Trojan skintrim et ralentissement PC

Résolu
catavanana Messages postés 20 Statut Membre -  
catavanana Messages postés 20 Statut Membre -
Bonjour,

mon PC est infeté par un troyen SKNTRIM et je n'arive pas à m'en débarrasser, quelqu'un peut m'aider ?

Pour info, Win XP SP2 et Norton antivirus
Configuration: Windows XP
Internet Explorer 7.0

4 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    fait un scan avec bit defender free
    https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html

    si ca persiste

    colle un rapport hijackthis
    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html

    -----------------------
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Télécharger sur le bureau
    Navilog.zip
    = Double-Clic navilog1.zip
    = Extraire tout sur le bureau
    = Double-Clic navilog1 qui est sur le bureau
    = Appuyer sur une touche jusqu' arriver aux options
    = Choisir option 1

    un rapport : fixnavi.txt dans C : va se creer
    le copier/coller dans ton prochain message.

    = Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
    Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8, jusqu’à l’apparition des inscriptions avec choix de démarrage
    Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
    = Lance navilog1
    = Cette fois-ci choisi l'option 2
    = Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
    = Un rapport va être génrer sur ton C:\ qui sera en option 2
    Note: le bureau disparaît

    = Redémarre en mode normal et colle le contenu du rapport de navilog (qui est en option 2)

    ------------------------------------------
    puis cwshredder

    https://www.01net.com/

    --------------------------------------------------------

    utilise aussi pour supprimer tes traces

    CCLEANER: (lance un netoyage et repare les clés)
    https://www.01net.com/

    ensuite:

    scan avec des antiespions(en mode sans echec):

    spybot :

    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html

    ad aware
    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html

    si tout c'est bien passer redemarre en mode normal et desactive la restauration syteme pour purger les virus qui seraient dedans puis reactive là (dans DEMARRER puis TOUS LES PROGRAMMES puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION SYSTEME puis parametre)

    D/puis fait un scan en ligne avec un des suivants: et colle le rapport)

    bitdefender en ligne :
    http://www.bitdefender.fr/scan_fr/scan8/ie.html

    Panda en ligne :
    http://pandasoftware.fr

    kaspersky en ligne :
    https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    0
  2. catavanana Messages postés 20 Statut Membre
     
    Bonjour jlpjlp...

    je vais faire tous ça et coller ici les rapports...

    Merci
    0
  3. catavanana Messages postés 20 Statut Membre
     
    bonsoir jlpjlp,

    voici les différents logs demandés !

    Search Navipromo version 2.0.3 commencé le 19/06/2007 à 17:34:49,65

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Poster ce rapport sur le forum pour le faire analyser !!!
    !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

    Fix lancé depuis C:\Program Files\navilog1
    Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

    Executé en mode normal

    *** Recherche Programmes installes ***

    Clean Navipromo version 2.0.3 commencé le 19/06/2007 à 17:49:17,28

    Fix lancé depuis C:\Program Files\navilog1
    Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

    Mode suppression automatique avec prise en charge résultats Blacklight

    *** Creation backups fichiers trouvés par Blacklight ***

    Copie vers "C:\Program Files\navilog1\Backupnavi"

    *** Suppression des fichiers trouvés avec Blacklight ***

    ** 2ème passage **

    C:\WINDOWS\system32\xixqepukm_navup.dat absent !
    C:\WINDOWS\system32\xixqepukm_navtmp.dat absent !
    C:\WINDOWS\system32\xixqepukm_m2s.xml absent !

    C:\WINDOWS\system32\xixqepukm.dat trouvé !
    Copie C:\WINDOWS\system32\xixqepukm.dat réalise avec succes !
    C:\WINDOWS\system32\xixqepukm.dat supprimé !

    C:\WINDOWS\system32\xixqepukm_nav.dat trouvé !
    Copie C:\WINDOWS\system32\xixqepukm_nav.dat réalise avec succes !
    C:\WINDOWS\system32\xixqepukm_nav.dat supprimé !

    C:\WINDOWS\system32\xixqepukm_navps.dat trouvé !
    Copie C:\WINDOWS\system32\xixqepukm_navps.dat réalise avec succes !
    C:\WINDOWS\system32\xixqepukm_navps.dat supprimé !

    C:\WINDOWS\prefetch\xixqepukm*.pf trouvé !
    Copie C:\WINDOWS\prefetch\xixqepukm*.pf réalise avec succes !
    C:\WINDOWS\prefetch\xixqepukm*.pf supprimé !

    C:\WINDOWS\system32\xixqepukm.exe trouvé !
    Copie C:\WINDOWS\system32\xixqepukm.exe réalise avec succes !
    C:\WINDOWS\system32\xixqepukm.exe supprimé !

    *** Suppression dossiers dans C:\WINDOWS ***

    *** Suppression dossiers dans C:\Program Files ***

    *** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***

    *** Suppression dossiers dans C:\Documents and Settings\christophe\Application Data ***

    *** Suppression fichiers ***

    C:\WINDOWS\pack.epk supprimé !
    C:\WINDOWS\system32\nvs2.inf supprimé !

    *** Suppression fichiers temporaires ***

    Nettoyage contenu C:\WINDOWS\Temp effectué !
    Nettoyage contenu C:\Documents and Settings\christophe\Local Settings\Temp effectué !

    *** Sauvegarde du registre vers dossier Backupnavi***

    sauvegarde du registre réalise avec succes !

    *** Nettoyage registre ***

    Nettoyage registre Ok

    *** Traitement Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche fichiers connus:

    2)Recherche et Suppression Heuristique :

    *
    **
    ***
    ****
    *****
    ******
    *******
    ********

    3)Contrôle présence clés Rootkit dans le registre :

    Aucune autre clés présente dans le registre !

    *** Nettoyage termine le 19/06/2007 à 18:03:26,12 ***

    A priori plus de problèmes de trojan et plus de ralentissement : tout semble revenu ok !!

    Merciii , merci beaucoup jlpjlp

    *** Recherche dossiers dans C:\WINDOWS ***

    *** Recherche dossiers dans C:\Program Files ***

    *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

    *** Recherche dossiers dans C:\Documents and Settings\christophe\Application Data ***

    *** Recherche avec BlackLight Engine/F-secure ***
    BlackLight Engine est un produit de F-secure, pour + d'infos :
    https://www.f-secure.com/en

    Fichier(s) caché(s) dans C:\WINDOWS\system32 :

    Processus caché(s) dans C:\WINDOWS\system32 :

    C:\windows\system32\xixqepukm.exe

    *** Recherche fichiers ***

    C:\WINDOWS\pack.epk trouvé !
    C:\WINDOWS\system32\nvs2.inf trouvé !

    *** Recherche cles registre ***

    Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

    Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

    Recherche Clé Magic Control

    HKEY_CURRENT_USER\Software\Lanconfig trouvé !

    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche fichiers connus:

    2)Recherche Heuristique :
    *
    C:\WINDOWS\system32\xixqepukm.dat trouvé !
    **
    C:\WINDOWS\system32\xixqepukm.dat trouvé !
    ***
    ****
    *****
    ******
    *******
    ********

    *** Analyse Terminé le 19/06/2007 à 17:36:26,09 ***

    Logfile of HijackThis v1.99.1
    Scan saved at 17:32:31, on 19/06/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16473)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\cisvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE
    C:\WINDOWS\system32\dla\tfswctrl.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Softwin\BitDefender8\bdmcon.exe
    C:\Program Files\Softwin\BitDefender8\bdnagent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    C:\WINDOWS\system32\cidaemon.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\hijackthis\Hijackthis Version Française\hijackthis vf.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn3\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.EXE /P26 "EPSON Stylus CX3600 Series" /O6 "USB001" /M "Stylus CX3600"
    O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [VF0060 STISvc] RunDLL32.exe V0060Pin.dll,RunDLL32EP 513
    O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
    O4 - HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15026/CTSUEng.cab
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - https://driveragent.com/files/driveragent.cab
    O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15028/CTPID.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{90DD8107-A3F1-45E7-AF5D-24B8B1ABE374}: NameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F4CBA8B9-CDFB-43F3-855E-81913DA1AB65}: NameServer = 192.168.1.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Acer Media Server - Acer Inc. - C:\Program Files\acer\Acer eConsole\MediaServerService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    //-----------------------------------------------------------------
    //
    // Product: BitDefender 8 Free Edition
    // Version: 8.0
    //
    // Created on: 19/06/2007 15:14:14
    //
    //-----------------------------------------------------------------

    Statistics

    Scan path : C:\
    D:\
    Folders : 8009
    Files : 408848
    Archives : 9062
    Packed files : 13394
    Identified viruses : 15
    Infected files : 35
    Warnings : 0
    Suspect files : 0
    Disinfected files : 0
    Deleted files : 2
    Copied files : 0
    Moved files : 32
    Renamed files : 0
    I/O errors : 38
    Scan time : 01:51:08
    Scan speed (files/sec) : 61

    Virus definitions : 514307
    Scan plugins : 14
    Archive plugins : 38
    Unpack plugins : 6
    Mail plugins : 6
    System plugins : 1

    Scan options

    Detection
    [X] Scan boot sectors
    [X] Scan archives
    [X] Scan packed files
    [X] Scan email

    File mask
    [ ] Programs
    [X] All files
    [ ] User defined extensions:
    [ ] Exclude extensions: ;

    Action

    Infected objects
    [ ] Ignore
    [X] Disinfect
    [ ] Delete
    [ ] Copy to quarantine
    [ ] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Second action
    [ ] Ignore
    [ ] Delete
    [ ] Copy to quarantine
    [X] Move to quarantine
    [ ] Rename
    [ ] Prompt user

    Scan options
    [X] Enable warnings
    [X] Enable heuristics
    [ ] Show all files in log
    [X] Report file: vscan.log
    [ ] Append to existing report

    Summary:

    C:\Program Files\Norton AntiVirus\Quarantine\30DC3816.tmp=>(Quarantine-2) Infected Win32.Sober.Y@mm
    C:\Program Files\Norton AntiVirus\Quarantine\30DC3816.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\30DC3816.tmp=>(Quarantine-2)=>File-packed_dataInfo.exe Infected Win32.Sober.Y@mm
    C:\Program Files\Norton AntiVirus\Quarantine\30DC3816.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dl_=>(Quarantine-2) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dl_=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dl_ Moved
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dll=>(Quarantine-2) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dll=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.dll Moved
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\457C63D9.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\457F0DD5.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\457F0DD5.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\457F0DD5.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\27703976.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\27703976.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\27703976.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\02D314A4.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\02D314A4.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\02D314A4.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\458237D2.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\458237D2.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\458237D2.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\6D381775.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\6D381775.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\6D381775.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\2B1D23FB.exe=>(Quarantine-2) Infected GenPack:Trojan.Downloader.Swizzor.CB
    C:\Program Files\Norton AntiVirus\Quarantine\2B1D23FB.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\2B1D23FB.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\458661CE.exe=>(Quarantine-2) Infected Trojan.Lopad.K
    C:\Program Files\Norton AntiVirus\Quarantine\458661CE.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\458661CE.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\33017574.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\33017574.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\33017574.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\73FD3C2F.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\73FD3C2F.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\73FD3C2F.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\1A4A6518.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\1A4A6518.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\1A4A6518.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\79C12F37.exe=>(Quarantine-2) Infected GenPack:Trojan.Downloader.Swizzor.BO
    C:\Program Files\Norton AntiVirus\Quarantine\79C12F37.exe=>(Quarantine-2) Deleted
    C:\Program Files\Norton AntiVirus\Quarantine\7400662B.exe=>(Quarantine-2) Infected GenPack:Trojan.Downloader.Swizzor.DB
    C:\Program Files\Norton AntiVirus\Quarantine\7400662B.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\7400662B.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\60124317.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\60124317.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\60124317.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\220C3E8D.exe=>(Quarantine-2) Infected GenPack:Trojan.Swizzor.GI
    C:\Program Files\Norton AntiVirus\Quarantine\220C3E8D.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\220C3E8D.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\74031028.exe=>(Quarantine-2) Infected GenPack:Trojan.Downloader.Swizzor.CB
    C:\Program Files\Norton AntiVirus\Quarantine\74031028.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\74031028.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.exe=>(Quarantine-2) Infected Trojan.Dialer.IS
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\647351CB.exe=>(Quarantine-2) Infected Trojan.Dialer.IS
    C:\Program Files\Norton AntiVirus\Quarantine\647351CB.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\647351CB.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.tmp=>(Quarantine-2) Infected Trojan.Dialer.IS
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\2FCD639F.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\113D30DE.dl_=>(Quarantine-2) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\113D30DE.dl_=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\113D30DE.dl_ Moved
    C:\Program Files\Norton AntiVirus\Quarantine\11472ED3.dll=>(Quarantine-2) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\11472ED3.dll=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\11472ED3.dll Moved
    C:\Program Files\Norton AntiVirus\Quarantine\0461606B.tmp=>(Quarantine-2) Infected Generic.Zlob.FB44D61F
    C:\Program Files\Norton AntiVirus\Quarantine\0461606B.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\0461606B.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\1F890C88.exe=>(Quarantine-2) Infected Trojan.Zlob.1.Gen
    C:\Program Files\Norton AntiVirus\Quarantine\1F890C88.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\1F890C88.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\384F0D46.tmp=>(Quarantine-2) Infected Generic.Zlob.FB44D61F
    C:\Program Files\Norton AntiVirus\Quarantine\384F0D46.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\384F0D46.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\37FC20ED.exe=>(Quarantine-2) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\37FC20ED.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\37FC20ED.exe=>(Quarantine-2)=>(Embedded EXE o) Infected Trojan.Dialer.FU
    C:\Program Files\Norton AntiVirus\Quarantine\37FC20ED.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\13C16EF4.dll=>(Quarantine-2) Infected Trojan.Spy.Delf.AR
    C:\Program Files\Norton AntiVirus\Quarantine\13C16EF4.dll=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\13C16EF4.dll Moved
    C:\Program Files\Norton AntiVirus\Quarantine\05E96205.exe=>(Quarantine-2) Infected Win32.Worm.P2P.Puce.G
    C:\Program Files\Norton AntiVirus\Quarantine\05E96205.exe=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\05E96205.exe Moved
    C:\Program Files\Norton AntiVirus\Quarantine\6E8F49E5.tmp=>(Quarantine-2) Infected Java.Trojan.Exploit.Bytverify
    C:\Program Files\Norton AntiVirus\Quarantine\6E8F49E5.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\6E8F49E5.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\6E9373E1.tmp=>(Quarantine-2) Infected Java.Trojan.ClassLoader.K
    C:\Program Files\Norton AntiVirus\Quarantine\6E9373E1.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\6E9373E1.tmp Moved
    C:\Program Files\Norton AntiVirus\Quarantine\7BD72981.tmp=>(Quarantine-2) Infected Java.Trojan.ClassLoader.K
    C:\Program Files\Norton AntiVirus\Quarantine\7BD72981.tmp=>(Quarantine-2) Disinfection failed
    C:\Program Files\Norton AntiVirus\Quarantine\7BD72981.tmp Moved

    Ad-Aware 2007 Build
    Log File Created on: 2007-06-19 19:03:01
    Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
    Computer name: ACER-73356C3771
    Name of user performing scan: SYSTEM

    System information
    ===========================
    Number of processors: 1
    Processor type: AMD Sempron(tm) Processor 3000+
    Memory Available: 45%
    Total Physical Memory: 469221376 Bytes
    Available Physical Memory: 210829312 Bytes
    Total Page File Size: 1105461248 Bytes
    Available On Page File: 928677888 Bytes
    Total Virtual Memory: 2147352576 Bytes
    Available Virtual Memory: 1990746112 Bytes
    OS: Microsoft Windows XP Service Pack 2 (Build 2600)

    Ad-Aware 2007 Settings
    ===========================
    Skipping files larger than 1048576 kB
    Ignoring infections with lower TAI than: 3

    Extended Ad-Aware 2007 Settings
    ===========================
    Unloading known modules during scan
    Ignoring spanned files when scanning cab archives
    Scanning registry for all users
    Using permanent archive caching
    Reanalyzing results after scanning before displaying results
    Trying to unload modules prior to removal
    Let Windows remove files currently in use at next reboot
    Removing quarantined objects after restore
    Logging Ad-Aware events
    Blocking Pop-Ups aggressively
    Deactivating Ad-Watch during scans
    Writeprotecting system files after repairs
    Including Ad-aware command line parameters in log file
    Include info about ignored objects in log file
    Including basic settings in log file
    Including advanced settings in log file
    Including user and computer name in log file
    Include reference summary in log file
    Creating log file for removal operations
    Including module info in log file
    Include Alternate Data Stream details in log file
    Create and save WebUpdate log file

    Databaseinfo
    ===========================
    Version number: 4
    Build Number: 0
    Build Date and Time: 2007/06/19 09:31:50

    Scan Statistics
    ===========================
    Method: Full
    Scan tracking cookies.............................: On
    Scan ADS filestreams..............................: Off

    Item Scanned: 357365
    Infections Detected: 9
    Infections Ignored: 0

    Scan detailed statistics
    ===========================
    Type Critical Total
    Process Scan....: 0 0
    Registry Scan...: 2 2
    Registry PE Scan: 0 0
    Hosts File Scan.: 0 0
    File Scan.......: 0 0
    Folder Scan.....: 0 0
    LSP Scan........: 0 0
    ADS Scan........: 0 0
    Cookie Scan.....: 6 6
    File Hash Scan..: 0 0

    Infections Found
    ===========================
    Family Id: 926 Name: Win32.Spyware.Acoona Category: Spyware TAI:7
    Item Id: 300018719 Value: Root: HKCR Path: clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}
    Item Id: 300018734 Value: Root: HKLM Path: software\wise solutions\wise installation system\repair\c:/program files/accoona/install1.log
    Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3
    Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com uid /
    Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com vuday1 /
    Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com pv1 /
    Item Id: 600000460 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com ih /
    Item Id: 600000142 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat estat.com e /
    Item Id: 600000000 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat zedo.com PCA319390 /
    Family Id: 9999 Name: MRU Object Category: MRU Object TAI:0
    Item Id: 1 Value: MRU Path: C:\Documents and Settings\christophe\Recent Count: 1

    Items Ignored During Scan
    ===========================

    Listing of running processes
    ===========================
    C:\WINDOWS\SYSTEM32\SMSS.EXE
    c:\windows\system32\smss.exe

    c:\windows\system32\ntdll.dll

    C:\WINDOWS\SYSTEM32\CSRSS.EXE
    c:\windows\system32\csrss.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\csrsrv.dll

    c:\windows\system32\basesrv.dll

    c:\windows\system32\winsrv.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\sxs.dll

    C:\WINDOWS\SYSTEM32\WINLOGON.EXE
    c:\windows\system32\winlogon.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\nddeapi.dll

    c:\windows\system32\profmap.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\regapi.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\msgina.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\odbc32.dll

    c:\windows\system32\comdlg32.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\odbcint.dll

    c:\windows\system32\shsvcs.dll

    c:\windows\system32\sfc.dll

    c:\windows\system32\sfc_os.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\winmm.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\program files\superantispyware\saswinlo.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\cscdll.dll

    c:\windows\system32\wlnotify.dll

    c:\windows\system32\winscard.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winspool.drv

    c:\windows\system32\mpr.dll

    c:\windows\system32\wgalogon.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\cscui.dll

    c:\windows\system32\msacm32.drv

    c:\windows\system32\msacm32.dll

    c:\windows\system32\imaadp32.acm

    c:\windows\system32\msadp32.acm

    c:\windows\system32\msg711.acm

    c:\windows\system32\msgsm32.acm

    c:\windows\system32\tssoft32.acm

    c:\windows\system32\tsd32.dll

    c:\windows\system32\msg723.acm

    c:\windows\system32\msaud32.acm

    c:\windows\system32\sl_anet.acm

    c:\windows\system32\iac25_32.ax

    c:\windows\system32\l3codeca.acm

    c:\windows\system32\sirenacm.dll

    c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll

    c:\windows\system32\lhacm.acm

    c:\windows\system32\vdk32119.acm

    c:\windows\system32\mobilev.acm

    c:\windows\system32\scg726.acm

    c:\windows\system32\alf2cd.acm

    c:\windows\system32\ac3acm.acm

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\xpsp2res.dll

    C:\WINDOWS\SYSTEM32\SERVICES.EXE
    c:\windows\system32\services.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\scesrv.dll

    c:\windows\system32\authz.dll

    c:\windows\system32\umpnpmgr.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\ncobjapi.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acadproc.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\version.dll

    c:\windows\system32\eventlog.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\wtsapi32.dll

    C:\WINDOWS\SYSTEM32\LSASS.EXE
    c:\windows\system32\lsass.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\lsasrv.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\samsrv.dll

    c:\windows\system32\cryptdll.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\msprivs.dll

    c:\windows\system32\kerberos.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\netlogon.dll

    c:\windows\system32\w32time.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\schannel.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\wdigest.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\scecli.dll

    c:\windows\system32\setupapi.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\rpcss.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\wtsapi32.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\msv1_0.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\rpcss.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\hnetcfg.dll

    c:\windows\system32\wshtcpip.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\rasadhlp.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
    c:\program files\lavasoft\ad-aware 2007\aawservice.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\program files\lavasoft\ad-aware 2007\ceapi.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\program files\lavasoft\ad-aware 2007\update.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\apphelp.dll

    c:\windows\system32\mswsock.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winrnr.dll

    c:\windows\system32\rasadhlp.dll

    C:\PROGRAM FILES\GRISOFT\AVG ANTI-SPYWARE 7.5\GUARD.EXE
    c:\program files\grisoft\avg anti-spyware 7.5\guard.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\program files\grisoft\avg anti-spyware 7.5\engine.dll

    c:\windows\system32\shfolder.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\version.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    C:\WINDOWS\SYSTEM32\SVCHOST.EXE
    c:\windows\system32\svchost.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\ntmarta.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\cryptsvc.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\certcli.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\cryptui.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\esent.dll

    c:\windows\system32\wbem\wmisvc.dll

    c:\windows\system32\vssapi.dll

    c:\windows\system32\srsvc.dll

    c:\windows\system32\powrprof.dll

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\pchealth\helpctr\binaries\pchsvc.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\wbem\wbemcore.dll

    c:\windows\system32\msvcp60.dll

    c:\windows\system32\wbem\esscli.dll

    c:\windows\system32\wbem\wbemcomn.dll

    c:\windows\system32\wbem\fastprox.dll

    c:\windows\system32\ntdsapi.dll

    c:\windows\system32\dnsapi.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\wbem\wmiutils.dll

    c:\windows\system32\wbem\repdrvfs.dll

    c:\windows\system32\wbem\wmiprvsd.dll

    c:\windows\system32\ncobjapi.dll

    c:\windows\system32\wbem\wbemess.dll

    c:\windows\system32\rsaenh.dll

    c:\windows\system32\wbem\ncprov.dll

    C:\WINDOWS\EXPLORER.EXE
    c:\windows\explorer.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\browseui.dll

    c:\windows\system32\shdocvw.dll

    c:\windows\system32\crypt32.dll

    c:\windows\system32\msasn1.dll

    c:\windows\system32\cryptui.dll

    c:\windows\system32\wintrust.dll

    c:\windows\system32\imagehlp.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\wininet.dll

    c:\windows\system32\normaliz.dll

    c:\windows\system32\iertutil.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\cscui.dll

    c:\windows\system32\cscdll.dll

    c:\windows\system32\themeui.dll

    c:\windows\system32\secur32.dll

    c:\windows\system32\msimg32.dll

    c:\windows\system32\xpsp2res.dll

    c:\windows\system32\msutb.dll

    c:\windows\system32\msctf.dll

    c:\progra~1\window~2\wmpband.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\linkinfo.dll

    c:\windows\system32\ntshrui.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\msi.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\ieframe.dll

    c:\windows\system32\psapi.dll

    c:\windows\system32\netshell.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\credui.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\winsta.dll

    c:\windows\system32\urlmon.dll

    c:\windows\system32\mlang.dll

    c:\windows\system32\rsaenh.dll

    c:\program files\openoffice.org 2.1\program\shlxthdl.dll

    c:\program files\openoffice.org 2.1\program\uwinapi.dll

    c:\program files\openoffice.org 2.1\program\msvcr71.dll

    c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

    c:\program files\openoffice.org 2.1\program\stlport_vc7145.dll

    c:\program files\openoffice.org 2.1\program\msvcp71.dll

    c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll

    c:\windows\system32\drprov.dll

    c:\windows\system32\ntlanman.dll

    c:\windows\system32\netui0.dll

    c:\windows\system32\netui1.dll

    c:\windows\system32\netrap.dll

    c:\windows\system32\davclnt.dll

    C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE
    c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe

    c:\windows\system32\ntdll.dll

    c:\windows\system32\kernel32.dll

    c:\windows\system32\user32.dll

    c:\windows\system32\gdi32.dll

    c:\windows\system32\shimeng.dll

    c:\windows\apppatch\acgenral.dll

    c:\windows\system32\advapi32.dll

    c:\windows\system32\rpcrt4.dll

    c:\windows\system32\winmm.dll

    c:\windows\system32\ole32.dll

    c:\windows\system32\msvcrt.dll

    c:\windows\system32\oleaut32.dll

    c:\windows\system32\msacm32.dll

    c:\windows\system32\version.dll

    c:\windows\system32\shell32.dll

    c:\windows\system32\shlwapi.dll

    c:\windows\system32\userenv.dll

    c:\windows\system32\uxtheme.dll

    c:\windows\system32\imm32.dll

    c:\windows\system32\lpk.dll

    c:\windows\system32\usp10.dll

    c:\windows\system32\serwvdrv.dll

    c:\windows\system32\umdmxfrm.dll

    c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

    c:\windows\system32\comctl32.dll

    c:\windows\system32\comdlg32.dll

    c:\windows\system32\ws2_32.dll

    c:\windows\system32\ws2help.dll

    c:\windows\system32\inetmib1.dll

    c:\windows\system32\iphlpapi.dll

    c:\windows\system32\snmpapi.dll

    c:\windows\system32\wsock32.dll

    c:\windows\system32\mprapi.dll

    c:\windows\system32\activeds.dll

    c:\windows\system32\adsldpc.dll

    c:\windows\system32\netapi32.dll

    c:\windows\system32\wldap32.dll

    c:\windows\system32\atl.dll

    c:\windows\system32\rtutils.dll

    c:\windows\system32\samlib.dll

    c:\windows\system32\setupapi.dll

    c:\windows\system32\mpr.dll

    c:\windows\system32\apphelp.dll

    c:\windows\system32\msctfime.ime

    c:\windows\system32\clbcatq.dll

    c:\windows\system32\comres.dll

    c:\windows\system32\olepro32.dll

    c:\windows\system32\secur32.dll

    End of Scan Section
    ===========================

    Cleaned Infections
    ===========================
    Root: HKCR Path: clsid\{f80c1d93-0d22-436e-963e-9d3156997a4e}, Belonging to Win32.Spyware.Acoona
    Root: HKLM Path: software\wise solutions\wise installation system\repair\c:/program files/accoona/install1.log, Belonging to Win32.Spyware.Acoona

    End of Cleaned Infections
    ===========================

    Cleaned Infections
    ===========================
    Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com uid /, Belonging to Tracking Cookie
    Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com vuday1 /, Belonging to Tracking Cookie
    Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com pv1 /, Belonging to Tracking Cookie
    Browser: Internet Explorer Cookie: C:\Documents and Settings\cécile\Cookies\index.dat ad.yieldmanager.com ih /, Belonging to Tracking Cookie
    MRU Path: C:\Documents and Settings\christophe\Recent Count: 1, Belonging to MRU Object

    End of Cleaned Infections
    ===========================
    0
  4. catavanana Messages postés 20 Statut Membre
     
    Tout semble être revenu ok !!

    merci beaucoup jlpjlp
    0