Possible infection
Résolu
seven-up
Messages postés
37
Date d'inscription
Statut
Membre
Dernière intervention
-
seven-up Messages postés 37 Date d'inscription Statut Membre Dernière intervention -
seven-up Messages postés 37 Date d'inscription Statut Membre Dernière intervention -
Bonjour,
lorsque 'allume mon ordinateur norton m'indique qu'il a bloqué un trojan. J'avais deja qlq probleme, explorer qui buggait etc.
J'ai fait quelque analyses et suppressions mais j'aimerais etre sur que je ne cours plus de danger ^^
voila le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:42, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Bapt\Bureau\Optimisation\Nettoyage\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\RunServices: [Windows Live Care.exe] WindowsLiveCare.exe
O4 - HKLM\..\RunServices: [DRam prosessor] msconfig.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: start.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Choisir comme avatar pour &Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photoservice.com/aurigma/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
lorsque 'allume mon ordinateur norton m'indique qu'il a bloqué un trojan. J'avais deja qlq probleme, explorer qui buggait etc.
J'ai fait quelque analyses et suppressions mais j'aimerais etre sur que je ne cours plus de danger ^^
voila le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:42, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Bapt\Bureau\Optimisation\Nettoyage\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\RunServices: [Windows Live Care.exe] WindowsLiveCare.exe
O4 - HKLM\..\RunServices: [DRam prosessor] msconfig.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: start.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Choisir comme avatar pour &Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photoservice.com/aurigma/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
A voir également:
- Possible infection
- Infection pc ✓ - Forum Virus
- [Pnkbstra]infection ✓ - Forum Virus
- Infection virus ✓ - Forum Virus
- Infection Bloom ? ✓ - Forum Virus
- Techscam...infection ✓ - Forum Virus
6 réponses
*Télécharge Ad-Aware:https://www.commentcamarche.net/telecharger/ 83 ad aware 2007 free c'est un antispyware.Tiens le tutoriel https://forums.cnetfrance.fr fais une analyse compléte en mode sans echec.
*Puis désinstalle tous tes antivirus si ils sont "gratuit" puis télécharge AntiVir https://www.01net.com/ aussi le tutoriel https://www.malekal.com/avira-free-security-antivirus-gratuit/ Voila aprés avoir fait l'analyse avec Ad-Aware tu fais pareil avec AntiVir en mode sans echec.N'oublies pas de le mettre a jour.
*Puis installe HiJackThis https://www.01net.com/ . prend le premier choix.
PS:N'oublies pas de poster chaque rapport s'il te plait.
*Puis désinstalle tous tes antivirus si ils sont "gratuit" puis télécharge AntiVir https://www.01net.com/ aussi le tutoriel https://www.malekal.com/avira-free-security-antivirus-gratuit/ Voila aprés avoir fait l'analyse avec Ad-Aware tu fais pareil avec AntiVir en mode sans echec.N'oublies pas de le mettre a jour.
*Puis installe HiJackThis https://www.01net.com/ . prend le premier choix.
PS:N'oublies pas de poster chaque rapport s'il te plait.
Merci de m'apporter ton aide
Rapport antivir : en 2 partie parceque la premiere fois il etait partie dans les fichiers de quarantaine de norton donc je l'ai arreter j'ai supprimé touc ces fichiers et je l'ai relance :
AntiVir PersonalEdition Classic
Report file date: dimanche 6 avril 2008 15:05
Scanning for 1181591 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Bapt
Computer name: PC-568A7716A3F2
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:48:56
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 12:48:56
ANTIVIR3.VDF : 7.0.3.122 195072 Bytes 05/04/2008 12:48:56
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 06/04/2008 12:48:57
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/04/2008 12:48:57
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: L:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 6 avril 2008 15:05
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
9 processes with 9 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'K:\'
[NOTE] No virus was found!
Boot sector 'L:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\WindowsLiveCare.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.1471488
[INFO] A backup was created as '4866cafe.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\WINDOWS\system32\WindowsLiveCare.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.1471488
The registry was scanned ( '23' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003AFF-0000-0000-60AA-EB64BEFB6A60}\DATA.CAB
[0] Archive type: CAB (Microsoft)
--> RESOURCE9
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '484ccb00.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00454892.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccbbd.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01927A31.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4831cbc6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01AA2A87.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cbc8.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03136A1D.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Bargains.1 Backdoor server programs
[INFO] The file was moved to '4829cbce.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03C541F6.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbd2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04220717.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acbd7.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\043359F2.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482bcbd8.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08CB7C83.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbe1.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B4C544A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B5A2C53.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '482dcbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0BA629E6.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cbf0.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0CDB7A5C.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbf2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0E1C4BFF.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4829cbf6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F557DF4.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482dcbf9.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0FBB73FC.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acbfa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10B76B4D.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acbe5.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13C83855.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbec.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13CB6251.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4999e94d.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13CF0C4E.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbed.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D2364A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbed.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D56046.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ee94e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D80A43.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbee.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13DC343F.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ee94f.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13DF5E3C.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E20838.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf0.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E53235.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499fe951.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E95C31.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13EC062D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf1.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13EF302A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499fe952.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F35A26.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf3.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F60423.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf4.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F92E1F.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ce955.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13FC581B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf5.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14000218.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbf6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14032C14.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbf7.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14065611.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1409000D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfb.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\140D2A09.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfc.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14105406.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbfc.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14137E02.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbfd.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\141627FF.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '498be95e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\141A51FB.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbff.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\170B207B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cc03.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18B1547B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc06.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18B41F48.dll
[DETECTION] Contains detection pattern of the dial-up program DIAL/301054
[INFO] The file was moved to '483acc07.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19B027D5.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc09.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19B77BCE.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4998eeaa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19BA25CA.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19BD4FC7.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4998eeab.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19C079C3.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1AE539F3.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcc13.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B015286.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B4B2FFB.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B6075DB.exe
[DETECTION] Contains detection pattern of the dropper DR/Shelled.Gen
[INFO] The file was moved to '482ecc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1BB22602.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc16.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1E2C7276.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acc19.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\221140C2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cc06.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\222C786A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acc07.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D567E2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc08.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23551656
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482dcc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23AC3622.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4839cc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23C93001.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4999eeab.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\246F3EC6.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc0c.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\267675F2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482fcc0e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26DC6BF9.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc0f.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\270C0FF4.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4828cc10.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27426201.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2762212D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D14AE5.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29F539DE.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2C6C166E.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc20.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DA27CC1.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cc22.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FC228E0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '483bcc26.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31150BDA.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\326C27F8.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32CA4FF7.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32D21DFF.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33010D31.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4828cc17.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\338C686A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4830cc17.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34AF6D47.exe
[WARNING] The file could not be opened!
End of the scan: dimanche 6 avril 2008 15:12
Used time: 07:49 min
The scan has been canceled!
766 Scanning directories
30871 Files were scanned
80 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
1 files were deleted
0 files were repaired
81 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
30791 Files not concerned
2706 Archives were scanned
2 Warnings
0 Notes
###################################
2eme partie
###################################
AntiVir PersonalEdition Classic
Report file date: dimanche 6 avril 2008 15:13
Scanning for 1181591 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Bapt
Computer name: PC-568A7716A3F2
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:48:56
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 12:48:56
ANTIVIR3.VDF : 7.0.3.122 195072 Bytes 05/04/2008 12:48:56
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 06/04/2008 12:48:57
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/04/2008 12:48:57
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: L:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 6 avril 2008 15:13
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'K:\'
[NOTE] No virus was found!
Boot sector 'L:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\utilisateur\Mes documents\Downloads\Nero 8 Ultra Edition CrackFuLLL.rar
[0] Archive type: RAR
--> Nero 8 Ultra Edition CrackFuLLL.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[WARNING] The file was ignored!
C:\WINDOWS\Media\csrss.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/VB.cyy Backdoor server programs
[INFO] The file was moved to '486ad86f.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd5437.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <Part2>
End of the scan: dimanche 6 avril 2008 16:10
Used time: 57:34 min
The scan has been canceled!
15177 Scanning directories
422375 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
422373 Files not concerned
7173 Archives were scanned
4 Warnings
0 Notes
######################################################################
Rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:40, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Bapt\Bureau\Optimisation\Nettoyage\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunServices: [DRam prosessor] msconfig.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: start.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Choisir comme avatar pour &Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photoservice.com/aurigma/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: StarOpen - Avira GmbH - (no file)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
Rapport antivir : en 2 partie parceque la premiere fois il etait partie dans les fichiers de quarantaine de norton donc je l'ai arreter j'ai supprimé touc ces fichiers et je l'ai relance :
AntiVir PersonalEdition Classic
Report file date: dimanche 6 avril 2008 15:05
Scanning for 1181591 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Bapt
Computer name: PC-568A7716A3F2
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:48:56
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 12:48:56
ANTIVIR3.VDF : 7.0.3.122 195072 Bytes 05/04/2008 12:48:56
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 06/04/2008 12:48:57
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/04/2008 12:48:57
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Local Hard Disks
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: L:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 6 avril 2008 15:05
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
9 processes with 9 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'K:\'
[NOTE] No virus was found!
Boot sector 'L:\'
[NOTE] No virus was found!
Starting to scan the registry.
C:\WINDOWS\system32\WindowsLiveCare.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.1471488
[INFO] A backup was created as '4866cafe.qua' ( QUARANTINE )
[INFO] The file was deleted!
C:\WINDOWS\system32\WindowsLiveCare.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.1471488
The registry was scanned ( '23' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Quarantine\{00003AFF-0000-0000-60AA-EB64BEFB6A60}\DATA.CAB
[0] Archive type: CAB (Microsoft)
--> RESOURCE9
[DETECTION] Contains suspicious code HEUR/Crypted
[INFO] The file was moved to '484ccb00.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\00454892.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccbbd.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01927A31.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4831cbc6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\01AA2A87.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cbc8.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03136A1D.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Bargains.1 Backdoor server programs
[INFO] The file was moved to '4829cbce.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\03C541F6.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbd2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\04220717.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acbd7.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\043359F2.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482bcbd8.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\08CB7C83.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbe1.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B4C544A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B5A2C53.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '482dcbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0BA629E6.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cbf0.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0CDB7A5C.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbf2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0E1C4BFF.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4829cbf6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0F557DF4.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482dcbf9.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0FBB73FC.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acbfa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\10B76B4D.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acbe5.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13C83855.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbec.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13CB6251.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4999e94d.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13CF0C4E.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcbed.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D2364A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbed.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D56046.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ee94e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13D80A43.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbee.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13DC343F.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ee94f.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13DF5E3C.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccbef.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E20838.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf0.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E53235.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499fe951.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13E95C31.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf2.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13EC062D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcbf1.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13EF302A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499fe952.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F35A26.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf3.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F60423.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf4.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13F92E1F.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '499ce955.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\13FC581B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecbf5.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14000218.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbf6.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14032C14.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbf7.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14065611.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1409000D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfb.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\140D2A09.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cbfc.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14105406.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbfc.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14137E02.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbfd.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\141627FF.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '498be95e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\141A51FB.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cbff.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\170B207B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cc03.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18B1547B.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc06.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\18B41F48.dll
[DETECTION] Contains detection pattern of the dial-up program DIAL/301054
[INFO] The file was moved to '483acc07.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19B027D5.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc09.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19B77BCE.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4998eeaa.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19BA25CA.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19BD4FC7.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4998eeab.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\19C079C3.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1AE539F3.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483dcc13.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B015286.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4828cc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B4B2FFB.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1B6075DB.exe
[DETECTION] Contains detection pattern of the dropper DR/Shelled.Gen
[INFO] The file was moved to '482ecc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1BB22602.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483acc16.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\1E2C7276.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acc19.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\221140C2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cc06.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\222C786A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482acc07.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D567E2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc08.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23551656
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482dcc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23AC3622.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4839cc0a.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\23C93001.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4999eeab.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\246F3EC6.exe
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc0c.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\267675F2.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482fcc0e.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\26DC6BF9.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc0f.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\270C0FF4.exe
[DETECTION] Contains detection pattern of the worm WORM/Rbot.174080
[INFO] The file was moved to '4828cc10.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\27426201.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ccc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2762212D.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D14AE5.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29F539DE.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ecc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2C6C166E.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc20.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2DA27CC1.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4839cc22.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2FC228E0.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '483bcc26.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\31150BDA.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4829cc11.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\326C27F8.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '482ecc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32CA4FF7.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483bcc14.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\32D21DFF.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '483ccc15.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\33010D31.exe
[DETECTION] Is the Trojan horse TR/Dldr.Swizzor.Gen
[INFO] The file was moved to '4828cc17.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\338C686A.tmp
[DETECTION] Contains detection pattern of the worm WORM/Alcra.B
[INFO] The file was moved to '4830cc17.qua'!
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\34AF6D47.exe
[WARNING] The file could not be opened!
End of the scan: dimanche 6 avril 2008 15:12
Used time: 07:49 min
The scan has been canceled!
766 Scanning directories
30871 Files were scanned
80 viruses and/or unwanted programs were found
1 Files were classified as suspicious:
1 files were deleted
0 files were repaired
81 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
30791 Files not concerned
2706 Archives were scanned
2 Warnings
0 Notes
###################################
2eme partie
###################################
AntiVir PersonalEdition Classic
Report file date: dimanche 6 avril 2008 15:13
Scanning for 1181591 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Bapt
Computer name: PC-568A7716A3F2
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 12:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 11:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 14:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 11:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 13:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 12:48:56
ANTIVIR2.VDF : 7.0.3.85 434176 Bytes 27/03/2008 12:48:56
ANTIVIR3.VDF : 7.0.3.122 195072 Bytes 05/04/2008 12:48:56
AVEWIN32.DLL : 7.6.0.81 3424768 Bytes 06/04/2008 12:48:57
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 09:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 06:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 12:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/04/2008 12:48:57
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 06:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 11:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 06:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 10:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 11:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 11:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 08:37:21
Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: L:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: dimanche 6 avril 2008 15:13
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'AAWTray.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
11 processes with 11 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'E:\'
[NOTE] No virus was found!
Boot sector 'K:\'
[NOTE] No virus was found!
Boot sector 'L:\'
[NOTE] No virus was found!
Starting to scan the registry.
The registry was scanned ( '22' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\utilisateur\Mes documents\Downloads\Nero 8 Ultra Edition CrackFuLLL.rar
[0] Archive type: RAR
--> Nero 8 Ultra Edition CrackFuLLL.exe
[DETECTION] Is the Trojan horse TR/Dropper.Gen
[WARNING] The file was ignored!
C:\WINDOWS\Media\csrss.exe
[DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/VB.cyy Backdoor server programs
[INFO] The file was moved to '486ad86f.qua'!
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
C:\WINDOWS\system32\drivers\sptd5437.sys
[WARNING] The file could not be opened!
Begin scan in 'E:\' <Part2>
End of the scan: dimanche 6 avril 2008 16:10
Used time: 57:34 min
The scan has been canceled!
15177 Scanning directories
422375 Files were scanned
2 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
1 files were moved to quarantine
0 files were renamed
3 Files cannot be scanned
422373 Files not concerned
7173 Archives were scanned
4 Warnings
0 Notes
######################################################################
Rapport HiJackThis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:40, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\lxdeserv.exe
C:\WINDOWS\system32\lxdecoms.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Bapt\Bureau\Optimisation\Nettoyage\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - C:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O3 - Toolbar: Copernic Desktop Search - {C5F7A735-70F1-477F-8C36-6FF3C736017B} - C:\Program Files\Copernic Desktop Search\CopernicDesktopSearchIntegration974.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O3 - Toolbar: Afficher Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunServices: [DRam prosessor] msconfig.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Startup: start.bat
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Choisir comme avatar pour &Messenger - C:\Program Files\MSN Pictures Displayer\AddIEPicture.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL/FlashCatcher.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.photoservice.com/aurigma/ImageUploader4.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2FB09744-8592-4666-A237-122DFEA55DD7}: NameServer = 192.168.0.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: lmab_device - Unknown owner - C:\WINDOWS\system32\LMabcoms.exe
O23 - Service: lxdeCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdeserv.exe
O23 - Service: lxde_device - - C:\WINDOWS\system32\lxdecoms.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: StarOpen - Avira GmbH - (no file)
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: wampapache - Apache Software Foundation - C:\Program Files\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - C:\Program Files\wamp\mysql\bin\mysqld-nt.exe
Voila le rapport de Ad-Aware
Ad-Aware 2007 Build
Log File Created on: 2008-04-06 16:25:41
Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name: PC-568A7716A3F2
Name of user performing scan: SYSTEM
System information
===========================
Number of processors: 2
Processor type: Intel(R) Pentium(R) 4 CPU 3.20GHz
Memory Available: 66%
Total Physical Memory: 2145099776 Bytes
Available Physical Memory: 1408811008 Bytes
Total Page File Size: 3594358784 Bytes
Available On Page File: 2866782208 Bytes
Total Virtual Memory: 2147352576 Bytes
Available Virtual Memory: 1920528384 Bytes
OS: Microsoft Windows XP Service Pack 2 (Build 2600)
Ad-Aware 2007 Settings
===========================
Skipping files larger than 1048576 kB
Ignoring infections with lower TAI than: 3
Extended Ad-Aware 2007 Settings
===========================
Unloading known modules during scan
Ignoring spanned files when scanning cab archives
Reanalyzing results after scanning before displaying results
Trying to unload modules prior to removal
Let Windows remove files currently in use at next reboot
Removing quarantined objects after restore
Deactivating Ad-Watch during scans
Writeprotecting system files after repairs
Include info about ignored objects in log file
Including basic settings in log file
Including advanced settings in log file
Including user and computer name in log file
Create and save WebUpdate log file
Databaseinfo
===========================
Version number: 67
Build Number: 0
Build Date and Time: 2008/04/02 10:08:44
Scan Statistics
===========================
Method: Full
Scan tracking cookies.............................: On
Scan ADS filestreams..............................: Off
Item Scanned: 150010
Infections Detected: 13
Infections Ignored: 0
Scan detailed statistics
===========================
Type Critical Total
Process Scan....: 0 0
Registry Scan...: 0 0
Registry PE Scan: 0 0
Hosts File Scan.: 0 0
File Scan.......: 0 0
Folder Scan.....: 0 0
LSP Scan........: 0 0
ADS Scan........: 0 0
Cookie Scan.....: 13 13
File Hash Scan..: 0 0
Infections Found
===========================
Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3
Item Id: 600000513 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat adbrite.com Apache /
Item Id: 600000513 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat adbrite.com b /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com U /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com A2 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com B2 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com C3 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com D3 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com E2 /
Item Id: 600000171 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat bs.serving-sys.com eyeblaster /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com TestIfCookieP /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pbwmaj /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pbw /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pid /
Items Ignored During Scan
===========================
Listing of running processes
===========================
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\ati2evxx.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winmm.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\wgalogon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\cscui.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\mprui.dll
c:\windows\system32\netui2.dll
c:\windows\system32\netmsg.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acadproc.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\psbase.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\xpsp2res.dll
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ati2edxx.dll
c:\windows\system32\uxtheme.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wshisn.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\mpr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\es.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\hidserv.dll
c:\windows\system32\hid.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mprdim.dll
c:\windows\system32\iprtrmgr.dll
c:\windows\system32\rtm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\iprtprio.dll
c:\windows\system32\ipxrtmgr.dll
c:\windows\system32\adptif.dll
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\ipxwan.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\browser.dll
c:\windows\system32\ipxrip.dll
c:\windows\system32\ipxsap.dll
c:\windows\system32\mprddm.dll
c:\windows\system32\iashlpr.dll
c:\windows\system32\iasrad.dll
c:\windows\system32\iaspolcy.dll
c:\windows\system32\iassvcs.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\iassdo.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\windows\system32\msdart.dll
c:\windows\system32\comdlg32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\windows\system32\vbajet32.dll
c:\windows\system32\iasnap.dll
c:\windows\system32\iassam.dll
c:\windows\system32\iasacct.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\wbem\wbemcons.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\msi.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wudfsvc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wudfplatform.dll
c:\windows\system32\secur32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCSVCHST.EXE
c:\program files\fichiers communs\symantec shared\ccsvchst.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
c:\program files\fichiers communs\symantec shared\ccl70u.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\fichiers communs\symantec shared\ccvrtrst.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\fichiers communs\symantec shared\ccsvc.dll
c:\program files\fichiers communs\symantec shared\ccipc.dll
c:\windows\system32\secur32.dll
c:\program files\fichiers communs\symantec shared\ccset.dll
c:\progra~1\fichie~1\symant~1\ccsetplg.dll
c:\progra~1\norton~1\norton~1\avpsvc32.dll
c:\program files\norton internet security\norton antivirus\avsubmit.dll
c:\progra~1\fichie~1\symant~1\ccsubeng.dll
c:\progra~1\fichie~1\symant~1\homenet\hncore.dll
c:\progra~1\norton~1\isdatasv.dll
c:\progra~1\fichie~1\symant~1\sndsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\shell32.dll
c:\program files\fichiers communs\symantec shared\ccl70.dll
c:\progra~1\fichie~1\symant~1\spbbc\tprocplg.dll
c:\windows\system32\msi.dll
c:\progra~1\fichie~1\symant~1\npc\2.0\wmimontr.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\progra~1\fichie~1\symant~1\ccevtplg.dll
c:\windows\system32\netman.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\wmi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\esent.dll
c:\progra~1\fichie~1\symant~1\appcore\appplg32.dll
c:\progra~1\fichie~1\symant~1\htec\htec.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\symneti.dll
c:\windows\system32\userenv.dll
c:\program files\fichiers communs\symantec shared\appcore\appmgr32.dll
c:\program files\fichiers communs\symantec shared\appcore\appset32.dll
c:\progra~1\fichie~1\symant~1\ids\ipsplug.dll
c:\progra~1\fichie~1\symant~1\ncwhypex\ncwhypex.dll
c:\windows\system32\psapi.dll
c:\program files\fichiers communs\symantec shared\ccevtcli.dll
c:\program files\fichiers communs\symantec shared\antivirus\avscan.dll
c:\program files\fichiers communs\symantec shared\antivirus\avdefmgr.dll
c:\progra~1\fichie~1\symant~1\firewall\fwagent.dll
c:\progra~1\fichie~1\symant~1\spbbc\spbbcevt.dll
c:\progra~1\fichie~1\symant~1\pif\{96e26~1\pifeng.dll
c:\program files\fichiers communs\symantec shared\antivirus\avmodule.dll
c:\windows\system32\uxtheme.dll
c:\progra~1\fichie~1\symant~1\srtsp\srtsp32.dll
c:\progra~1\fichie~1\symant~1\cclogin.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\msvcr71.dll
c:\progra~1\fichie~1\symant~1\ccl40.dll
c:\program files\fichiers communs\symantec shared\ccprosub.dll
c:\progra~1\fichie~1\symant~1\ccsetevt.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\atl80.dll
c:\progra~1\norton~1\norton~1\navevent.dll
c:\windows\system32\msjetoledb40.dll
c:\windows\system32\msjet40.dll
c:\windows\system32\mswstr10.dll
c:\windows\system32\msjter40.dll
c:\windows\system32\msjint40.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\windows\system32\msdart.dll
c:\windows\system32\comdlg32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\windows\system32\rsaenh.dll
c:\program files\fichiers communs\symantec shared\qbackup.dll
c:\windows\system32\msjtes40.dll
c:\windows\system32\vbajet32.dll
c:\windows\system32\expsrv.dll
c:\program files\norton internet security\isdatacl.dll
c:\program files\fichiers communs\symantec shared\firewall\fwhelper.dll
c:\program files\fichiers communs\symantec shared\spbbc\cctrstpc.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\program files\fichiers communs\symantec shared\antivirus\avifc.dll
c:\program files\norton internet security\setevthp.dll
c:\program files\norton internet security\ispwd.dll
c:\program files\norton internet security\fwplugin.dll
c:\program files\norton internet security\fwevent.dll
c:\docume~1\alluse~1\applic~1\symantec\syknapps\syknapps.dll
c:\windows\system32\urlmon.dll
c:\progra~1\fichie~1\symant~1\opc\{c86ea~1\cltnetcn.dll
c:\program files\fichiers communs\symantec shared\spbbc\spbbccli.dll
c:\program files\fichiers communs\symantec shared\ccscanw.dll
c:\program files\fichiers communs\symantec shared\ecmldr32.dll
c:\program files\fichiers communs\symantec shared\msl\msl.dll
c:\program files\norton internet security\imcfg.dll
c:\program files\fichiers communs\symantec shared\spbbc\bbrgen.dll
c:\program files\fichiers communs\symantec shared\npc\2.0\wmidata.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\program files\fichiers communs\symantec shared\coshared\wa\2.0\nppccwkr.dll
c:\program files\fichiers communs\symantec shared\coshared\wa\2.0\nppdsmgr.dll
c:\program files\fichiers communs\symantec shared\coshared\browser\2.0\coregmon.dll
c:\program files\fichiers communs\symantec shared\coshared\cw\2.0\cwbb.dll
c:\program files\fichiers communs\symantec shared\col\bbif.dll
c:\windows\system32\winspool.drv
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
c:\program files\fichiers communs\symantec shared\ccpd-lc\symlcsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\version.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\program files\fichiers communs\symantec shared\ccpd-lc\symlcnet.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive85u.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\program files\lavasoft\ad-aware 2007\lavalicense.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\lxdelmpm.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\lmablmpm.dll
c:\windows\system32\lxf3pmon.dll
c:\windows\system32\imgman32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\im31img.dil
c:\windows\system32\lxf3oem.dll
c:\program files\lexmark fax solutions\ipcmt.dll
c:\windows\system32\lxf3pmrc.dll
c:\windows\system32\mdimon.dll
c:\windows\system32\msi.dll
c:\windows\system32\pdf995mon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\pdfcmnnt.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\lxas2kpm.dll
c:\windows\system32\spool\prtprocs\w32x86\lxdedrpp.dll
c:\windows\system32\spool\prtprocs\w32x86\lxaspp.dll
c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\inetpp.dll
c:\windows\system32\xpsp2res.dll
C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
c:\program files\avira\antivir personaledition classic\avguard.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\program files\avira\antivir personaledition classic\avgio.dll
c:\program files\avira\antivir personaledition classic\avevtlog.dll
c:\program files\avira\antivir personaledition classic\guardmsg.dll
c:\program files\avira\antivir personaledition classic\sqlite3.dll
c:\program files\avira\antivir personaledition classic\msvcr71.dll
c:\program files\avira\antivir personaledition classic\avpref.dll
c:\program files\avira\antivir personaledition classic\smtplib.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\avira\antivir personaledition classic\avpack32.dll
c:\program files\avira\antivir personaledition classic\unacev2.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\program files\avira\antivir personaledition classic\avewin32.dll
c:\program files\avira\antivir personaledition classic\avipc.dll
c:\windows\system32\fltlib.dll
C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
c:\program files\avira\antivir personaledition classic\sched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\program files\avira\antivir personaledition classic\msvcr71.dll
c:\program files\avira\antivir personaledition classic\msvcp71.dll
c:\windows\system32\imm32.dll
c:\program files\avira\antivir personaledition classic\schedr.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\avira\antivir personaledition classic\avevtlog.dll
c:\program files\avira\antivir personaledition classic\sqlite3.dll
c:\windows\system32\comctl32.dll
c:\program files\avira\antivir personaledition classic\avipc.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\apphelp.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
c:\program files\symantec\liveupdate\aluschedulersvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\program files\fichiers communs\symantec shared\ccvrtrst.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\program files\fichiers communs\symantec shared\ccl70u.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
c:\windows\system32\drivers\cdac11ba.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE
c:\windows\system32\drivers\cdantsrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
C:\PROGRAM FILES\FILEZILLA SERVER\FILEZILLA SERVER.EXE
c:\program files\filezilla server\filezilla server.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GOBACK\GBPOLL.EXE
c:\program files\norton systemworks\norton goback\gbpoll.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shell32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\norton systemworks\norton goback\gbres.dll
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXDESERV.EXE
c:\windows\system32\spool\drivers\w32x86\3\lxdeserv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
C:\WINDOWS\SYSTEM32\LXDECOMS.EXE
c:\windows\system32\lxdecoms.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\program files\fichiers communs\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\fichiers communs\microsoft shared\vs7debug\1036\mdmui.dll
c:\windows\system32\psapi.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\PROGRAM FILES\RAXCO\PERFECTDISK\PDAGENT.EXE
c:\program files\raxco\perfectdisk\pdagent.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\raxco\perfectdisk\pdcommon.dll
c:\windows\system32\mpr.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\program files\raxco\perfectdisk\msvcp71.dll
c:\program files\raxco\perfectdisk\msvcr71.dll
c:\program files\raxco\perfectdisk\pddb.dll
c:\program files\raxco\perfectdisk\sqlite3.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\raxco\perfectdisk\pdlangen.dll
c:\w
Ad-Aware 2007 Build
Log File Created on: 2008-04-06 16:25:41
Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name: PC-568A7716A3F2
Name of user performing scan: SYSTEM
System information
===========================
Number of processors: 2
Processor type: Intel(R) Pentium(R) 4 CPU 3.20GHz
Memory Available: 66%
Total Physical Memory: 2145099776 Bytes
Available Physical Memory: 1408811008 Bytes
Total Page File Size: 3594358784 Bytes
Available On Page File: 2866782208 Bytes
Total Virtual Memory: 2147352576 Bytes
Available Virtual Memory: 1920528384 Bytes
OS: Microsoft Windows XP Service Pack 2 (Build 2600)
Ad-Aware 2007 Settings
===========================
Skipping files larger than 1048576 kB
Ignoring infections with lower TAI than: 3
Extended Ad-Aware 2007 Settings
===========================
Unloading known modules during scan
Ignoring spanned files when scanning cab archives
Reanalyzing results after scanning before displaying results
Trying to unload modules prior to removal
Let Windows remove files currently in use at next reboot
Removing quarantined objects after restore
Deactivating Ad-Watch during scans
Writeprotecting system files after repairs
Include info about ignored objects in log file
Including basic settings in log file
Including advanced settings in log file
Including user and computer name in log file
Create and save WebUpdate log file
Databaseinfo
===========================
Version number: 67
Build Number: 0
Build Date and Time: 2008/04/02 10:08:44
Scan Statistics
===========================
Method: Full
Scan tracking cookies.............................: On
Scan ADS filestreams..............................: Off
Item Scanned: 150010
Infections Detected: 13
Infections Ignored: 0
Scan detailed statistics
===========================
Type Critical Total
Process Scan....: 0 0
Registry Scan...: 0 0
Registry PE Scan: 0 0
Hosts File Scan.: 0 0
File Scan.......: 0 0
Folder Scan.....: 0 0
LSP Scan........: 0 0
ADS Scan........: 0 0
Cookie Scan.....: 13 13
File Hash Scan..: 0 0
Infections Found
===========================
Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3
Item Id: 600000513 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat adbrite.com Apache /
Item Id: 600000513 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat adbrite.com b /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com U /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com A2 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com B2 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com C3 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com D3 /
Item Id: 600000408 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat serving-sys.com E2 /
Item Id: 600000171 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat bs.serving-sys.com eyeblaster /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com TestIfCookieP /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pbwmaj /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pbw /
Item Id: 600000001 Value: Browser: Opera Cookie: C:\Documents and Settings\Bapt\Application Data\Opera\Opera\Profile\cookies4.dat smartadserver.com pid /
Items Ignored During Scan
===========================
Listing of running processes
===========================
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\ati2evxx.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winmm.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\wgalogon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\cscui.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\mprui.dll
c:\windows\system32\netui2.dll
c:\windows\system32\netmsg.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acadproc.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\psbase.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\xpsp2res.dll
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ati2edxx.dll
c:\windows\system32\uxtheme.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wshisn.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\mpr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\es.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\hidserv.dll
c:\windows\system32\hid.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mprdim.dll
c:\windows\system32\iprtrmgr.dll
c:\windows\system32\rtm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\iprtprio.dll
c:\windows\system32\ipxrtmgr.dll
c:\windows\system32\adptif.dll
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\ipxwan.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\browser.dll
c:\windows\system32\ipxrip.dll
c:\windows\system32\ipxsap.dll
c:\windows\system32\mprddm.dll
c:\windows\system32\iashlpr.dll
c:\windows\system32\iasrad.dll
c:\windows\system32\iaspolcy.dll
c:\windows\system32\iassvcs.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\iassdo.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\windows\system32\msdart.dll
c:\windows\system32\comdlg32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\windows\system32\vbajet32.dll
c:\windows\system32\iasnap.dll
c:\windows\system32\iassam.dll
c:\windows\system32\iasacct.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\wbem\wbemcons.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\msi.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wudfsvc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wudfplatform.dll
c:\windows\system32\secur32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCSVCHST.EXE
c:\program files\fichiers communs\symantec shared\ccsvchst.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
c:\program files\fichiers communs\symantec shared\ccl70u.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\version.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\fichiers communs\symantec shared\ccvrtrst.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\fichiers communs\symantec shared\ccsvc.dll
c:\program files\fichiers communs\symantec shared\ccipc.dll
c:\windows\system32\secur32.dll
c:\program files\fichiers communs\symantec shared\ccset.dll
c:\progra~1\fichie~1\symant~1\ccsetplg.dll
c:\progra~1\norton~1\norton~1\avpsvc32.dll
c:\program files\norton internet security\norton antivirus\avsubmit.dll
c:\progra~1\fichie~1\symant~1\ccsubeng.dll
c:\progra~1\fichie~1\symant~1\homenet\hncore.dll
c:\progra~1\norton~1\isdatasv.dll
c:\progra~1\fichie~1\symant~1\sndsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\shell32.dll
c:\program files\fichiers communs\symantec shared\ccl70.dll
c:\progra~1\fichie~1\symant~1\spbbc\tprocplg.dll
c:\windows\system32\msi.dll
c:\progra~1\fichie~1\symant~1\npc\2.0\wmimontr.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\progra~1\fichie~1\symant~1\ccevtplg.dll
c:\windows\system32\netman.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\samlib.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\wmi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\esent.dll
c:\progra~1\fichie~1\symant~1\appcore\appplg32.dll
c:\progra~1\fichie~1\symant~1\htec\htec.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\symneti.dll
c:\windows\system32\userenv.dll
c:\program files\fichiers communs\symantec shared\appcore\appmgr32.dll
c:\program files\fichiers communs\symantec shared\appcore\appset32.dll
c:\progra~1\fichie~1\symant~1\ids\ipsplug.dll
c:\progra~1\fichie~1\symant~1\ncwhypex\ncwhypex.dll
c:\windows\system32\psapi.dll
c:\program files\fichiers communs\symantec shared\ccevtcli.dll
c:\program files\fichiers communs\symantec shared\antivirus\avscan.dll
c:\program files\fichiers communs\symantec shared\antivirus\avdefmgr.dll
c:\progra~1\fichie~1\symant~1\firewall\fwagent.dll
c:\progra~1\fichie~1\symant~1\spbbc\spbbcevt.dll
c:\progra~1\fichie~1\symant~1\pif\{96e26~1\pifeng.dll
c:\program files\fichiers communs\symantec shared\antivirus\avmodule.dll
c:\windows\system32\uxtheme.dll
c:\progra~1\fichie~1\symant~1\srtsp\srtsp32.dll
c:\progra~1\fichie~1\symant~1\cclogin.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\msvcr71.dll
c:\progra~1\fichie~1\symant~1\ccl40.dll
c:\program files\fichiers communs\symantec shared\ccprosub.dll
c:\progra~1\fichie~1\symant~1\ccsetevt.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\atl80.dll
c:\progra~1\norton~1\norton~1\navevent.dll
c:\windows\system32\msjetoledb40.dll
c:\windows\system32\msjet40.dll
c:\windows\system32\mswstr10.dll
c:\windows\system32\msjter40.dll
c:\windows\system32\msjint40.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\windows\system32\msdart.dll
c:\windows\system32\comdlg32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\windows\system32\rsaenh.dll
c:\program files\fichiers communs\symantec shared\qbackup.dll
c:\windows\system32\msjtes40.dll
c:\windows\system32\vbajet32.dll
c:\windows\system32\expsrv.dll
c:\program files\norton internet security\isdatacl.dll
c:\program files\fichiers communs\symantec shared\firewall\fwhelper.dll
c:\program files\fichiers communs\symantec shared\spbbc\cctrstpc.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\program files\fichiers communs\symantec shared\antivirus\avifc.dll
c:\program files\norton internet security\setevthp.dll
c:\program files\norton internet security\ispwd.dll
c:\program files\norton internet security\fwplugin.dll
c:\program files\norton internet security\fwevent.dll
c:\docume~1\alluse~1\applic~1\symantec\syknapps\syknapps.dll
c:\windows\system32\urlmon.dll
c:\progra~1\fichie~1\symant~1\opc\{c86ea~1\cltnetcn.dll
c:\program files\fichiers communs\symantec shared\spbbc\spbbccli.dll
c:\program files\fichiers communs\symantec shared\ccscanw.dll
c:\program files\fichiers communs\symantec shared\ecmldr32.dll
c:\program files\fichiers communs\symantec shared\msl\msl.dll
c:\program files\norton internet security\imcfg.dll
c:\program files\fichiers communs\symantec shared\spbbc\bbrgen.dll
c:\program files\fichiers communs\symantec shared\npc\2.0\wmidata.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\program files\fichiers communs\symantec shared\coshared\wa\2.0\nppccwkr.dll
c:\program files\fichiers communs\symantec shared\coshared\wa\2.0\nppdsmgr.dll
c:\program files\fichiers communs\symantec shared\coshared\browser\2.0\coregmon.dll
c:\program files\fichiers communs\symantec shared\coshared\cw\2.0\cwbb.dll
c:\program files\fichiers communs\symantec shared\col\bbif.dll
c:\windows\system32\winspool.drv
C:\PROGRAM FILES\FICHIERS COMMUNS\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
c:\program files\fichiers communs\symantec shared\ccpd-lc\symlcsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\version.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\program files\fichiers communs\symantec shared\ccpd-lc\symlcnet.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive85u.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\program files\lavasoft\ad-aware 2007\lavalicense.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\lxdelmpm.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\lmablmpm.dll
c:\windows\system32\lxf3pmon.dll
c:\windows\system32\imgman32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\im31img.dil
c:\windows\system32\lxf3oem.dll
c:\program files\lexmark fax solutions\ipcmt.dll
c:\windows\system32\lxf3pmrc.dll
c:\windows\system32\mdimon.dll
c:\windows\system32\msi.dll
c:\windows\system32\pdf995mon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\pdfcmnnt.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\lxas2kpm.dll
c:\windows\system32\spool\prtprocs\w32x86\lxdedrpp.dll
c:\windows\system32\spool\prtprocs\w32x86\lxaspp.dll
c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\inetpp.dll
c:\windows\system32\xpsp2res.dll
C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE
c:\program files\avira\antivir personaledition classic\avguard.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\program files\avira\antivir personaledition classic\avgio.dll
c:\program files\avira\antivir personaledition classic\avevtlog.dll
c:\program files\avira\antivir personaledition classic\guardmsg.dll
c:\program files\avira\antivir personaledition classic\sqlite3.dll
c:\program files\avira\antivir personaledition classic\msvcr71.dll
c:\program files\avira\antivir personaledition classic\avpref.dll
c:\program files\avira\antivir personaledition classic\smtplib.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\avira\antivir personaledition classic\avpack32.dll
c:\program files\avira\antivir personaledition classic\unacev2.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\program files\avira\antivir personaledition classic\avewin32.dll
c:\program files\avira\antivir personaledition classic\avipc.dll
c:\windows\system32\fltlib.dll
C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE
c:\program files\avira\antivir personaledition classic\sched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\program files\avira\antivir personaledition classic\msvcr71.dll
c:\program files\avira\antivir personaledition classic\msvcp71.dll
c:\windows\system32\imm32.dll
c:\program files\avira\antivir personaledition classic\schedr.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\avira\antivir personaledition classic\avevtlog.dll
c:\program files\avira\antivir personaledition classic\sqlite3.dll
c:\windows\system32\comctl32.dll
c:\program files\avira\antivir personaledition classic\avipc.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\apphelp.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
c:\program files\fichiers communs\apple\mobile device support\bin\applemobiledeviceservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\PROGRAM FILES\SYMANTEC\LIVEUPDATE\ALUSCHEDULERSVC.EXE
c:\program files\symantec\liveupdate\aluschedulersvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcp80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.1433_x-ww_5cf844d2\msvcr80.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\program files\fichiers communs\symantec shared\ccvrtrst.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\program files\fichiers communs\symantec shared\ccl70u.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\WINDOWS\SYSTEM32\DRIVERS\CDAC11BA.EXE
c:\windows\system32\drivers\cdac11ba.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
C:\WINDOWS\SYSTEM32\DRIVERS\CDANTSRV.EXE
c:\windows\system32\drivers\cdantsrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
C:\PROGRAM FILES\FILEZILLA SERVER\FILEZILLA SERVER.EXE
c:\program files\filezilla server\filezilla server.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON GOBACK\GBPOLL.EXE
c:\program files\norton systemworks\norton goback\gbpoll.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shell32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\norton systemworks\norton goback\gbres.dll
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXDESERV.EXE
c:\windows\system32\spool\drivers\w32x86\3\lxdeserv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
C:\WINDOWS\SYSTEM32\LXDECOMS.EXE
c:\windows\system32\lxdecoms.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\msvcrt.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\program files\fichiers communs\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\fichiers communs\microsoft shared\vs7debug\1036\mdmui.dll
c:\windows\system32\psapi.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\PROGRAM FILES\RAXCO\PERFECTDISK\PDAGENT.EXE
c:\program files\raxco\perfectdisk\pdagent.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\userenv.dll
c:\windows\system32\version.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\raxco\perfectdisk\pdcommon.dll
c:\windows\system32\mpr.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\program files\raxco\perfectdisk\msvcp71.dll
c:\program files\raxco\perfectdisk\msvcr71.dll
c:\program files\raxco\perfectdisk\pddb.dll
c:\program files\raxco\perfectdisk\sqlite3.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\raxco\perfectdisk\pdlangen.dll
c:\w
Non pas tous le premir oui apres j'ai juste mis en quarantaine ..
J'ai norton internet security
le reste c'est n'est que des programmes du genre ad-aware ccleaner etc .
J'ai norton internet security
le reste c'est n'est que des programmes du genre ad-aware ccleaner etc .
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
le bien payant ;-)
C'est bon c'est fait .
J'étais bien encore infecté ?
Encore merci de ton aide
C'est bon c'est fait .
J'étais bien encore infecté ?
Encore merci de ton aide
Bon
*Comme c'est le payant tu le gardes donc désinstalle AntiVir et d'autres antivirus si t'en a (car plusieurs antivirus=conflits)
*Désinstalle tous tes anti-spywares et gardes celui que je t'ai donnée c'est a dire Ad-Adware.
*Télécharge Kerio c'est pare feu https://www.01net.com/outils/telecharger/windows/Securite/firewall/fiches/tele22418.html (télécharge le si Norton ne fait pas de pare feu si il n'en fait pas télécharge le)
*Et sinon garde Ccleaner.
*Donc c'est a dire qu'il doit te rester Norton,Kerio,Ad-Aware et Ccleaner
*Si il y a d'autres supprimes les.
PS: Fait des analyses environ toute les deux semaines,des mises a jour chaque semaines.
Voila Bonne Chance.
Refais un rapport HiJackThis que tu postera dans le forum Virus/Sécurité pour que quelqu'un l'examine.
*Comme c'est le payant tu le gardes donc désinstalle AntiVir et d'autres antivirus si t'en a (car plusieurs antivirus=conflits)
*Désinstalle tous tes anti-spywares et gardes celui que je t'ai donnée c'est a dire Ad-Adware.
*Télécharge Kerio c'est pare feu https://www.01net.com/outils/telecharger/windows/Securite/firewall/fiches/tele22418.html (télécharge le si Norton ne fait pas de pare feu si il n'en fait pas télécharge le)
*Et sinon garde Ccleaner.
*Donc c'est a dire qu'il doit te rester Norton,Kerio,Ad-Aware et Ccleaner
*Si il y a d'autres supprimes les.
PS: Fait des analyses environ toute les deux semaines,des mises a jour chaque semaines.
Voila Bonne Chance.
Refais un rapport HiJackThis que tu postera dans le forum Virus/Sécurité pour que quelqu'un l'examine.
