Tech Support Forum banner
Cancel

Posts by tubwood

Jump to Latest Follow
Status
Not open for further replies.
1 - 4 of 8 Posts
T

· Registered
Joined
·
5 Posts
Discussion Starter · #1 ·
I have some problem with windows opening each time I go on internet with the title ~http://fp.pc-on-internet.com. I tried many things but no result so far. I have a hijackthis log file if you want to see.

Can someone help me please!!
Thx

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:10:40, on 2007-11-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\iPod\bin\iPodService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Documents and Settings\Administrateur\Bureau\HiJackThis_v2.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?pr...11095567540000000115056708432&version=g_4.4.2
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "D:\Quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: TruePass EPF 7,0,100,730 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9FB41C30-E6E4-11D4-8378-0050DA19EB7F} (Calendar Control) - https://infoservices.cum.qc.ca/CalendarProj1.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

--
End of file - 10500 bytes
 
T

· Registered
Joined
·
5 Posts
Discussion Starter · #3 ·
Thank you very much for helping me Aaflac. I made all you said and here are the results

/////fixnavi.txt//////

Search Navipromo version 3.3.4 began on 2007-09-08 at 10:02:02,90

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Updated on 02.11.2007 at 12h00 by IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Version Internet Explorer : 6.0.2900.2180

Done in normal mode

*** Searching for installed Software ***




*** Search folders in C:\WINDOWS ***



*** Search folders in C:\Program Files ***



*** Search folders in C:\Documents and Settings\All Users\Application Data ***




*** Search folders in C:\Documents and Settings\Administrateur\Application Data ***


*** Search folders in C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

No file found in :

- C:\WINDOWS\system32
- C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1



*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in C:\WINDOWS\system32 *

* Scan in C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1 *

Files found :

mukmnpe.exe found !



*** Search files ***




*** Search specific Registry keys ***

HKEY_CURRENT_USER\Software\Lanconfig found !

*** Complementary Search ***
(Search specific files)

1)Search known files:

2)Heuristic Search :



3)Certificates Search :

Egroup certificate found !


*** Search completed on 2007-09-08 at 10:03:19,42 ***


///// Combofix.txt/////

ComboFix 07-11-08.1 - Administrateur 2007-09-08 10:06:04.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.192 [GMT -4:00]
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\Documents and Settings\Administrateur\Local Settings\Application Data\mukmnpe.dat
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mukmnpe.exe
C:\Documents and Settings\Administrateur\Local Settings\Application Data\mukmnpe_nav.dat
c:\Documents and Settings\Administrateur\Local Settings\Application Data\mukmnpe_navps.dat
C:\Program Files\screensavers.com
C:\Program Files\screensavers.com\Installer\bin\iebyterange.xml
C:\Program Files\screensavers.com\Installer\bin\iebyterange.xml.backup
C:\Program Files\screensavers.com\Installer\bin\siuninst.exe
C:\Program Files\screensavers.com\Installer\temp\dm10.tmp
C:\Program Files\screensavers.com\Wallpaper\swpstart.exe
C:\WINDOWS\system32\MabryObj.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-08 to 2007-11-08 ))))))))))))))))))))))))))))))))))))
.

2007-10-30 07:33 <REP> d-------- C:\WINDOWS\report
2007-10-30 07:32 <REP> d-------- C:\WINDOWS\AU_Backup
2007-10-30 07:32 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-10-30 07:32 267,845 --a------ C:\WINDOWS\tsc.exe
2007-10-30 07:32 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-10-30 07:32 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-10-30 07:25 <REP> d-------- C:\WINDOWS\AU_Temp
2007-10-30 07:25 <REP> d-------- C:\WINDOWS\AU_Log
2007-10-30 07:24 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-10-30 07:24 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-10-30 07:24 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-10-10 03:13 584,192 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-03 14:54 --------- d-----w C:\Program Files\Edgar3
2007-11-03 11:22 --------- d-----w C:\Program Files\Norton Internet Security
2007-10-17 12:33 --------- d-----w C:\Program Files\Symantec
2007-09-08 14:04 --------- d-----w C:\Program Files\Navilog1
2007-09-08 13:56 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2005-08-27 14:44 17,144 ----a-w C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2002-10-11 18:26]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" []
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe" [2006-05-16 16:50]
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-02-21 15:29]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-09-22 19:00]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-10-14 09:46]
"QuickTime Task"="D:\Quicktime\qttask.exe" [2006-10-25 18:58]
"iTunesHelper"="D:\iTunes\iTunesHelper.exe" [2006-10-30 09:36]
"KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 15:44]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 12:24]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvMediaCenter"="C:\WINDOWS\System32\NVMCTRAY.DLL" [2003-08-29 11:44]
"OM_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe" [2006-05-16 16:51]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

R1 GhPciScan;GhostPciScanner;\??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique;"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
R3 ICAM3NT5;Intel(r) PC Camera CS331;C:\WINDOWS\system32\Drivers\ICAM3D2.SYS
R3 NPDriver;Norton Unerase Protection Driver;\??\C:\WINDOWS\System32\Drivers\NPDRIVER.SYS
S3 ASUSHWIO;ASUSHWIO;\??\C:\WINDOWS\System32\drivers\ASUSHWIO.sys
S3 SDdriver;SDdriver;\??\C:\WINDOWS\System32\Drivers\sddriver.sys

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-09-05 23:58:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-09-08 00:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Administrateur.job"
- C:\PROGRA~1\NORTON~2\NORTON~1\Navw32.exe
"2007-09-07 21:30:00 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
"2007-09-08 04:00:00 C:\WINDOWS\Tasks\Symantec Drmc.job"
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-08 10:10:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-08 10:22:42 - machine was rebooted
.
--- E O F ---

/////hijackthis log//////////

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:44, on 2007-11-08
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
D:\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = dynhost.inetcam.com;register.inetcam.com;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "D:\Quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe -NoStart
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: TruePass EPF 7,0,100,730 - https://blrscr3.egs-seg.gc.ca/applets/entrusttruepassapplet-epf.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52...pple.com/mickey/fr/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {9FB41C30-E6E4-11D4-8378-0050DA19EB7F} (Calendar Control) - https://infoservices.cum.qc.ca/CalendarProj1.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - D:\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 8649 bytes

Thx again, I wait for your reply!!
Tubwood
 
T

· Registered
Joined
·
5 Posts
Discussion Starter · #5 ·
Here's the report with the Kaspersky Online Scanner :

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Friday, November 09, 2007 12:55:00 PM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 9/11/2007
Kaspersky Anti-Virus database records: 455426
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 38892
Number of viruses found: 14
Number of infected objects: 94
Number of suspicious objects: 0
Duration of the scan process: 00:31:42

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\Administrateur\Bureau\Navilog1\Navilog1.exe/file7 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Administrateur\Bureau\Navilog1\Navilog1.exe Inno: infected - 1 skipped
C:\Documents and Settings\Administrateur\Bureau\Navilog1.zip/Navilog1.exe/file7 Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Administrateur\Bureau\Navilog1.zip/Navilog1.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Administrateur\Bureau\Navilog1.zip ZIP: infected - 2 skipped
C:\Documents and Settings\Administrateur\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Administrateur\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Administrateur\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2007-11-09_Log.ALUSchedulerSvc.LiveUpdate Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Log.txt Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\AntiSpam\Log\Spam.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SPPolicy.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SPStart.log Object is locked skipped
C:\Program Files\Fichiers communs\Symantec Shared\SPStop.log Object is locked skipped
C:\Program Files\Navilog1\reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\00485DE3.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\004B07DF.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\02BB7397.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\02BE02F7.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\04A42D93.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06752AB6.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0BE13E0B.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0C4C5CAA.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0EB34A30.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0F956B95.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\11545F9B.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\16015DAC.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\170C2A13.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\173A5CC7.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\19925697.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1CFD592F.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1CFD592F.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1D8839A9.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1E0776AC.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21CD6C3D.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2285652F.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\24221432.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2984468A.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2A5F625D.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2AD47BB5.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2AD47BB5.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2AD725B1.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2D6A6B9B.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2DDE41D2.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2E9E1A14.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2FB45576.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\31307082.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34346FEE.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\343719EB.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\34EF15D7.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\361510C0.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\383506FB.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\38481B5A.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\385300DB.dll Infected: not-a-virus:AdWare.Win32.Comet.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3C4E3CD4.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\40385669.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\42CE1C43.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\44064D20.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\446477D2.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\446721CE.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\456652B3.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\45B86B5E.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\46625AF1.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4FD63511.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\56896E22.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\59266ED2.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5A9C1531.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5EFA4291.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\627275A5.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\63A94E43.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\63BC2E1A.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\63BC2E1A.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\65733EA3.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\66421347.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\66566477.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\66663665.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\66DC4438.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\670768C5.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\681663D2.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6DED1948.tmp Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E751AD4.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6FA353FE.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\70684324.tmp Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74713C34.tmp Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\799B163C.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7B052701.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7B1F3DF2.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7F0223D4.Vir Infected: Exploit.Win32.MS04-028.gen skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EAF1023.class Infected: Trojan.Java.ClassLoader.Dummy.e skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EB33A1F.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EB33A1F.exe Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EB33A1F.php Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0EBC3815.class Infected: Trojan.Java.ClassLoader.h skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0F0E51BB.htm Infected: Trojan-Downloader.VBS.Psyme.j skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1D6A21CC Infected: Virus.Win32.Nsag.b skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\26EA16AD.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AAC5E35.class Infected: Trojan.Java.ClassLoader.d skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\54771190.htm Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\62AA33D2.htm Infected: Exploit.HTML.Mht skipped
C:\quarantine\00000006.DAT.Vir Object is locked skipped
C:\quarantine\download1148893709251468.dat.Vir Object is locked skipped
C:\quarantine\oleext32.dll.Vir Object is locked skipped
C:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{44E95F8C-4204-4AC0-B1F9-B64DFEC5FCB9}\RP682\change.log Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\mIRC\backup\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
D:\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
D:\Programmes importants\mirc616.exe/data0001.bin Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
D:\Programmes importants\mirc616.exe mIRC: infected - 1 skipped
D:\RECYCLER\NPROTECT\NPROTECT.LOG Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

Scan process completed.
 
1 - 4 of 8 Posts
Status
Not open for further replies.
About this Discussion
7 Replies
2 Participants
Last post:
Aaflac
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top