installer 2\KVT_Symbian_Installer_2.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The file was moved to '48b57f40.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000041.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f4a.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000042.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f4e.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000043.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f51.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP0\A0000044.exe
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48917f54.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000937.exe
[DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.102
[NOTE] The file was moved to '48917f83.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000938.exe
[DETECTION] Contains suspicious code HEUR/Malware
[NOTE] The file was moved to '48917f88.qua'!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000939.exe
[DETECTION] Contains suspicious code HEUR/Crypted
[NOTE] The file was moved to '48917f8b.qua'!
C:\Signer\XpressSigner_eng.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was moved to '48d37fe9.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48cf7fed.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c67fea.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c57ffb.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was moved to '48c67ffd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to YouTube 1.1.0.7.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT to YouTube 1.1.0.7.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8009.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.6.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 2.0.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38009.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT to Zune 4.7.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT to Zune 4.7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Genie 1.30.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Genie 1.30.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash 4.1.0 Beta.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash 4.1.0 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Professional 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash Professional 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash SDK 4.0.0.5.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash SDK 4.0.0.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Key 8.0 build 2514.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Key 8.0 build 2514.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Flash Standard 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Flash Standard 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery Master 3.0.0.1.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery Master 3.0.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3800d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PPT2Video Converter 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PPT2Video Converter 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare PSP Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare PSP Video Suite 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare PSP Video Suite 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf800e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Quizcreator 2.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Quizcreator 2.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite 4.8.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Rapid E-learning Suite 4.8.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8000.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Rapid E-learning Suite Standard 4.6.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Rapid E-learning Suite Standard 4.6.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Ripper Pack Platinum 3.0.19.zip.vir
[0] Archive type: ZIP
--> Wondershare Ripper Pack Platinum 3.0.19.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8011.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare RM Video Converter 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare RM Video Converter 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8010.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Scrapbook Studio 1.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Scrapbook Studio 1.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Blackberry 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter for Blackberry 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8012.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter for Mobile Phone 3.2.50.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter for Mobile Phone 3.2.50.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ea.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Platinum 3.2.53.1.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter Platinum 3.2.53.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8013.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Converter Suite 3.2.53.1.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Converter Suite 3.2.53.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4eb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video Presenter 1.2.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Video Presenter 1.2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8014.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Apple TV Converter 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Apple TV Converter 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ec.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Audio Converter 3.2.50.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Audio Converter 3.2.50.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8015.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to DVD Burner 2.1.32.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to DVD Burner 2.1.32.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ed.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Flash Encoder 2.4.81.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Flash Encoder 2.4.81.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8016.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iPod Converter 3.2.51.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to iPod Converter 3.2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ee.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to iRiver Converter 3.2.48.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to iRiver Converter 3.2.48.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8017.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to PSP Converter 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to PSP Converter 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4ef.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Walkman Converter 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Walkman Converter 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8008.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Video to Zune Converter 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Video to Zune Converter 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Walkman Video Suite 3.2.49.zip.vir
[0] Archive type: ZIP
--> Wondershare Walkman Video Suite 3.2.49.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8019.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WebVideo Author 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare WebVideo Author 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8018.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV Movie Converter 3.2.41.zip.vir
[0] Archive type: ZIP
--> Wondershare WMV Movie Converter 3.2.41.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare WMV to DVD Burner 2.1.30.zip.vir
[0] Archive type: ZIP
--> Wondershare WMV to DVD Burner 2.1.30.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Xbox 360 Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Xbox 360 Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube Downloader 1.1.26.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube Downloader 1.1.26.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPhone Converter 1.1.23.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to iPhone Converter 1.1.23.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to iPod Converter 1.1.25.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to iPod Converter 1.1.25.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare YouTube to PSP Converter 1.1.23.zip.vir
[0] Archive type: ZIP
--> Wondershare YouTube to PSP Converter 1.1.23.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Slideshow 1.1.0.zip.vir
[0] Archive type: ZIP
--> Wondershare Zune Slideshow 1.1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondershare Zune Video Suite 3.2.52.zip.vir
[0] Archive type: ZIP
--> Wondershare Zune Video Suite 3.2.52.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare CleanPage Template Shaker 2.3.zip.vir
[0] Archive type: ZIP
--> WonderWebWare CleanPage Template Shaker 2.3.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare Duplicate Line Finder 1.0.zip.vir
[0] Archive type: ZIP
--> WonderWebWare Duplicate Line Finder 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4e6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare File Splitter 1.1.zip.vir
[0] Archive type: ZIP
--> WonderWebWare File Splitter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf801f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare HTML to Script Converter 1.1.zip.vir
[0] Archive type: ZIP
--> WonderWebWare HTML to Script Converter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wonderwebware RTF to HTML Converter 1.0.zip.vir
[0] Archive type: ZIP
--> Wonderwebware RTF to HTML Converter 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4f3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Capturer 2.0.zip.vir
[0] Archive type: ZIP
--> WonderWebware Screen Capturer 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4d8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebware Screen Ruler 3.0.zip.vir
[0] Archive type: ZIP
--> WonderWebware Screen Ruler 3.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8021.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WonderWebWare SiteMap Generator 0.94 Beta.zip.vir
[0] Archive type: ZIP
--> WonderWebWare SiteMap Generator 0.94 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4969d4da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wondrous Works 1.0.6.2634.zip.vir
[0] Archive type: ZIP
--> Wondrous Works 1.0.6.2634.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48cf8020.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woocha Clip Board 2.0.1.zip.vir
[0] Archive type: ZIP
--> Woocha Clip Board 2.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08021.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Clips Graphics Collection 2.0.zip.vir
[0] Archive type: ZIP
--> Wood Clips Graphics Collection 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4da.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wood Workshop 1.01.0574.zip.vir
[0] Archive type: ZIP
--> Wood Workshop 1.01.0574.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08023.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooded Areas Screensaver 1.0.6.2634.zip.vir
[0] Archive type: ZIP
--> Wooded Areas Screensaver 1.0.6.2634.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08022.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wooden Web 1.0.zip.vir
[0] Archive type: ZIP
--> Wooden Web 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4db.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WoodenNet 2.18.zip.vir
[0] Archive type: ZIP
--> WoodenNet 2.18.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4dc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodland Dreams Screensaver 4.5.zip.vir
[0] Archive type: ZIP
--> Woodland Dreams Screensaver 4.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08025.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodpecker Screensaver 1.zip.vir
[0] Archive type: ZIP
--> Woodpecker Screensaver 1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4de.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodrat Reader 0.3 Alpha.zip.vir
[0] Archive type: ZIP
--> Woodrat Reader 0.3 Alpha.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08024.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstar Field Diary 1.0.zip.vir
[0] Archive type: ZIP
--> Woodstar Field Diary 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4dd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodstock Personal Digital Server - Std. Edition 1.0.zip.vir
[0] Archive type: ZIP
--> Woodstock Personal Digital Server - Std. Edition 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08027.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woodworking Projects for Everyone 2.0.002.zip.vir
[0] Archive type: ZIP
--> Woodworking Projects for Everyone 2.0.002.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d0.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox 1.1.zip.vir
[0] Archive type: ZIP
--> woodworm toolbox 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08026.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\woodworm toolbox pro 1.1.zip.vir
[0] Archive type: ZIP
--> woodworm toolbox pro 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4df.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woody Woodpecker Screensaver 2.4.zip.vir
[0] Archive type: ZIP
--> Woody Woodpecker Screensaver 2.4.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08018.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woofy 0.4.2.zip.vir
[0] Archive type: ZIP
--> Woofy 0.4.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08029.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woolamai Surf Cam 1.0.0.zip.vir
[0] Archive type: ZIP
--> Woolamai Surf Cam 1.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woopra 1.1.0.4 Beta.zip.vir
[0] Archive type: ZIP
--> Woopra 1.1.0.4 Beta.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d08028.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Vista Gadget 1.1.zip.vir
[0] Archive type: ZIP
--> Woot Vista Gadget 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot Watcher 0.6.zip.vir
[0] Archive type: ZIP
--> Woot Watcher 0.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot! 2.1.zip.vir
[0] Archive type: ZIP
--> Woot! 2.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Woot!Widget 1.6.zip.vir
[0] Archive type: ZIP
--> Woot!Widget 1.6.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootAgent 2.5.zip.vir
[0] Archive type: ZIP
--> WootAgent 2.5.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootalyzer! 3.3.1.zip.vir
[0] Archive type: ZIP
--> Wootalyzer! 3.3.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WootGadget 1.2.zip.vir
[0] Archive type: ZIP
--> WootGadget 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wootificator 1.0.0.40100.zip.vir
[0] Archive type: ZIP
--> Wootificator 1.0.0.40100.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4976d4d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\wootSnoop 2.0.zip.vir
[0] Archive type: ZIP
--> wootSnoop 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d0802f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB 2.51.zip.vir
[0] Archive type: ZIP
--> WOOWEB 2.51.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48b0800c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\WOOWEB-PRO 4.47.zip.vir
[0] Archive type: ZIP
--> WOOWEB-PRO 4.47.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4916d4f5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopla - Woman's Planner 2.0.zip.vir
[0] Archive type: ZIP
--> Wopla - Woman's Planner 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d1802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Wopti Utilities 7.81.8.408.zip.vir
[0] Archive type: ZIP
--> Wopti Utilities 7.81.8.408.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4977d4d6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word - Language Analyzer 1.zip.vir
[0] Archive type: ZIP
--> Word - Language Analyzer 1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2 PDF 1.1.0.0.zip.vir
[0] Archive type: ZIP
--> Word 2 PDF 1.1.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word 2007 Password 1.0 Build 242.zip.vir
[0] Archive type: ZIP
--> Word 2007 Password 1.0 Build 242.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4d7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Advance Compressor 1.2.zip.vir
[0] Archive type: ZIP
--> Word Advance Compressor 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3802f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word AutoPaster 2.0.zip.vir
[0] Archive type: ZIP
--> Word AutoPaster 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Check 1.0.zip.vir
[0] Archive type: ZIP
--> Word Check 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38030.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Cleaner 4.0.1.zip.vir
[0] Archive type: ZIP
--> Word Cleaner 4.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Color 1.0.zip.vir
[0] Archive type: ZIP
--> Word Color 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38031.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Converter - Word to HTML 2.0.zip.vir
[0] Archive type: ZIP
--> Word Converter - Word to HTML 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ca.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Correct Control 1.0.10.zip.vir
[0] Archive type: ZIP
--> Word Correct Control 1.0.10.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38032.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Count Machine 2.5.0.0.zip.vir
[0] Archive type: ZIP
--> Word Count Machine 2.5.0.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cb.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter 1.1.zip.vir
[0] Archive type: ZIP
--> Word Counter 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38033.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Counter Widget 1.2.zip.vir
[0] Archive type: ZIP
--> Word Counter Widget 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cc.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Doc to PDF Batch Convert Multiple Files Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Doc to PDF Batch Convert Multiple Files Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38035.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Document Property Tool 7-09A.zip.vir
[0] Archive type: ZIP
--> Word Document Property Tool 7-09A.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38034.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Dummy 4.0.zip.vir
[0] Archive type: ZIP
--> Word Dummy 4.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cd.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extract Data & Text In Multiple Documents Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Extract Data & Text In Multiple Documents Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ce.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Extractor 1.1.zip.vir
[0] Archive type: ZIP
--> Word Extractor 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38036.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder 2.0.zip.vir
[0] Archive type: ZIP
--> Word Finder 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4cf.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Finder Pro 1.0.zip.vir
[0] Archive type: ZIP
--> Word Finder Pro 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38028.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FindReplacer 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word FindReplacer 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38037.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word FontReplacer 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word FontReplacer 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38038.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Freqency Checker 1.0.zip.vir
[0] Archive type: ZIP
--> Word Freqency Checker 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count In Multiple Text & HTML Files Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Frequency Count In Multiple Text & HTML Files Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803a.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Frequency Count Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Frequency Count Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38039.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Fusion Beta 1.1.zip.vir
[0] Archive type: ZIP
--> Word Fusion Beta 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c2.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Generator 5.7.2.zip.vir
[0] Archive type: ZIP
--> Word Generator 5.7.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803b.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Highlighter 1.0.1.zip.vir
[0] Archive type: ZIP
--> Word Highlighter 1.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c3.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Hunt 2.1.zip.vir
[0] Archive type: ZIP
--> Word Hunt 2.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c4.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icon Library 3.10.zip.vir
[0] Archive type: ZIP
--> Word Icon Library 3.10.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803d.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Icons 1.0.zip.vir
[0] Archive type: ZIP
--> Word Icons 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c6.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Image Exporter 1.2.zip.vir
[0] Archive type: ZIP
--> Word Image Exporter 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803c.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Join Multiple Documents Software 7.0.zip.vir
[0] Archive type: ZIP
--> Word Join Multiple Documents Software 7.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c5.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Kards 1.1.zip.vir
[0] Archive type: ZIP
--> Word Kards 1.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803f.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link 2.0.zip.vir
[0] Archive type: ZIP
--> Word Link 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4b8.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Link for MS Access 97 4.1.zip.vir
[0] Archive type: ZIP
--> Word Link for MS Access 97 4.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38041.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Builder 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Builder 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d3803e.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Creator 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Creator 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4c7.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word List Maker 1.0.zip.vir
[0] Archive type: ZIP
--> Word List Maker 1.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4d1.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Net 1.2.zip.vir
[0] Archive type: ZIP
--> Word Net 1.2.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4ba.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word OCX 2.0.zip.vir
[0] Archive type: ZIP
--> Word OCX 2.0.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38043.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Of The Day 1.00.zip.vir
[0] Archive type: ZIP
--> Word Of The Day 1.00.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38040.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password 10.1.6805.zip.vir
[0] Archive type: ZIP
--> Word Password 10.1.6805.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4b9.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 1.0M.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 1.0M.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '48d38042.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\pascal\Application Data\m\shared\Word Password Recovery 2.0.1.zip.vir
[0] Archive type: ZIP
--> Word Password Recovery 2.0.1.exe
[DETECTION] Is the Trojan horse TR/Agent.sad
[NOTE] The file was moved to '4975d4bc.qua'!
Begin scan in 'D:\' <ACERDATA>
End of the scan: mercredi 25 juin 2008 01:23
Used time: 51:42 min
The scan has been done completely.
7936 Scanning directories
351873 Files were scanned
142 viruses and/or unwanted programs were found
4 Files were classified as suspicious:
0 files were deleted
0 files were repaired
146 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
351731 Files not concerned
11439 Archives were scanned
2 Warnings
146 Notes
a demain pour la suite...
merci
Bonjour,
Bon,
c'est déjà ça de moins.
Alors,
on va repartir avec des outils propres :
> Télécharge ToolsCleaner : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/ sur ton bureau.
- Clique sur Recherche et laisse le scan agir ...
- Clique sur Suppression pour finaliser (ne te sers pas des Options facultatives)
- Clique sur Quitter pour obtenir le rapport et poste le dans ta réponse (TCleaner.txt se trouve à la racine de ton disque dur (C:\)).
- Supprime ToolsCleaner ensuite.
Puisque tu avais autant de virus, je te propose de refaire un scanne avec Antivir mais cette fois ci en mode sans échec.
Supprime tout ce qu'il trouve, si des éléments ne peuvent pas être supprimés alors mets les en quarantaine.
Poste aussi le rapport stp.
Avec un nouveau rapport HiJackT pour voir ce qu'il reste.
Bonne journée.
Bon,
c'est déjà ça de moins.
Alors,
on va repartir avec des outils propres :
> Télécharge ToolsCleaner : https://www.commentcamarche.net/telecharger/securite/22061-toolscleaner/ sur ton bureau.
- Clique sur Recherche et laisse le scan agir ...
- Clique sur Suppression pour finaliser (ne te sers pas des Options facultatives)
- Clique sur Quitter pour obtenir le rapport et poste le dans ta réponse (TCleaner.txt se trouve à la racine de ton disque dur (C:\)).
- Supprime ToolsCleaner ensuite.
Puisque tu avais autant de virus, je te propose de refaire un scanne avec Antivir mais cette fois ci en mode sans échec.
Supprime tout ce qu'il trouve, si des éléments ne peuvent pas être supprimés alors mets les en quarantaine.
Poste aussi le rapport stp.
Avec un nouveau rapport HiJackT pour voir ce qu'il reste.
Bonne journée.
volia les rapports...
TCLEANER
-->- Recherche:
C:\SDFIX: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\pascal\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\pascal\Bureau\EliBaglA.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\pascal\Bureau\virus\SdFix.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\virus\Clean.zip: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\pascal\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\pascal\Bureau\EliBaglA.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\virus\SdFix.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\virus\Clean.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\SDFIX: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\pascal\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
ANTIVIR
Avira AntiVir Personal
Report file date: mercredi 25 juin 2008 13:32
Scanning for 1358316 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Windows XP
Username: SYSTEM
Computer name: VALUED-12EF4461
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 22:25:20
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 22:25:22
ANTIVIR3.VDF : 7.0.5.3 2048 Bytes 24/06/2008 22:25:22
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 24/06/2008 22:26:52
AESCN.DLL : 8.1.0.22 119157 Bytes 24/06/2008 22:26:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/06/2008 22:26:44
AEPACK.DLL : 8.1.1.6 364918 Bytes 24/06/2008 22:26:30
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 24/06/2008 22:26:22
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 24/06/2008 22:26:12
AEHELP.DLL : 8.1.0.15 115063 Bytes 24/06/2008 22:25:44
AEGEN.DLL : 8.1.0.29 307573 Bytes 24/06/2008 22:25:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 24/06/2008 22:25:32
AECORE.DLL : 8.1.0.31 168310 Bytes 24/06/2008 22:25:26
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 25 juin 2008 13:32
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'lxdecoms.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000940.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was deleted!
Begin scan in 'D:\' <ACERDATA>
End of the scan: mercredi 25 juin 2008 14:26
Used time: 53:40 min
The scan has been done completely.
7906 Scanning directories
352654 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
352653 Files not concerned
11307 Archives were scanned
2 Warnings
1 Notes
HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:15, on 25/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
TCLEANER
-->- Recherche:
C:\SDFIX: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\pascal\Bureau\HijackThis.lnk: trouvé !
C:\Documents and Settings\pascal\Bureau\EliBaglA.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\HijackThis.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\SmitFraudfix: trouvé !
C:\Documents and Settings\pascal\Bureau\virus\SdFix.exe: trouvé !
C:\Documents and Settings\pascal\Bureau\virus\Clean.zip: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
---------------------------------
-->- Suppression:
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\pascal\Bureau\HijackThis.lnk: supprimé !
C:\Documents and Settings\pascal\Bureau\EliBaglA.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\HijackThis.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\virus\SdFix.exe: supprimé !
C:\Documents and Settings\pascal\Bureau\virus\Clean.zip: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\SDFIX: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\pascal\Bureau\SmitFraudfix: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
ANTIVIR
Avira AntiVir Personal
Report file date: mercredi 25 juin 2008 13:32
Scanning for 1358316 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Windows XP
Username: SYSTEM
Computer name: VALUED-12EF4461
Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 09:02:58
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 08:43:38
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 08:41:24
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 08:28:42
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 10:33:34
ANTIVIR1.VDF : 7.0.5.1 8182784 Bytes 24/06/2008 22:25:20
ANTIVIR2.VDF : 7.0.5.2 2048 Bytes 24/06/2008 22:25:22
ANTIVIR3.VDF : 7.0.5.3 2048 Bytes 24/06/2008 22:25:22
Engineversion : 8.1.0.59
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 09:58:22
AESCRIPT.DLL : 8.1.0.44 278907 Bytes 24/06/2008 22:26:52
AESCN.DLL : 8.1.0.22 119157 Bytes 24/06/2008 22:26:50
AERDL.DLL : 8.1.0.20 418165 Bytes 24/06/2008 22:26:44
AEPACK.DLL : 8.1.1.6 364918 Bytes 24/06/2008 22:26:30
AEOFFICE.DLL : 8.1.0.20 192891 Bytes 24/06/2008 22:26:22
AEHEUR.DLL : 8.1.0.32 1274231 Bytes 24/06/2008 22:26:12
AEHELP.DLL : 8.1.0.15 115063 Bytes 24/06/2008 22:25:44
AEGEN.DLL : 8.1.0.29 307573 Bytes 24/06/2008 22:25:42
AEEMU.DLL : 8.1.0.6 430451 Bytes 24/06/2008 22:25:32
AECORE.DLL : 8.1.0.31 168310 Bytes 24/06/2008 22:25:26
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 17:07:54
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 10:37:52
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:26:48
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 17:07:50
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 08:29:24
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 08:31:32
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 17:28:04
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 17:08:40
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 12:05:12
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 14:37:26
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 12:02:12
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: C:\Program Files\Avira\AntiVir PersonalEdition Classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: mercredi 25 juin 2008 13:32
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'mcrdsvc.exe' - '1' Module(s) have been scanned
Scan process 'fxssvc.exe' - '1' Module(s) have been scanned
Scan process 'eLockServ.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'lxdecoms.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'MemCheck.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan the registry.
The registry was scanned ( '58' files ).
Starting the file scan:
Begin scan in 'C:\' <ACER>
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP1\A0000940.exe
[DETECTION] Is the Trojan horse TR/Drop.Agent.qnx
[NOTE] The file was deleted!
Begin scan in 'D:\' <ACERDATA>
End of the scan: mercredi 25 juin 2008 14:26
Used time: 53:40 min
The scan has been done completely.
7906 Scanning directories
352654 Files were scanned
1 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
352653 Files not concerned
11307 Archives were scanned
2 Warnings
1 Notes
HIJACK
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:29:15, on 25/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avcenter.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Bonjour,
Alors,
Ton Norton tu le payes ?
En tous cas, on va le désinstaller puis après on verra (dis moi) :
Pour le désinstaller utilise ce lien : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
Ensuite,
depuis le début je doute de ce fichier : GPDownloadManager.exe
> Rends toi sur ce site virustotal et fais analyser le fichier suivant stp : (copie/colle la ligne dans le cadre "envoyé un fichier")
Si problème : http://pageperso.aol.fr/loraline60/virus_total.htm
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
et poste le résultat par copier/coller stp (ou le lien http, c'est plus rapide et mieux).
Pour finir :
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
Comment va le PC ? Ou en sont tes soucis ?
Dis moi aussi pour Norton.
Bon courage.
Alors,
Ton Norton tu le payes ?
En tous cas, on va le désinstaller puis après on verra (dis moi) :
Pour le désinstaller utilise ce lien : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20050414110429924
Ensuite,
depuis le début je doute de ce fichier : GPDownloadManager.exe
> Rends toi sur ce site virustotal et fais analyser le fichier suivant stp : (copie/colle la ligne dans le cadre "envoyé un fichier")
Si problème : http://pageperso.aol.fr/loraline60/virus_total.htm
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
et poste le résultat par copier/coller stp (ou le lien http, c'est plus rapide et mieux).
Pour finir :
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
Comment va le PC ? Ou en sont tes soucis ?
Dis moi aussi pour Norton.
Bon courage.
voila les rapports
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AntiVir 7.8.0.59 2008.06.26 -
Avast 4.8.1195.0 2008.06.26 -
AVG 7.5.0.516 2008.06.26 -
BitDefender 7.2 2008.06.26 -
CAT-QuickHeal 9.50 2008.06.26 -
ClamAV 0.93.1 2008.06.26 -
DrWeb 4.44.0.09170 2008.06.26 -
eSafe 7.0.17.0 2008.06.26 -
Ewido 4.0 2008.06.26 -
F-Secure 7.60.13501.0 2008.06.26 -
GData 2.0.7306.1023 2008.06.26 -
McAfee 5326 2008.06.26 -
Norman 5.80.02 2008.06.26 -
Panda 9.0.0.4 2008.06.26 -
Prevx1 V2 2008.06.27 -
Sophos 4.30.0 2008.06.26 -
Symantec 10 2008.06.27 -
VBA32 3.12.6.8 2008.06.26 -
Webwasher-Gateway 6.6.2 2008.06.26 -
Information additionnelle
File size: 163840 bytes
MD5...: 5a02925e879e6400a1eab847ab1c4cb6
SHA1..: 4dc0cbd3c52d5f1fa8083f69c336ce839441413b
SHA256: 60d604c621dc1c879e7a56513392067d585789e3f522fbc9708708af56e80d6f
SHA512: f595616246a1eb001993a2f03cfc5bb6e5bba248748234fcfe9629e3d974ee80
f4d08877745c299b01a7813f1dc55e180fd4ac66def7123d1caef0044d11c36e
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1102612e
timedatestamp.....: 0x46b7617a (Mon Aug 06 17:59:22 2007)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x2000 0x24134 0x25000 5.51 3a5345ac80fd91f368f21c5d8b24b0a5
.rsrc 0x28000 0x4a8 0x1000 1.23 9195cd58d96e301382d8aaf7ae14bf57
.reloc 0x2a000 0xc 0x1000 0.02 2a0786c18b01984befbb6b2e9e79d954
( 1 imports )
> mscoree.dll: _CorExeMain
( 0 exports )
kaspersky
Saturday, June 28, 2008 1:09:31 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 27/06/2008
Enregistrements dans la base antivirus Kaspersky : 790906
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 109117
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:04:14
Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_9b4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_7ec.dat L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{8AEAC47D-3293-498D-9C4F-5DA24BC6432D}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{1D7067DE-9F7C-4401-A504-0C9039FA043A}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\GalleryPlayer\Data\GP.mdb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\GalleryPlayer\Data\GP.ldb L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\MSHist012008062720080628\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\ePresentation.exe.e70224e9.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\Acer.Empowering.Framework.Launcher.exe.7c55249b.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\JETFE31.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\JET4387.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\Perflib_Perfdata_714.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\~DFCA64.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Cookies\index.dat L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP3\change.log L'objet est verrouillé ignoré
Analyse terminée.
voila j'attend la suite... ;-)
merci
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.
Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:
Antivirus Version Dernière mise à jour Résultat
AntiVir 7.8.0.59 2008.06.26 -
Avast 4.8.1195.0 2008.06.26 -
AVG 7.5.0.516 2008.06.26 -
BitDefender 7.2 2008.06.26 -
CAT-QuickHeal 9.50 2008.06.26 -
ClamAV 0.93.1 2008.06.26 -
DrWeb 4.44.0.09170 2008.06.26 -
eSafe 7.0.17.0 2008.06.26 -
Ewido 4.0 2008.06.26 -
F-Secure 7.60.13501.0 2008.06.26 -
GData 2.0.7306.1023 2008.06.26 -
McAfee 5326 2008.06.26 -
Norman 5.80.02 2008.06.26 -
Panda 9.0.0.4 2008.06.26 -
Prevx1 V2 2008.06.27 -
Sophos 4.30.0 2008.06.26 -
Symantec 10 2008.06.27 -
VBA32 3.12.6.8 2008.06.26 -
Webwasher-Gateway 6.6.2 2008.06.26 -
Information additionnelle
File size: 163840 bytes
MD5...: 5a02925e879e6400a1eab847ab1c4cb6
SHA1..: 4dc0cbd3c52d5f1fa8083f69c336ce839441413b
SHA256: 60d604c621dc1c879e7a56513392067d585789e3f522fbc9708708af56e80d6f
SHA512: f595616246a1eb001993a2f03cfc5bb6e5bba248748234fcfe9629e3d974ee80
f4d08877745c299b01a7813f1dc55e180fd4ac66def7123d1caef0044d11c36e
PEiD..: -
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1102612e
timedatestamp.....: 0x46b7617a (Mon Aug 06 17:59:22 2007)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x2000 0x24134 0x25000 5.51 3a5345ac80fd91f368f21c5d8b24b0a5
.rsrc 0x28000 0x4a8 0x1000 1.23 9195cd58d96e301382d8aaf7ae14bf57
.reloc 0x2a000 0xc 0x1000 0.02 2a0786c18b01984befbb6b2e9e79d954
( 1 imports )
> mscoree.dll: _CorExeMain
( 0 exports )
kaspersky
Saturday, June 28, 2008 1:09:31 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 27/06/2008
Enregistrements dans la base antivirus Kaspersky : 790906
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 109117
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:04:14
Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Media Ce.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_9b4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_7ec.dat L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Registration\{02D4B3F1-FD88-11D1-960D-00805FC79235}.{8AEAC47D-3293-498D-9C4F-5DA24BC6432D}.crmlog L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{1D7067DE-9F7C-4401-A504-0C9039FA043A}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\ModemLog_Agere Systems HDA Modem.txt L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\eHome\logs\ehRecvr.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\GalleryPlayer\Data\GP.mdb L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\GalleryPlayer\Data\GP.ldb L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Historique\History.IE5\MSHist012008062720080628\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\ePower_DMC.exe.3ca0acde.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\ePresentation.exe.e70224e9.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\ApplicationHistory\Acer.Empowering.Framework.Launcher.exe.7c55249b.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\JETFE31.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\JET4387.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\Perflib_Perfdata_714.dat L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Local Settings\temp\~DFCA64.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\pascal\Cookies\index.dat L'objet est verrouillé ignoré
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP3\change.log L'objet est verrouillé ignoré
Analyse terminée.
voila j'attend la suite... ;-)
merci
Salut,
Tu ne m'as pas répondu pour Norton.
As-tu un pare feu (autre que celui de Windows) ?
Et pour le PC ? Comment va-t-il ?
Peux-tu reposter un nouveau rapport HiJAckT stp ?
Puis on termine après si tout va bien.
A+
Tu ne m'as pas répondu pour Norton.
As-tu un pare feu (autre que celui de Windows) ?
Et pour le PC ? Comment va-t-il ?
Peux-tu reposter un nouveau rapport HiJAckT stp ?
Puis on termine après si tout va bien.
A+
bonjour
pour norton j'ai pas essayé de reinstaller...
en ce moment c'est antivir qui protege mon pc... dis moi si ca suffit...
le pc à l'air d'aller mieux mais j'ai encore qq soucis apparus en meme temps
impossible de visualier la liste des reseaux wifi disponibles avec windows alors que ca marche avec ma free et mon imprimante wifi
et le touch pad de mon acer qui deraille
as tu une idée.?
pour hijackthis je te le fais ce soir
merci
pour norton j'ai pas essayé de reinstaller...
en ce moment c'est antivir qui protege mon pc... dis moi si ca suffit...
le pc à l'air d'aller mieux mais j'ai encore qq soucis apparus en meme temps
impossible de visualier la liste des reseaux wifi disponibles avec windows alors que ca marche avec ma free et mon imprimante wifi
et le touch pad de mon acer qui deraille
as tu une idée.?
pour hijackthis je te le fais ce soir
merci
ok,
Je te conseille de conserver Antivir qui est tout aussi bien que Norton et plus léger. Si tu as acheté Norton (et que ce n'est pas une évaluation) alors utilise le.
Pour le pare feu :
Afin d'éviter les trojans... :
> Installe un pare feu :
- Je te conseille Kerio : http://www.commentcamarche.net/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Pour ton touch pad je pense qu'il faudrait que tu réinstalle le pilote. Sinon c'est un problème matériel (physique).
Pour le Wifi, dis moi si tu as quand même une connexion wifi.
Et pour le HJT ... bien : quand tu veux.
:-)
Je te conseille de conserver Antivir qui est tout aussi bien que Norton et plus léger. Si tu as acheté Norton (et que ce n'est pas une évaluation) alors utilise le.
Pour le pare feu :
Afin d'éviter les trojans... :
> Installe un pare feu :
- Je te conseille Kerio : http://www.commentcamarche.net/telecharger/telecharger 206 kerio . Si problème, tuto : https://kerio.probb.fr/
- Si tu as des difficultés avec les configuration de Kerio, alors installe Zone Alarme : /telecharger/telecharger-157-zonealarm, en cas de problème : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm
- Installe le nouveau pare-feu, puis désactive le pare-feu windows.
Pour ton touch pad je pense qu'il faudrait que tu réinstalle le pilote. Sinon c'est un problème matériel (physique).
Pour le Wifi, dis moi si tu as quand même une connexion wifi.
Et pour le HJT ... bien : quand tu veux.
:-)
j'ai reinstallé le pilote de mon touch pad et ca ne marche pas...(enfin c'est le defilement de la page avec le glissé qui ne fonctionne plus quand tu es dans une page web par exemple, et ce n'est pas un pb materiel)
pour le wifi, il fonctionne, je peux me connecter à internet et à mon imprimante wifi, mais je ne peux pas faire la recherche des reseaux wifi quand je fais clique droit sur l'icone en bas à droite dans la barre de tache et afficher reseaux
pour le reste je vais suivre tes recommandations pour le pare feu...
pour le wifi, il fonctionne, je peux me connecter à internet et à mon imprimante wifi, mais je ne peux pas faire la recherche des reseaux wifi quand je fais clique droit sur l'icone en bas à droite dans la barre de tache et afficher reseaux
pour le reste je vais suivre tes recommandations pour le pare feu...
Pour le touch pad : je ne sais pas ! Tu as peut être pas installé le bon pilote mais un qui le fait fonctionner quand même.
Pour le wifi tu peux peut être essayer de réinstaller le pilote aussi.
Sinon : je te conseille de créer une discussion sur le forum matériel / hardware...
;-)
Pour le wifi tu peux peut être essayer de réinstaller le pilote aussi.
Sinon : je te conseille de créer une discussion sur le forum matériel / hardware...
;-)
voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:59, on 28/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:31:59, on 28/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Bonsoir,
Tu n'as pas installé de pare feu ?
Tu devrais !
Ou en sont tes problèmes ?
Si c'est bon : on fini.
A+
Tu n'as pas installé de pare feu ?
Tu devrais !
Ou en sont tes problèmes ?
Si c'est bon : on fini.
A+
bonjour
pas eu le temps d'installer le pare feu que tu m'as preconisé....
mais je le ferai ce soir....
dis moi si je dois faire autre chose...
merci
bonne journée
pas eu le temps d'installer le pare feu que tu m'as preconisé....
mais je le ferai ce soir....
dis moi si je dois faire autre chose...
merci
bonne journée
Salut,
Oui : c'est pas fini (mais presque).
Je te conseille d'installer un pare feu....
Peux tu reposter un nouveau rapport HiJackT ?
Comment va le PC ?
Puis on termine.
Bonne journée.
Oui : c'est pas fini (mais presque).
Je te conseille d'installer un pare feu....
Peux tu reposter un nouveau rapport HiJackT ?
Comment va le PC ?
Puis on termine.
Bonne journée.
bonsoir.. ;desole je me suis absenté qq jours...
le pc va mieux... j'ai installé furewall plus qui à l'air de bein fonctionné...
voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:28:05, on 04/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\utilman.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
le pc va mieux... j'ai installé furewall plus qui à l'air de bein fonctionné...
voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:28:05, on 04/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PC Tools Firewall Plus\FWService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 4800 Series\lxdemon.exe
C:\Program Files\Lexmark 4800 Series\lxdeamon.exe
C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\utilman.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://support.norton.com/sp/fr/fr/home/current/solutions/v58540272?abproduct=LU&abversion=3.0.0.154&build=Symantec&ced=true&entsrc=CED_pubweb&error=1845&module=LU&src=_mi
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [LaunchAp] "C:\Program Files\Launch Manager\LaunchAp.exe"
O4 - HKLM\..\Run: [LManager] "C:\Program Files\Launch Manager\HotkeyApp.exe"
O4 - HKLM\..\Run: [CtrlVol] "C:\Program Files\Launch Manager\CtrlVol.exe"
O4 - HKLM\..\Run: [LMgrOSD] "C:\Program Files\Launch Manager\OSDCtrl.exe"
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe 0
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Acer\OrbiCam\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Acer\OrbiCam\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [lxdemon.exe] "C:\Program Files\Lexmark 4800 Series\lxdemon.exe"
O4 - HKLM\..\Run: [lxdeamon] "C:\Program Files\Lexmark 4800 Series\lxdeamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [GPClientMonitor] C:\Program Files\GalleryPlayer\Player\GPClientMonitor.exe
O4 - HKLM\..\Run: [GPDownloadManager] C:\Program Files\GalleryPlayer\Player\GPDownloadManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) - http://abonnement.aliceadsl.fr/configurateur/AccountHelper.cab
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - PC Tools - C:\Program Files\PC Tools Firewall Plus\FWService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
Bonjour,
Ok, très bien.
Alors,
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
Puis on termine si tu n'as plus de soucis.
A+
Ok, très bien.
Alors,
> Fais un scan en ligne avec Kaspersky : https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
N.B. : Le scan ne marche que sous Internet Explorer.
- Commence par connecter tout ton matériel de stockage à ton PC (clés USB, DD amovible...) si possible. Allume les si necessaire.
- Sous Démonstration en ligne, on t'explique la marche à suivre, et pour lancer le scan il faut sélectionner < Exécuter l'analyse en ligne >.
- On va te demander de télécharger un contrôle active x, accepte .
- Dans le menu < Choisissez la cible de l'analyse >, sélectionne < Poste de travail >. Le scan va commencer.
- Poste le rapport qui sera généré stp.
S'il y a un problème, assure toi que les contrôles active x sont bien configurés dans les options internet comme décrit sur ce lien : http://www.inoculer.com/activex.php3
Rappel : le scan est à faire sous Internet Explorer
Tuto ici si problème : http://www.vista-xp.fr/forum/topic109.html
Puis on termine si tu n'as plus de soucis.
A+
dois je le faire en mode sans echec si ca marche?
merci