Version anglaiseVersion espagnoleVersion françaiseInscrivez-vous, c'est gratuit ! (mot de passe oublié)
- Jeudi 4 décembre 2008 - 17:36:28
- inscrits : 1093646
- connectés : 64732
- questions/jour : 4705
- Taux de réponse : 76.45%
Plateformes d'assistanceDiscussions & Opinions des Communautés
|
|
|
|
Bonjour,
Je pense que mon ordinateur est infecté par un virus. J'utilise Internet Explorer et lorsque je fais une recherche Google, quand je clique sur un des résultats, je suis souvent redirigé vers des pages que je n'ai pas sollicitées comme par exemple http://www-search.net, http://weddingcamerasplace.com/, etc.
J'ai suivi les recommandations de Yoan et voici les rapports de mes scans:
Ewido:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:17:56 24/10/2006
+ Scan result:
C:\Program Files\HQvideo -> Adware.HQvideo : No action taken.
C:\Program Files\HQvideo\Uninstall.exe -> Adware.HQvideo : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000027.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000060.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001060.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0002076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0003076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003094.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003112.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003128.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003215.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003257.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003273.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP5\A0003291.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003308.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003326.exe -> Downloader.Agent.uj : No action taken.
[1088] VM_00B80000 -> Downloader.Agent.uj : No action taken.
[1592] VM_009E0000 -> Downloader.Agent.uj : No action taken.
[1692] VM_003C0000 -> Downloader.Agent.uj : No action taken.
[1892] VM_00A80000 -> Downloader.Agent.uj : No action taken.
[2100] VM_009D0000 -> Downloader.Agent.uj : No action taken.
[2124] VM_003B0000 -> Downloader.Agent.uj : No action taken.
[2156] VM_01F20000 -> Downloader.Agent.uj : No action taken.
[2212] VM_00990000 -> Downloader.Agent.uj : No action taken.
[224] VM_00A80000 -> Downloader.Agent.uj : No action taken.
[2344] VM_00DF0000 -> Downloader.Agent.uj : No action taken.
[2400] VM_01250000 -> Downloader.Agent.uj : No action taken.
[2536] VM_009B0000 -> Downloader.Agent.uj : No action taken.
[2556] VM_009F0000 -> Downloader.Agent.uj : No action taken.
[2580] VM_00AF0000 -> Downloader.Agent.uj : No action taken.
[2600] VM_00380000 -> Downloader.Agent.uj : No action taken.
[2928] VM_00980000 -> Downloader.Agent.uj : No action taken.
[2936] VM_009F0000 -> Downloader.Agent.uj : No action taken.
[3252] VM_00870000 -> Downloader.Agent.uj : No action taken.
[3432] VM_003F0000 -> Downloader.Agent.uj : No action taken.
[3508] VM_008A0000 -> Downloader.Agent.uj : No action taken.
[3552] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3600] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3608] VM_00980000 -> Downloader.Agent.uj : No action taken.
[3708] VM_00A20000 -> Downloader.Agent.uj : No action taken.
[3724] VM_003A0000 -> Downloader.Agent.uj : No action taken.
[3740] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3828] VM_00A10000 -> Downloader.Agent.uj : No action taken.
[4076] VM_00A40000 -> Downloader.Agent.uj : No action taken.
[844] VM_034E0000 -> Downloader.Agent.uj : No action taken.
[872] VM_00A30000 -> Downloader.Agent.uj : No action taken.
[984] VM_00380000 -> Downloader.Agent.uj : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-301c72d2-34b5425d.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-4e340213-49e15260.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-4e340213-74096285.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
:mozilla.62:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.63:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.64:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.65:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.66:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.291:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.535:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.37:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.38:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.102:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.53:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.114:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.115:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.139:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.140:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.368:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.369:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@com[2].txt -> TrackingCookie.Com : No action taken.
:mozilla.78:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.79:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.80:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
:mozilla.22:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\2zl4uzoa.Utilisateur par défaut\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.43:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.106:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@estat[1].txt -> TrackingCookie.Estat : No action taken.
:mozilla.56:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.57:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.58:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.59:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.60:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@as-eu.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@findwhat[1].txt -> TrackingCookie.Findwhat : No action taken.
:mozilla.144:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.14:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.15:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.232:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.31:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.32:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.516:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.74:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.93:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.22:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@data3.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.11:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.181:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.211:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.231:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.234:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.275:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.276:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.277:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.278:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.329:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.462:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.497:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.512:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.520:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.532:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.578:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.70:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.71:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.142:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.154:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.155:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.156:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.116:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.117:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.118:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.480:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.481:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.113:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.165:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
:mozilla.474:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.540:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.541:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.542:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.543:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.6:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000036.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001069.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0003088.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003104.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003122.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003135.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003222.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003237.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003264.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003279.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP5\A0003297.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003315.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003332.exe -> Trojan.Small.fb : No action taken.
::Report end
BitDefender:
BitDefender Online Scanner
Scan report generated at: Tue, Oct 24, 2006 - 11:42:37
Scan path: C:\;D:\;E:\;
Statistics
Time
01:20:42
Files
404370
Folders
6470
Boot Sectors
4
Archives
7428
Packed Files
42686
Results
Identified Viruses
9
Infected Files
38
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
68
Engines Info
Virus Definitions
478438
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip
Update failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip
Update failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.IstBar.ER
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Infected with: Generic.Malware.dld!!g.FB6619D2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ASY
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Infected with: Generic.Malware.dld!!g.FB6619D2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Infected with: Trojan.Movidl.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.IstBar.ER
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Deleted
HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 22:22:58, on 26/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MLK\mouse_2k.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\PC Suite for Nokia 3650\ectaskscheduler.exe
C:\Program Files\Nokia\PC Suite for Nokia 3650\connmngmntbox.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Demelenne Pascal\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///D:/sourcesdoc/indexFR.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\MLK\mouse_2k.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: PCSuiteForNokia3650 TS.lnk = ?
O4 - Global Startup: PCSuiteForNokia3650 Detect.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{2771795A-F326-488D-9F9D-7DB1888AF5F1}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C8CB9A8-32B1-41C4-B346-24941EF3A71B}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{A66B4545-16F9-46BA-ADB9-D86FFE784ECB}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0DD3738-2081-45A2-BDC3-852CE80F8CAF}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{C288B38C-1152-48F0-8E68-59B086F29117}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4033967-DE39-4C66-B4DF-E0D94569F748}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA5E3EFF-595A-4C52-B25F-AD1DE82EC949}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC349F21-1077-44B8-BF87-06F9448EC62E}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Je pense que mon ordinateur est infecté par un virus. J'utilise Internet Explorer et lorsque je fais une recherche Google, quand je clique sur un des résultats, je suis souvent redirigé vers des pages que je n'ai pas sollicitées comme par exemple http://www-search.net, http://weddingcamerasplace.com/, etc.
J'ai suivi les recommandations de Yoan et voici les rapports de mes scans:
Ewido:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 10:17:56 24/10/2006
+ Scan result:
C:\Program Files\HQvideo -> Adware.HQvideo : No action taken.
C:\Program Files\HQvideo\Uninstall.exe -> Adware.HQvideo : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000027.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000060.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001060.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0002076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0003076.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003094.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003112.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003128.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003215.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003257.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003273.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP5\A0003291.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003308.exe -> Downloader.Agent.uj : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003326.exe -> Downloader.Agent.uj : No action taken.
[1088] VM_00B80000 -> Downloader.Agent.uj : No action taken.
[1592] VM_009E0000 -> Downloader.Agent.uj : No action taken.
[1692] VM_003C0000 -> Downloader.Agent.uj : No action taken.
[1892] VM_00A80000 -> Downloader.Agent.uj : No action taken.
[2100] VM_009D0000 -> Downloader.Agent.uj : No action taken.
[2124] VM_003B0000 -> Downloader.Agent.uj : No action taken.
[2156] VM_01F20000 -> Downloader.Agent.uj : No action taken.
[2212] VM_00990000 -> Downloader.Agent.uj : No action taken.
[224] VM_00A80000 -> Downloader.Agent.uj : No action taken.
[2344] VM_00DF0000 -> Downloader.Agent.uj : No action taken.
[2400] VM_01250000 -> Downloader.Agent.uj : No action taken.
[2536] VM_009B0000 -> Downloader.Agent.uj : No action taken.
[2556] VM_009F0000 -> Downloader.Agent.uj : No action taken.
[2580] VM_00AF0000 -> Downloader.Agent.uj : No action taken.
[2600] VM_00380000 -> Downloader.Agent.uj : No action taken.
[2928] VM_00980000 -> Downloader.Agent.uj : No action taken.
[2936] VM_009F0000 -> Downloader.Agent.uj : No action taken.
[3252] VM_00870000 -> Downloader.Agent.uj : No action taken.
[3432] VM_003F0000 -> Downloader.Agent.uj : No action taken.
[3508] VM_008A0000 -> Downloader.Agent.uj : No action taken.
[3552] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3600] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3608] VM_00980000 -> Downloader.Agent.uj : No action taken.
[3708] VM_00A20000 -> Downloader.Agent.uj : No action taken.
[3724] VM_003A0000 -> Downloader.Agent.uj : No action taken.
[3740] VM_00990000 -> Downloader.Agent.uj : No action taken.
[3828] VM_00A10000 -> Downloader.Agent.uj : No action taken.
[4076] VM_00A40000 -> Downloader.Agent.uj : No action taken.
[844] VM_034E0000 -> Downloader.Agent.uj : No action taken.
[872] VM_00A30000 -> Downloader.Agent.uj : No action taken.
[984] VM_00380000 -> Downloader.Agent.uj : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-301c72d2-34b5425d.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-4e340213-49e15260.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
C:\Documents and Settings\Demelenne Pascal\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\counter.jpg-4e340213-74096285.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : No action taken.
:mozilla.62:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.63:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.64:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.65:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.66:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.291:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
:mozilla.535:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
:mozilla.36:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.37:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
:mozilla.38:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
:mozilla.102:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@atdmt[1].txt -> TrackingCookie.Atdmt : No action taken.
:mozilla.53:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
:mozilla.114:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.115:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Burstnet : No action taken.
:mozilla.139:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.140:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Clickzs : No action taken.
:mozilla.368:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Com : No action taken.
:mozilla.369:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@com[2].txt -> TrackingCookie.Com : No action taken.
:mozilla.78:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.79:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
:mozilla.80:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Comclick : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
:mozilla.22:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\2zl4uzoa.Utilisateur par défaut\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.43:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@doubleclick[2].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.106:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@estat[1].txt -> TrackingCookie.Estat : No action taken.
:mozilla.56:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.57:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.58:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.59:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
:mozilla.60:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@as-eu.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@findwhat[1].txt -> TrackingCookie.Findwhat : No action taken.
:mozilla.144:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.14:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.15:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.232:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.31:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.32:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.516:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.74:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.93:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken.
:mozilla.22:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Masterstats : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@data3.perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@perf.overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.11:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.181:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.211:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.231:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.234:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.275:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.276:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.277:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.278:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.329:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.462:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.497:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.512:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.520:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.532:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.578:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.70:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.71:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Sitestat : No action taken.
:mozilla.142:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.154:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.155:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.156:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.116:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.117:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.118:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.480:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.481:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.113:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken.
:mozilla.165:C:\Documents and Settings\Demelenne Pascal\Application Data\Mozilla\Firefox\Profiles\fu2t835p.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Karine\Cookies\karine@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
:mozilla.474:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.540:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.541:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.542:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.543:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
:mozilla.6:C:\Documents and Settings\Karine\Application Data\Mozilla\Firefox\Profiles\4xi21nxa.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0000036.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0001069.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP2\A0003088.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003104.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003122.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003135.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP3\A0003222.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003237.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003264.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP4\A0003279.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP5\A0003297.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003315.exe -> Trojan.Small.fb : No action taken.
C:\System Volume Information\_restore{49798821-77F8-4402-A9AA-0F6C0860DD0D}\RP6\A0003332.exe -> Trojan.Small.fb : No action taken.
::Report end
BitDefender:
BitDefender Online Scanner
Scan report generated at: Tue, Oct 24, 2006 - 11:42:37
Scan path: C:\;D:\;E:\;
Statistics
Time
01:20:42
Files
404370
Folders
6470
Boot Sectors
4
Archives
7428
Packed Files
42686
Results
Identified Viruses
9
Infected Files
38
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
68
Engines Info
Virus Definitions
478438
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\29D9612B.zip
Update failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>GetAccess.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>InsecureClassLoader.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Infected with: Trojan.Java.Classloader.Dummy.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Dummy.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Infected with: Java.Trojan.OpenConnection.F
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)=>Installer.class
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip=>(Quarantine-2)
Updated
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAA5939.zip
Update failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FAD0335.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0B72316F.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DCD2E66.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\697367F4.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7AE77E5B.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\48081419.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0509017D.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7FB12D31.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\324B4B82.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2A1A26CC.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\61B46EB6.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5C702B31.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D101AE.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\22D42BAB.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A336325.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5B9C0581.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE31A5D.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\2EE64459.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\45574E8B.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\5DD700EA.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Exploit.Bytverify
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\57FE5F5C.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\7B7038DD.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\130636EF.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Infected with: Java.Trojan.Femad.B
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\36F82AC2.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.IstBar.ER
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\794059A0.exe=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Infected with: Generic.Malware.dld!!g.FB6619D2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C76587C.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Infected with: Trojan.Downloader.Small.ASY
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\163878C8.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Infected with: Generic.Malware.dld!!g.FB6619D2
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\0C790279.tmp=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Infected with: Trojan.Movidl.A
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\136366DD.js=>(Quarantine-2)
Deleted
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Infected with: Trojan.Downloader.IstBar.ER
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Disinfection failed
C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\455E7BDD.exe=>(Quarantine-2)
Deleted
HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 22:22:58, on 26/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\MLK\mouse_2k.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Nokia\PC Suite for Nokia 3650\ectaskscheduler.exe
C:\Program Files\Nokia\PC Suite for Nokia 3650\connmngmntbox.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Demelenne Pascal\Bureau\hijackthis_hijackthis_1.99.1_anglais_17891.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///D:/sourcesdoc/indexFR.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\MLK\mouse_2k.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - Global Startup: PCSuiteForNokia3650 TS.lnk = ?
O4 - Global Startup: PCSuiteForNokia3650 Detect.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: D-Link AirPlus.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} (Slide Image Uploader Control) - http://www.slide.com/uploader/SlideImageUploader.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{2771795A-F326-488D-9F9D-7DB1888AF5F1}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C8CB9A8-32B1-41C4-B346-24941EF3A71B}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{A66B4545-16F9-46BA-ADB9-D86FFE784ECB}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0DD3738-2081-45A2-BDC3-852CE80F8CAF}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{C288B38C-1152-48F0-8E68-59B086F29117}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{D4033967-DE39-4C66-B4DF-E0D94569F748}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{FA5E3EFF-595A-4C52-B25F-AD1DE82EC949}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\..\{FC349F21-1077-44B8-BF87-06F9448EC62E}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{063FB18A-0CE0-4D0C-BBBE-ED2B96B2A637}: NameServer = 85.255.114.66,85.255.112.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.66 85.255.112.130
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
salut a toi
bon alors refais ton scan ewido et cette fois ci quand le scan est fini supprime les fichiers trouvés. car la tu n'a rien fias --> "no action taken " --> pas d'action faite. je te conseille de lacher norton antivirus pour avast qui est gratuit et beaucoup plus performant. vire norton avec ceci ( progrmamme créé par symantec , société fondatrice de norton ) ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/SymNRT.exe avast est dispo a gauche de la page actuelle cordialement d0ne pro-warezien. je suis du coté clair de la force !!!
|
desactive et reactive ta restauration systeme
fais comme suit appuie sur les touches suivantes ( en meme temps ) la touche windows ( a coté de ALT ) + sur PAUSE ( au dessus des fleches si tu as un ordi de bureau ( pour un pc portable cherche sur ton clavier lol ) normalement une fenetre s'ouvre et la tu clique sur l'onglet restauration systeme. tu coche desactiver la resaturation systeme puis tu recoche ( lorsque tu va decocher il se peut que tu es l'impression que sa ne reponde plus mais attend un peu et sa redeviendra normal; car le systeme supprime les points de restauration ) ensuite refais un scan ewido pour voir s'il te retrouve tes trojans et vire ce qu'il trouve cordialement d0ne pro-warezien. je suis du coté clair de la force !!! |
va dans norton et supprime tout ce qui se trouve dans quarantaine. fais attention de pas restaurer les elements dans ton systeme.
cordialement d0ne pro-warezien. je suis du coté clair de la force !!!
|
Salut
Télécharge ceci: (merci a S!RI pour ce programme). http://siri.urz.free.fr/Fix/SmitfraudFix.zip Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport Copie/colle le sur le poste stp. ---------------------------------------------------------------------------- Démarre en mode sans échec : Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée. Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal ! (Si F8 ne marche pas utilise la touche F5). ---------------------------------------------------------------------------- Relance le programme Smitfraud, Cette fois choisit l’option 2, répond oui a tous ; Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum A+ |