Rapport de Nettoyage avec Hijackthis Fermé

Question

Bonjour,

Par avance merci.

Johnny:

Logfile of HijackThis v1.99.1
Scan saved at 12:48:18, on 04/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINXP\System32\smss.exe
C:\WINXP\system32\winlogon.exe
C:\WINXP\system32\services.exe
C:\WINXP\system32\lsass.exe
C:\WINXP\system32\svchost.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\system32\spoolsv.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINXP\System32\svchost.exe
C:\WINXP\Explorer.EXE
C:\WINXP\system32\wscntfy.exe
C:\WINXP\System32\svchost.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINXP\system32undll32.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vpc32.exe
C:\WINXP\pchealth\helpctr\binaries\helpctr.exe
C:\WINXP\system32\cmd.exe
C:\WINXP\system32\wuauclt.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\Laurence76\Local Settings\Temp\wz2682\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.imesh.com/intl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\PROGRA~1\eoRezo\EoAdv\EOREZO~1.DLL (file missing)
O3 - Toolbar: tllfrnwmqup - {45fdccbc-0506-4dca-84e6-4931491aa764} - C:\DOCUME~1\LAUREN~1\APPLIC~1\gstienssjy.dll
O3 - Toolbar: iMesh Bar - {014DA6C9-189F-421a-88CD-07CFE51CFF10} - C:\Program Files\MySearch\bar\1.bin\S4BAR.DLL
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [MoneyAgent] ""C:\Program Files\Microsoft Money\System\Money Express.exe""
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.00.0001.1203\en-us\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZS
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINXP\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINXP\System32\msjava.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS
ppdf32.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.7adpower.com/dialer/francia.exe
O16 - DPF: {084DAC27-6FA3-4F55-9005-033F2F102F5C} (ITPPDiagIE Class) - http://downloads.winwise.fr/Common/npwwg.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer Start) - http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.5.cab
O16 - DPF: {297F2B65-017C-11D5-A128-00D0B7869AD6} (SpectorPhotoUploader Control) - http://www.extrafilm.fr/fr/maxisafe/upload/SPU.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bundler/CAB/RealArcadeRdxIE.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7DDF470-6F94-41B3-A9C3-40A95A5EAD30}: NameServer = 212.27.32.5,213.228.0.168,213.203.124.145
O20 - Winlogon Notify: NavLogon - C:\WINXP\System32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINXP\SYSTEM32\WgaLogon.dll
O21 - SSODL: DCOM Server 2240 - {2C1CD3D7-86AC-4068-93BC-A02304BB2240} - C:\WINXP\system32\kxmh.dll
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Kristopher · Answer

Salut Johnny,

Un log HijackThis n'est pas un "Rapport de Nettoyage" mais un rapport permettant de visualiser globalement le contenu de ton PC et y voir éventuellement des infections.

Ceci dit, tu devras en fournir des rapports de nettoyage puisque ton PC est bien infecté...

Commence par te rendre sur cette page :

virus methode preliminaire de desinfection version fr

Et fais exactement ce qui est demandé :)

Et donne moi la version exacte de ton antivirus et firewall !

Courage,
Kristopher

silmarilseb · Answer

Salut à tous .
Je suis un peu craintif et surtout inexperimente alors qqun  peut-il me donner une réponse à ce rapport hijack ?Logfile of HijackThis v1.99.1
Scan saved at 23:59:08, on 04/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32
vsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\iecontroller_3\Internet Controller 3.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Neko98.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Sébastien COQUELET\Bureau\Sécurité\utilitaires désinfection\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1	ools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1	ools\iesdpb.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - c:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OBealsched.exe"  -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Startup: ICstarter.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxdm119YYFR
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1	ools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/safety-scanner-download
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Norton Internet Security\comHost.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus
avapsvc.exe
O23 - Service: Service Norton Protection Center (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - c:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe

J' ai bien essayé seul d'interpréter tout çà mais j'avoue qu'il me faut un peu plus d'expérience informatique !
Merci par avance !

Séb08 · Answer

slt silmarilseb,

Evite de squatter les post des autres...

Il serait préférable que tu fasses ton message personnel, cela rendra les postes plus compréhensibles et la réponse à ton problème sera plus efficace 
Procèdes comme ceci : 
http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

a+

Kristopher · Answer

Hey Johnny Castel, tu nous a déjà quitté ???

Merci Séb ;)

Johnny Castel · Answer

Bonjour Seb,

Susi en train de scanner mon propre DDur de 250 Go et Bit  Defender nettoie des choses depuis 2004 non recensé par Symantec (à jour)...

Le FW incriminé est XP SP2 et l'antivirus est du Symantec.

Par contre, mon fichier Hosts est constament modifié et tous les sites d'editeurs AV sont rajoutés avec l'ip de la boucle localhost 127.0.0.1

Voila, il reste 44 heures pour que Bit defender finisse....

Au plaisir,
Johnny

Séb08 · Answer

Et ?

Johnny Castel · Answer

Bonjour Seb,

Ma machine est clean, enfin, il parait clean. Celle de ma femme (initialement mon post içi reste infecté).

Voici les rapports à hier soir :

Scanned File
	

 Status

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280000.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280000.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280000.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280001.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03280001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03800002.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03800002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03800002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880000.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880000.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880000.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880001.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880002.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880003.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880003.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880003.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880004.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880004.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03880004.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940000.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940000.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940000.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940001.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940002.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940003.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940003.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940003.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940004.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940004.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03940004.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0001.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0007.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0007.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\039C0007.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00001.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00004.VBN=>(Quarantine-PE)
	

Infected with: Trojan.PWS.Sinowal.AS

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00004.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00004.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00005.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00005.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00005.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00006.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00006.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00006.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00007.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00007.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00007.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00008.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00008.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B00008.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40006.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40006.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40006.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40007.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40007.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B40007.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80001.VBN=>(Quarantine-PE)
	

Infected with: Generic.PWStealer.C7FFB9CA

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80002.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80003.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80003.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80003.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80004.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80004.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80004.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80005.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80005.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80005.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80006.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80006.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80006.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80007.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80007.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80007.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80008.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80008.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80008.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80009.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80009.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B80009.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000A.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000A.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000A.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000B.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000B.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03B8000B.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40000.VBN=>(Quarantine-PE)
	

Infected with: Trojan.PWS.Sinowal.AS

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40000.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40000.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40001.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40002.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03C40002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00002.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00003.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00003.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00003.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00004.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00004.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00004.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00005.VBN=>(Quarantine-PE)
	

Infected with: Generic.PWStealer.C7FFB9CA

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00005.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00005.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00006.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00006.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00006.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00007.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Proxy.Small.BO

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00007.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00007.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00008.VBN=>(Quarantine-PE)
	

Infected with: Generic.Malware.SP!dldPk!.20E05162

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00008.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\03D00008.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06C00000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Infected with: Trojan.Downloader.IstBar.OK

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06C00000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06C00000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06C00000.VBN=>(Quarantine-PE)=>(NSIS o)
	

Update failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06E80000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Infected with: Trojan.Downloader.IstBar.OK

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06E80000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06E80000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06E80000.VBN=>(Quarantine-PE)=>(NSIS o)
	

Update failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06EC0000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Infected with: Trojan.Downloader.IstBar.OK

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06EC0000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06EC0000.VBN=>(Quarantine-PE)=>(NSIS o)=>lzma_solid_nsis0004
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\06EC0000.VBN=>(Quarantine-PE)=>(NSIS o)
	

Update failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0000.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Downloader.Tiny.BK

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0000.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0000.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0001.VBN=>(Quarantine-PE)
	

Infected with: Trojan.Downloader.Tiny.BK

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0001.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0001.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0002.VBN=>(Quarantine-PE)
	

Infected with: Trojan.PWS.Sinowal.AR

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0002.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0002.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0003.VBN=>(Quarantine-PE)
	

Infected with: Trojan.PWS.Sinowal.AR

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0003.VBN=>(Quarantine-PE)
	

Disinfection failed

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus Corporate Edition\7.5\Quarantine\0F5C0003.VBN=>(Quarantine-PE)
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Infected with: Trojan.Agent.VG

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip=>p-zipped_file_data .pif
	

Infected with: Win32.Sober.G@mm

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip=>p-zipped_file_data .pif
	

Deleted

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip
	

Updated

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst
	

Updated

C:\okepkhhm.exe
	

Infected with: Trojan.Spy.Sheriff.C

C:\okepkhhm.exe
	

Disinfection failed

C:\okepkhhm.exe
	

Deleted

C:\partage\winzip9\patch.exe
	

Infected with: Trojan.Agent.VG

C:\partage\winzip9\patch.exe
	

Disinfection failed

C:\partage\winzip9\patch.exe
	

Deleted

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.exe
	

Infected with: Trojan.PWS.Sinowal.AP

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.exe
	

Disinfection failed

C:\Program Files\Fichiers communs\Microsoft Shared\Web Folders\ibm00002.exe
	

Deleted

C:\Program Files\Games\Shockwave\Blasterball 2\jvminstall.htm
	

Infected with: Trojan.Exploit.Html.Codebaseexec.CC

C:\Program Files\Games\Shockwave\Blasterball 2\jvminstall.htm
	

Disinfection failed

C:\Program Files\Games\Shockwave\Blasterball 2\jvminstall.htm
	

Deleted

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154196.exe
	

Infected with: Trojan.Downloader.Tiny.BK

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154196.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154196.exe
	

Delete failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154197.exe
	

Infected with: Trojan.PWS.Sinowal.AR

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154197.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154197.exe
	

Delete failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154198.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154198.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154198.exe
	

Deleted

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154199.exe
	

Infected with: Trojan.Spy.Sheriff.C

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154199.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154199.exe
	

Deleted

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154200.exe
	

Infected with: Trojan.Agent.VG

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154200.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154200.exe
	

Deleted

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154201.exe
	

Infected with: Trojan.PWS.Sinowal.AP

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154201.exe
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP560\A0154201.exe
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Tr:FW: How to install SP1 on Windows XP Pro Corp...][From: Jimmy Pierre]=>serial_installer.exe
	

Infected with: Trojan.Downloader.Swizzor.C

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Tr:FW: How to install SP1 on Windows XP Pro Corp...][From: Jimmy Pierre]=>serial_installer.exe
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: Tr:FW: How to install SP1 on Windows XP Pro Corp...][From: Jimmy Pierre]=>serial_installer.exe
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip=>p-zipped_file_data .pif
	

Infected with: Win32.Sober.G@mm

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip=>p-zipped_file_data .pif
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst=>[Subject: FwD: Illegal signs in E-Mail (Nr.:4118)][From: Info@wanadoo.fr]=>ReMailer_1522.doc.zip
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\outlook.pst
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Temp\Temporary Internet Files\Content.IE5\IX4701WR\exitpop[1].htm
	

Infected with: Trojan.Js.Noclose.A

C:	emp\Documents and Settings\Laurence76\Local Settings\Temp\Temporary Internet Files\Content.IE5\IX4701WR\exitpop[1].htm
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Temp\Temporary Internet Files\Content.IE5\IX4701WR\exitpop[1].htm
	

Deleted

C:\WINXP\system32\kxmh.dll
	

Infected with: DeepScan:Generic.Malware.SMw.BDB713CA

C:\WINXP\system32\kxmh.dll
	

Disinfection failed

C:\WINXP\system32\kxmh.dll
	

Delete failed

C:\WINXP\system32\NLNP!3.exe
	

Infected with: Dropped:Application.BHO.Ignet.A

C:\WINXP\system32\NLNP!3.exe
	

Disinfection failed

C:\WINXP\system32\NLNP!3.exe
	

Deleted

C:\yvobm.exe
	

Infected with: Trojan.Spy.Sheriff.C

C:\yvobm.exe
	

Disinfection failed

C:\yvobm.exe
	

Deleted

Ensuite
=====

Scanned File
	

 Status

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Infected with: Trojan.Agent.VG

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:\WINXP\system32\kxmh.dll
	

Infected with: DeepScan:Generic.Malware.SMw.BDB713CA

C:\WINXP\system32\kxmh.dll
	

Disinfection failed

C:\WINXP\system32\kxmh.dll
	

Delete failed

Et la finale
=======

Scanned File
	

 Status

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Infected with: Trojan.Agent.VG

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>patch.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Disinfection failed

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar=>crack.exe
	

Deleted

C:\Documents and Settings\Laurence76\Bureau\utlitaire\WinZip 9.0 .rar
	

Update failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Infected with: Trojan.Agent.VG

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Disinfection failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Deleted

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar
	

Update failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Disinfection failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Deleted

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar
	

Update failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP562\A0155319.dll
	

Infected with: DeepScan:Generic.Malware.SMw.BDB713CA

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP562\A0155319.dll
	

Disinfection failed

C:\System Volume Information\_restore{C00BA196-4496-4D65-8420-1CEDC2C3DDEF}\RP562\A0155319.dll
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:\WINXP\system32\pmxpnan.dll
	

Infected with: DeepScan:Generic.Malware.SMw.41478DC2

C:\WINXP\system32\pmxpnan.dll
	

Disinfection failed

C:\WINXP\system32\pmxpnan.dll
	

Deleted

Oops deuxieme scan hier soir
===================

BitDefender Online Scanner
	

 
	

 

Scan report generated at: Tue, Nov 07, 2006 - 21:34:04

 
	

 
	

 

Scan path: A:\;C:\;D:\;
	

 
	

 

 
	

 
	

 

Statistics

Time
	

01:55:50

Files
	

606784

Folders
	

9345

Boot Sectors
	

2

Archives
	

9352

Packed Files
	

62724
	

 
	

 

Results

Identified Viruses
	

2

Infected Files
	

3

Suspect Files
	

1

Warnings
	

0

Disinfected
	

0

Deleted Files
	

4
	

 
	

 

Engines Info

Virus Definitions
	

312756

Engine build
	

AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
	

13

Archive plugins
	

38

Unpack plugins
	

6

E-mail plugins
	

6

System plugins
	

1
	

 
	

 

Scan Settings

First Action
	

Disinfect

Second Action
	

Delete

Heuristics
	

Yes

Enable Warnings
	

Yes

Scanned Extensions
	

*;

Exclude Extensions
	

 

Scan Emails
	

Yes

Scan Archives
	

Yes

Scan Packed
	

Yes

Scan Files
	

Yes

Scan Boot
	

Yes
	

 
	

 
 

Scanned File
	

 Status

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Infected with: Trojan.Agent.VG

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Disinfection failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>patch.exe
	

Deleted

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar
	

Update failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Suspected of: BehavesLike:Trojan.Downloader

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Disinfection failed

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar=>crack.exe
	

Deleted

C:\RECYCLER\S-1-5-21-1214440339-507921405-854245398-1005\Dc1.rar
	

Update failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Detected with: Adware.CyDoor

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Disinfection failed

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)=>cd_htm.dll
	

Deleted

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026=>(ZIP Sfx s)
	

Updated

C:	emp\Documents and Settings\Laurence76\Local Settings\Application Data\Microsoft\Outlook\archive.pst=>[Subject: ][From: Laurence Seigneury]=>iMeshV3.exe=>wise0026
	

Update failed
	

 Voila, cher ami, il y a d'autres remèdes?

Au plaisir,
Johnny

Séb08 · Answer

ou en sont tes probs ?

Remet un log hijack 

a+

Rapport de Nettoyage avec Hijackthis

8 réponses

Discussions similaires