Infecté? résultat Hijackthis

Résolu
Jack Bauer 74 Messages postés 47 Statut Membre -  
Jack Bauer 74 Messages postés 47 Statut Membre -
Bonsoir,
Donc tout d'abord, je suis nouveau ici et je suis loin d'être un expert en informatique!
Et mon souçi, c'est que je pense être infecté: tout a commencé il y a quelques jours par une désactivation de mon Norton suivi d'internet qui ne marchait plus!
Après de nombreuses tentatives de reconnection et de redémarrage, j'ai décidé de nettoyer ma machine:
cleanMgr, CCleaner, Spybot, AdAware et enfin une analyse antivirus (la totale koi!)
Mon antivirus refonctionne, internet aussi (sinon je ne serais pas là à vous écrire!!!) mais bon pc rame plus que d'habitude...
Des résidus?
Voilà donc le résultat d'une analyse d'Hijackthis... bien evidemment, c'est de l'hébreu pour moi, je laisse ça aux spécialistes!
Merci d'avance pour vos réponses!

Logfile of HijackThis v1.99.1
Scan saved at 20:43:32, on 18/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\CyberLink\PowerCinema\PCMService.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\DALBON Romain\Mes documents\Mes fichiers reçus\à garder\Logiciels\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.targa.gmbh/eng/targa/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Camera Detector] C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE -autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe c:\windows\system32\zonelabs\srescan.dll,DoSpecialAction
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://kx.bar.need2find.com/KX/menusearch.html?p=KX
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7D300B8C-E0EC-4676-BC1C-7CE615B82653}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - AppInit_DLLs:
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Voilà, donc merci d'avance pour vos réponses et bonne soirée!

11 réponses

  1. Utilisateur anonyme
     
    Salut,

    rien ne sera supprimé sauf si indiqué
    0
  2. Jack Bauer 74 Messages postés 47 Statut Membre 2
     
    Bonsoir!
    Tout d'abord, merci pour la réponse d'hier soir!
    Je viens d'effectuer toutes les étapes conseillées:
    -suppression des lignes du log de Hijackthis;
    -par contre, pas de dossier "rxtoolbar" dans les program files...
    -je suis ensuite allé sur le lien pour téléchargé ewido et ça me marquait chaque fois page introuvable! J'ai cherché d'autres sites où le télécharger mais chaque fois pareil: page introuvable ou alors "Vous n'êtes pas autorisé à afficher cette page!" Cela vient peut être du firewall? J'ai ZoneAlarm pour info...
    J'ai donc pu le prendre sur Emule, installé, mis à jour, lancé l'analyse, effacer ce qu'il m'a trouvé et refait une analyse Hijackthis dont voici le résultat:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:39:54, on 19/09/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvraidservice.exe
    C:\WINDOWS\system32\carpserv.exe
    C:\WINDOWS\CNYHKey.exe
    C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe
    C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
    C:\Program Files\Lexmark 2200 Series\lxbvbmon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\PROGRA~1\Wanadoo\CnxMon.exe
    C:\PROGRA~1\Wanadoo\taskbaricon.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\PROGRA~1\Wanadoo\EspaceWanadoo.exe
    C:\PROGRA~1\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\ewido anti-spyware 4.0\guard.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Documents and Settings\DALBON Romain\Mes documents\Mes fichiers reçus\à garder\Logiciels\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.targa.gmbh/eng/targa/
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
    O4 - HKLM\..\Run: [CARPService] carpserv.exe
    O4 - HKLM\..\Run: [AntivirusRegistration] C:\Program Files\CA\Etrust Antivirus\Register.exe
    O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
    O4 - HKLM\..\Run: [ledpointer] CNYHKey.exe
    O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
    O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
    O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
    O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
    O4 - HKLM\..\RunOnce: [srePostpone] rundll32.exe c:\windows\system32\zonelabs\srescan.dll,DoSpecialAction
    O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
    O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
    O14 - IERESET.INF: START_PAGE_URL=https://www.targa.gmbh/eng/targa/
    O17 - HKLM\System\CCS\Services\Tcpip\..\{7D300B8C-E0EC-4676-BC1C-7CE615B82653}: NameServer = 80.10.246.1 80.10.246.132
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Voilà, j'attends ta réponse et merci encore de ton aide!
    Bonne soirée!
    0
    1. Utilisateur anonyme
       
      Salut,

      maintenant, fait ça

      Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
      Une fois qu'il a terminé colle le rapport ici stp

      https://www.bitdefender.com/toolbox/
      0
  3. Jack Bauer 74 Messages postés 47 Statut Membre 2
     
    Salut!
    Voilà c'est fait, va sur ce lien pour voir le résultat de l'analyse :

    C:\Documents and Settings\DALBON Romain\Mes documents\Mes fichiers reçus\rapport.html

    Et encore merci pour toutes ces instructions claires et précises!!!
    0
  4. ^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
     
    Jack Bauer 74 == > 24h/chrono
    Il te reste combien de temps ????

    lol
    ------------------>
    0
    1. Jack Bauer 74 Messages postés 47 Statut Membre 2
       
      Assez de temps je l'espère avant qu'internet ne fonctionne plus de nouveau!!!! lol
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    Bon Romain, j'arrive pas à voir ton rapport si tu peux le coller ici ça serait bien :-)
    0
    1. Jack Bauer 74 Messages postés 47 Statut Membre 2
       
      Salut!
      ça y est, voici un peu de lecture!!! lol



      BitDefender Online Scanner
      Scan report generated at: Wed, Sep 20, 2006 - 20:07:01
      Scan path: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;
      Statistics

      Time
      01:44:04

      Files
      865613

      Folders
      6212

      Boot Sectors
      4

      Archives
      8961

      Packed Files
      40488



      Results

      Identified Viruses
      17

      Infected Files
      105

      Suspect Files
      0

      Warnings
      0

      Disinfected
      0

      Deleted Files
      197




      Engines Info

      Virus Definitions
      455110

      Engine build
      AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

      Scan plugins
      13

      Archive plugins
      38

      Unpack plugins
      6

      E-mail plugins
      6

      System plugins
      1




      Scan Settings

      First Action
      Disinfect

      Second Action
      Delete

      Heuristics
      Yes

      Enable Warnings
      Yes

      Scanned Extensions
      *;

      Exclude Extensions


      Scan Emails
      Yes

      Scan Archives
      Yes

      Scan Packed
      Yes

      Scan Files
      Yes

      Scan Boot
      Yes




      Scanned File
      Status

      C:\Program Files\Norton AntiVirus\Quarantine\02301CE9.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\02301CE9.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\02301CE9.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\036C6D24.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\036C6D24.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\036C6D24.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\039A38F2.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\039A38F2.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\039A38F2.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\046D2BCF.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\046D2BCF.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\046D2BCF.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\049179A7.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Js.Cve.2005.1790.J

      C:\Program Files\Norton AntiVirus\Quarantine\049179A7.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\049179A7.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\06407B0A.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\06407B0A.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\06407B0A.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\065376F4.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\065376F4.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\065376F4.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\0D1B444D.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\0D1B444D.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\0D1B444D.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\0E2D48BF.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\0E2D48BF.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\0E2D48BF.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\0E4044A9.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\0E4044A9.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\0E4044A9.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\11B0173A.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\11B0173A.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\11B0173A.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\19415780.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\19415780.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\19415780.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\1952296E.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\1952296E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\1952296E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\1B2E5F52.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\1B2E5F52.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\1B2E5F52.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\1B425B3C.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\1B425B3C.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\1B425B3C.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\1FEB2D99.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\1FEB2D99.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\1FEB2D99.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\1FFC7F87.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\1FFC7F87.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\1FFC7F87.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\20B167C3.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\20B167C3.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\20B167C3.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\21AD146E.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\21AD146E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\21AD146E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2ACC206E.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\2ACC206E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2ACC206E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2ADD725C.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\2ADD725C.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2ADD725C.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2D6665FA.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\2D6665FA.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2D6665FA.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2D7A61E4.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\2D7A61E4.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2D7A61E4.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2EA57984.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\2EA57984.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2EA57984.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\2EF7132A.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\2EF7132A.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\2EF7132A.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\355719B9.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\355719B9.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\355719B9.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\35686BA7.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\35686BA7.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\35686BA7.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\37843334.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\37843334.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\37843334.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\37A96DF3.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\37A96DF3.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\37A96DF3.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\39781A65.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\39781A65.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\39781A65.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\398C1650.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\398C1650.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\398C1650.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\399E3584.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\399E3584.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\399E3584.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\39AE0772.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\39AE0772.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\39AE0772.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\3DF25552.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\3DF25552.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\3DF25552.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\3E4718F5.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\3E4718F5.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\3E4718F5.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\3EEA4C41.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\3EEA4C41.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\3EEA4C41.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\3EF12709.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\3EF12709.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\3EF12709.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\40D46CF5.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\40D46CF5.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\40D46CF5.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\41747645.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\41747645.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\41747645.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\419E1816.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\419E1816.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\419E1816.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\41AB4008.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\41AB4008.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\41AB4008.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\420A01A0.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\420A01A0.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\420A01A0.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\42EF4BFB.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\42EF4BFB.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\42EF4BFB.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\46F33A15.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\46F33A15.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\46F33A15.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\47334D76.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\47334D76.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\47334D76.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\4808393E.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\4808393E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\4808393E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\481C3529.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\481C3529.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\481C3529.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\48722C11.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\48722C11.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\48722C11.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\488627FC.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\488627FC.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\488627FC.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\4CB12537.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\4CB12537.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\4CB12537.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\4CC17725.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\4CC17725.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\4CC17725.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\54C36C53.htm=>(Quarantine-2)
      Infected with: Exploit.Phel.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\54C36C53.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\54C36C53.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\54D33E41.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\54D33E41.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\54D33E41.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\5EE8697F.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\5EE8697F.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\5EE8697F.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\5EEB137B.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\5EEB137B.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\5EEB137B.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\5EFF0F66.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\5EFF0F66.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\5EFF0F66.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6185089E.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\6185089E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6185089E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\61B3546C.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\61B3546C.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\61B3546C.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6691089D.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\6691089D.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6691089D.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\67ED3F5F=>(Quarantine-2)
      Infected with: Trojan.Delf.DK

      C:\Program Files\Norton AntiVirus\Quarantine\67ED3F5F=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6B9A68F5.exe=>(Quarantine-2)
      Infected with: Trojan.Downloader.Small.ON

      C:\Program Files\Norton AntiVirus\Quarantine\6B9A68F5.exe=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6B9A68F5.exe=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6B9D12F1.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\6B9D12F1.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6B9D12F1.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6BAA3AE3.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\6BAA3AE3.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6BAA3AE3.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6CAC2FC7.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\6CAC2FC7.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6CAC2FC7.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\6CC355AE.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\6CC355AE.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\6CC355AE.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\709629B6.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\709629B6.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\709629B6.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\713930F3.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\713930F3.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\713930F3.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\715A54CF.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\715A54CF.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\715A54CF.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\73213093.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\73213093.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\73213093.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\745E7D6D.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\745E7D6D.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\745E7D6D.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\77123A53.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\77123A53.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\77123A53.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7726363E.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\7726363E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7726363E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\77A42FE4.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\77A42FE4.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\77A42FE4.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\78242A95.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\78242A95.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\78242A95.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\78382680.htm=>(Quarantine-2)
      Infected with: Trojan.Htmlhelpcontrol.Exploit.A

      C:\Program Files\Norton AntiVirus\Quarantine\78382680.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\78382680.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\79780FB0.exe=>(Quarantine-2)
      Infected with: Win32.Bube.L

      C:\Program Files\Norton AntiVirus\Quarantine\79780FB0.exe=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\79780FB0.exe=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\798C0B9A.exe=>(Quarantine-2)
      Infected with: Win32.Bube.L

      C:\Program Files\Norton AntiVirus\Quarantine\798C0B9A.exe=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\798C0B9A.exe=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7A767C7C.exe=>(Quarantine-2)
      Infected with: Backdoor.Lil.A

      C:\Program Files\Norton AntiVirus\Quarantine\7A767C7C.exe=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7A767C7C.exe=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7ADE3C09.exe=>(Quarantine-2)
      Infected with: Backdoor.Lil.A

      C:\Program Files\Norton AntiVirus\Quarantine\7ADE3C09.exe=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7ADE3C09.exe=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7C3F64D2.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\7C3F64D2.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7C3F64D2.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7C835687.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\7C835687.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7C835687.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7D4403B3.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\7D4403B3.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7D4403B3.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7DBD152E.htm=>(Quarantine-2)
      Infected with: Exploit.Html.MhtRedir.Gen

      C:\Program Files\Norton AntiVirus\Quarantine\7DBD152E.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7DBD152E.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7EA52762.htm=>(Quarantine-2)
      Infected with: Trojan.Exploit.Vbs.Phel.A

      C:\Program Files\Norton AntiVirus\Quarantine\7EA52762.htm=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7EA52762.htm=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7EC70407.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\7EC70407.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7EC70407.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7F084BBF.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\7F084BBF.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7F084BBF.wmf=>(Quarantine-2)
      Deleted

      C:\Program Files\Norton AntiVirus\Quarantine\7F296F9B.wmf=>(Quarantine-2)
      Infected with: Exploit.Win32.WMF-PFV

      C:\Program Files\Norton AntiVirus\Quarantine\7F296F9B.wmf=>(Quarantine-2)
      Disinfection failed

      C:\Program Files\Norton AntiVirus\Quarantine\7F296F9B.wmf=>(Quarantine-2)
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP421\A0090121.exe
      Detected with: Adware.PurityScan.D

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP421\A0090121.exe
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP421\A0090121.exe
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111931.exe
      Detected with: Application.Adware.NewDotNet.B.Dropper

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111931.exe
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111932.exe
      Infected with: Trojan.Secondthought.AA

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111932.exe
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111932.exe
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111934.exe
      Infected with: Trojan.Downloader.Winfixer.O

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111934.exe
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP476\A0111934.exe
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112077.exe=>(Quarantine-2)
      Infected with: Trojan.Downloader.Small.ON

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112077.exe=>(Quarantine-2)
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112077.exe=>(Quarantine-2)
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112078.exe=>(Quarantine-2)
      Infected with: Win32.Bube.L

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112078.exe=>(Quarantine-2)
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112078.exe=>(Quarantine-2)
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112079.exe=>(Quarantine-2)
      Infected with: Win32.Bube.L

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112079.exe=>(Quarantine-2)
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112079.exe=>(Quarantine-2)
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112080.exe=>(Quarantine-2)
      Infected with: Backdoor.Lil.A

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112080.exe=>(Quarantine-2)
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112080.exe=>(Quarantine-2)
      Deleted

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112081.exe=>(Quarantine-2)
      Infected with: Backdoor.Lil.A

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112081.exe=>(Quarantine-2)
      Disinfection failed

      C:\System Volume Information\_restore{54D8DA60-6A4A-42A7-A8E5-96FEC1364212}\RP478\A0112081.exe=>(Quarantine-2)
      Deleted

      C:\WINDOWS\Ecrans de veille\iceagescr.exe=>wise0020
      Detected with: Application.Adware.NewDotNet.B.Dropper

      C:\WINDOWS\Ecrans de veille\iceagescr.exe=>wise0020
      Deleted

      C:\WINDOWS\Ecrans de veille\iceagescr.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\iceagescr.exe=>wise0023
      Infected with: Trojan.Muldrop.1869.A

      C:\WINDOWS\Ecrans de veille\iceagescr.exe=>wise0023
      Disinfection failed

      C:\WINDOWS\Ecrans de veille\iceagescr.exe=>wise0023
      Deleted

      C:\WINDOWS\Ecrans de veille\iceagescr.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0059
      Infected with: Dropped:Application.Adware.NewDotNet.A

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0059
      Disinfection failed

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0059
      Deleted

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0060
      Detected with: Application.Adware.NewDotNet.B.Dropper

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0060
      Deleted

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0063
      Infected with: Trojan.Silentinstall.A

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0063
      Disinfection failed

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe=>wise0063
      Deleted

      C:\WINDOWS\Ecrans de veille\Living 3D Dolphins\dolphinfree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0059
      Infected with: Dropped:Application.Adware.NewDotNet.A

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0059
      Disinfection failed

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0059
      Deleted

      C:\WINDOWS\Ecrans de veille\marinefree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0060
      Detected with: Application.Adware.NewDotNet.B.Dropper

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0060
      Deleted

      C:\WINDOWS\Ecrans de veille\marinefree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0063
      Infected with: Trojan.Silentinstall.A

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0063
      Disinfection failed

      C:\WINDOWS\Ecrans de veille\marinefree.exe=>wise0063
      Deleted

      C:\WINDOWS\Ecrans de veille\marinefree.exe
      Update failed

      C:\WINDOWS\Ecrans de veille\Matrix3DSetup.exe=>wise0018
      Detected with: Application.Adware.NewDotNet.B.Dropper

      C:\WINDOWS\Ecrans de veille\Matrix3DSetup.exe=>wise0018
      Deleted

      C:\WINDOWS\Ecrans de veille\Matrix3DSetup.exe
      Update failed



      pffffff! voilà voilà
      en tout cas, qu'est ce que j'aimerais parler cette langue là, ce serait bien pratique et ça éviterais d'embêter du monde!!!
      Merci encore!
      0
      1. Utilisateur anonyme > Jack Bauer 74 Messages postés 47 Statut Membre
         
        Ola,

        attention àa ce que tu telecharges, surtout tes ecrans de veille, je sais pas ou tu les telecharges mais tu raménes pleins de salopries avec ça :-/

        Fait ça:

        aAlors ceci; C:\System Volume Information\_restore(voir rapport Bitdefender) indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.

        Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"

        ¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
        ¤ decoches la case et clic sur "appliquer" puis "ok".

        Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:

        Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
        Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.


        puis fait ça pour verifier

        telecharge ça:
        http://download.bleepingcomputer.com/sUBs/combofix.exe

        appuyes sur "Y" pour continuer

        Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
        0
    2. Jack Bauer 74 Messages postés 47 Statut Membre 2
       
      Voici le résultat: (Zonealarm m'a bloqué plein de trucs nécessaires pour faire cette analyse, j'ai accepté en acceptant l'opération qu'une fois, j'espère que j'ai bien fait?!


      DALBON Romain - 06-09-21 19:39:55,75 Service Pack 2
      ComboFix 06.09.21 - Running from: "C:\Documents and Settings\DALBON Romain\Mes documents\Mes fichiers re‡us"

      (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))



      ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

      Folders Quarantined:

      C:\QooBox\Purity\WINDOWS\CROSOF~1


      ((((((((((((((((((((((((((((((( Files Created from 2006-08-21 to 2006-09-21 ))))))))))))))))))))))))))))))))))


      2006-09-17 15:50 32,768 --a------ C:\WINDOWS\system32\ffJmpWeb.dll
      2006-09-16 10:44 42,920 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll


      (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


      2006-09-21 19:26 -------- d-------- C:\Program Files\Wanadoo
      2006-09-21 19:15 -------- d-------- C:\Documents and Settings\DALBON Romain\Application Data\Skype
      2006-09-21 18:43 -------- d-------- C:\Program Files\eDonkey2000
      2006-09-21 17:47 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
      2006-09-21 17:46 -------- d-a------ C:\Program Files\Fichiers communs
      2006-09-20 20:44 74 ---hs---- C:\Documents and Settings\DALBON Romain\Application Data\.zreglib
      2006-09-20 16:11 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
      2006-09-19 20:09 -------- d-------- C:\Program Files\eMule
      2006-09-19 17:09 -------- d-------- C:\Program Files\GameSpy Arcade
      2006-09-18 19:18 -------- d-------- C:\Program Files\Kazaa Lite K++
      2006-09-17 15:50 -------- d-------- C:\Program Files\Wanadoo Messager
      2006-09-16 13:26 -------- d--h----- C:\Program Files\InstallShield Installation Information
      2006-09-16 13:26 -------- d-------- C:\Program Files\Kazaa
      2006-09-16 11:01 174592 --a------ C:\WINDOWS\system32\LEXPPS.EXE
      2006-09-16 10:44 -------- d-------- C:\Program Files\Zone Labs
      2006-09-15 22:52 91904 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
      2006-09-15 22:52 124016 --a--c--- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
      2006-08-29 18:55 -------- d-------- C:\Program Files\Oxilog
      2006-08-21 14:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
      2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
      2006-08-21 11:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
      2006-08-20 22:50 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll
      2006-08-20 22:49 -------- d-------- C:\Program Files\SlySoft
      2006-08-18 03:58 20096 --a------ C:\WINDOWS\system32\drivers\AnyDVD.sys
      2006-08-16 14:51 -------- d-------- C:\Program Files\Internet Explorer
      2006-08-05 01:08 -------- d-------- C:\Program Files\NetMeeting
      2006-08-05 01:08 -------- d-------- C:\Program Files\MSN Messenger
      2006-08-05 01:08 -------- d-------- C:\Program Files\Microsoft Works
      2006-08-05 01:08 -------- d-------- C:\Program Files\Messenger
      2006-08-05 01:08 -------- d-------- C:\Program Files\Lexmark Fax Solutions
      2006-08-05 00:36 -------- d-------- C:\Program Files\Fichiers communs\ODBC
      2006-08-05 00:31 -------- d-------- C:\Program Files\Fichiers communs\ErrorSafe
      2006-08-04 13:50 -------- d-------- C:\Program Files\CCleaner
      2006-07-30 10:39 2 --a------ C:\WINDOWS\system32\wnsapisv.exe
      2006-07-28 17:03 -------- d-------- C:\Program Files\CyberLink
      2006-07-27 15:26 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
      2006-07-27 13:36 46144 --a------ C:\Documents and Settings\DALBON Romain\Application Data\wklnhst.dat
      2006-07-21 10:27 72704 --a------ C:\WINDOWS\system32\hlink.dll
      2006-06-22 07:13 69120 --a------ C:\WINDOWS\system32\ciodm.dll
      2006-06-22 07:13 1440768 --a------ C:\WINDOWS\system32\query.dll


      (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

      *Note* empty entries are not shown

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Steam"=""

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "NVRaidService"="C:\\WINDOWS\\system32\\nvraidservice.exe"
      "CARPService"="carpserv.exe"
      "AntivirusRegistration"="C:\\Program Files\\CA\\Etrust Antivirus\\Register.exe"
      "CHotkey"="mHotkey.exe"
      "ledpointer"="CNYHKey.exe"
      "OEM-Reset"=""
      "Lexmark 2200 Series"="\"C:\\Program Files\\Lexmark 2200 Series\\lxbvbmgr.exe\""
      "FaxCenterServer"="\"C:\\Program Files\\Lexmark Fax Solutions\\fm3032.exe\" /s"
      @=""
      "SpeedTouch USB Diagnostics"="\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" /icon"
      "ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
      "ccRegVfy"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccRegVfy.exe\""
      "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
      "Zone Labs Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
      "WooCnxMon"="C:\\PROGRA~1\\Wanadoo\\CnxMon.exe"
      "WOOWATCH"="C:\\PROGRA~1\\Wanadoo\\Watch.exe"
      "WOOTASKBARICON"="C:\\PROGRA~1\\Wanadoo\\taskbaricon.exe"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
      "Installed"="1"
      "NoChange"="1"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
      "Installed"="1"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonce]
      "srePostpone"="rundll32.exe c:\\windows\\system32\\zonelabs\\srescan.dll,DoSpecialAction"

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
      "DeskHtmlVersion"=dword:00000110
      "DeskHtmlMinorVersion"=dword:00000005
      "Settings"=dword:00000001
      "GeneralFlags"=dword:00000001

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
      "Source"="About:Home"
      "SubscribedURL"="About:Home"
      "FriendlyName"="Ma page d'accueil"
      "Flags"=dword:00000002
      "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
      00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
      "CurrentState"=hex:04,00,00,40
      "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
      ff,ff,04,00,00,00
      "RestoredStateInfo"=hex:18,00,00,00,12,03,00,00,23,00,00,00,dc,00,00,00,d2,00,\
      00,00,01,00,00,00

      [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

      [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
      "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
      "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
      "NoDriveTypeAutoRun"=hex:95,00,00,00

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
      "dontdisplaylastusername"=dword:00000000
      "legalnoticecaption"=""
      "legalnoticetext"=""
      "shutdownwithoutlogon"=dword:00000001
      "undockwithoutlogon"=dword:00000001

      [HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
      "NoDriveTypeAutoRun"=dword:00000091

      [HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
      "NoDriveTypeAutoRun"=dword:00000091

      [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
      "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
      "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
      "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
      "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"


      HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
      securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


      Contents of the 'Scheduled Tasks' folder
      C:\WINDOWS\tasks\Norton AntiVirus - Analyser mon ordinateur.job
      C:\WINDOWS\tasks\Symantec NetDetect.job

      Completion time: 21/09/2006 19:40:34.03
      ComboFix.txt
      ComboFix2.txt
      0
  7. Utilisateur anonyme
     
    oui, tu as bien fait :-)

    Bon, tu fais ce que tu veux, mais attention avec tes logiciels de P2P ça raméne pleins de salopries, si tu as encore Kazaa un conseil; dédsinstalle le, c'est rempli de saloprie

    Clic sur demarrer,, poste de travail, C:, Windows, system32, et supprime ce fichier

    wnsapisv.exe

    Puis dis moi comment va ton Pc ;-)
    0
  8. Jack Bauer 74 Messages postés 47 Statut Membre 2
     
    ok entendu. Pour Kazaa, non je l'ai plus. Mon pc ne rame plus déjà c'est un sacré plus.
    Y me reste cependant quelques petites choses dont je ne sais que faire:

    J'ai Zonealarm depuis pas longtemps, je ne le connais pas encore très très bien; j'ai suivi un tutorial sur le net pour le paramétré au mieux mais je me retrouve très souvent avec des messages d'alertes (souvent les mêmes) comme quoi tel ou tel application a essayé de se connecter à internet...
    C'est donc très souvent des .exe que je ne connais pas donc par précautions, je les refuse tout le temps mais peut être est-ce non dangereux, je ne sais pas...
    A partir de ce soir, je vais commencer à en faire la liste de ces messages d'alertes et puis je te les posterai ici pour que tu puisse me dire quoi faire exactement, ok?

    Autre chose aussi mais c'est un détail: j'ai depuis toujours une petite fenêtre bleu 'LED HOTKEY KEYBOARD" située au-dessus de l'horloge qui m'indique si mon clavier et souris sans fil est actif, si je suis en minuscule ou en majuscules,...
    Tout marchait très bien jusqu'à cette série de problème de sécurité: parfois il fonctionne parfaitement, d'autres fois il ne détecte pas le changement min/maj/verr num, et parfois aussi une fenêtre apparait aussi dans la barre des taches (embêtant lorsque qu'on en a justement beaucoup). J'ai remarqué également que lorque ce petit programme ne fonctionne pas, impossible aussi d'ouvrir ma messagerie wanadoo... petit detail qui devient alors un gros detail embetant!
    Et quand je redemarre, tout remarche! Alors est ce que tout cela serait lié aussi avec les messages d'alerte de Zonealarm?

    Dieu seul (et toi aussi bien evidemment!) peuvent me le dire! lol
    0
    1. Utilisateur anonyme
       
      Pour ce qui est de ZoneAlarm, je ne l'utilise plus, donc j'peux pas trop de guider, mais quand tu as une alerte, regarde bien le processus comme tu fais, exemple: abcde.exe si tu connais pas tu bloques par précaution ça c'est bien, mais il faut aussi regarder où est installé ce processus (abcde.exe)

      Par exemple, si tu as une alerte comme ça:

      C:/windows/temp/WgeroT/abcdpp.exe < suspect donc refuser


      Nettoye réguliérement ton Pc et surtout les fichiers temporaires pas mal de salopries s'y installe peut-être que tes alertes viennent de là

      Regarde ici à manuellement

      https://kerio.probb.fr/t13-pourquoi-et-comment-supprimer-nettoyer-les-fichiers-temporaires


      Peut-etre que ton probléme vient du fait que tu refuses quelque chose au clavier ;-)
      A verifier !
      0
      1. Jack Bauer 74 Messages postés 47 Statut Membre 2 > Utilisateur anonyme
         
        ok, je regarderais tout ça:
        Une dernière chose donc, avant de te foutre la paix quelques temps (lol):
        Voici 6 messsages qui sont revenus depuis tout à l'heure, si ça te dis quelque chose:

        Au démarrage de Windows:

        - NVIDIA Driver Helper Service, Version 84.21 tente de définir 'NvCplDaemon' pour etre executé à chaque demarrage de l'ordinateur.
        Application: nvsvc32.exe

        -CEPPS.exe tente d'agir en temps que serveur

        -Common Client Windows Account Validation Service tente de supprimer un pilote ou un service: EVENTLOG\APPLICATION\CCPWDSVC
        Application: CCPWDSVC.EXE

        -Windows Genuine Advantage Notification tente de lire et de modifier la mémoire physique.
        Application: WgaTray.exe

        Et dès que je me connecte à internet/envois un message outlook:

        -Common Client CC App tente d'accéder à internet/tente d'envoyer un message.
        Identification: Programme connu. Identifié, signé.
        Application: CCAPP.EXE

        -Module de communication tente de modifier la page d'accueil de votre navigateur.
        Application: ComComp.exe

        Voilà déjà ceux qui reviennent assez souvent...

        Et bien merci pour tout ce que tu as fais pour moi, c'était vraiment très clair, très précis, et en plus ya le résultat qui suit derrière donc c'est fabuleux!!!
        Merci beaucoup, bonne fin de soirée et @bientôt! (maintenant que je connais l'adresse en cas de pb! ;-)
        0
  9. Utilisateur anonyme
     
    Alors,

    1. NVIDIA Driver Helper Service, Version 84.21 tente de définir 'NvCplDaemon' pour etre executé à chaque demarrage de l'ordinateur.
    Application: nvsvc32.exe

    tout ce petit monde appartient à ta carte graphique Nvidia donc pas de soucis à avoir, tu peux néanmoins arrêter le service NVIDIA Driver Helper Service(tape: services.msc > puis "désactivé") et enlever ensuite NvCplDaemon du démarrrage

    2. CEPPS.exe tente d'agir en temps que serveur

    Suspect refuse

    3. -Common Client Windows Account Validation Service tente de supprimer un pilote ou un service: EVENTLOG\APPLICATION\CCPWDSVC
    Application: CCPWDSVC.EXE

    apaprtient à Symanect, Internet Security pas de soucis

    4.-Windows Genuine Advantage Notification tente de lire et de modifier la mémoire physique.
    Application: WgaTray.exe

    Appartient à Windows le fameu WGA refuse lui l'accès

    5.-Common Client CC App tente d'accéder à internet/tente d'envoyer un message.
    Identification: Programme connu. Identifié, signé.
    Application: CCAPP.EXE

    Appartient à Symantec, Norton anti-virus pas de soucis,

    6.Module de communication tente de modifier la page d'accueil de votre navigateur.
    Application: ComComp.exe

    appartient à Wandoo présent dans on pack, il veut modifier ta page de démarrage et remettre la sienne, refuse lui

    voilà chef :-)

    hésite surtout pas si t'as des question/problémes

    A++
    0
  10. Jack Bauer 74 Messages postés 47 Statut Membre 2
     
    ok, merci pour tout, @+
    0
  11. Jack Bauer 74 Messages postés 47 Statut Membre 2
     
    Salut Boulepate!

    J'ai encore besoin de toi pour quelques petits pb concernant la sécurité de mon PC...
    Déjà, mon PC va beaucoup mieux depuis toutes les manip faites précedemment et je t'en remercie encore une fois!

    Mes petits problèmes:

    -Quand je lance l'anti-espion de Zonealarm, il me retrouve sans arrêt le 'Winfixer2005' que je supprime mais il revient sans arrêt à chaque analyse... Comment s'en défaire une bonne fois pour toute?

    -2 messages d'alerte de Zonealarm: (autoriser ou refuser?)
    .Client Server Runtime Process tente de terminer: C:\Windows\mhotkey.exe
    Application: csrss.exe

    .LEXPPS.EXE tente d'empêcher "LexPPS.exe de s'exécuter à chaque demarrage de l'ordi en modifiant la clé de registre: HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
    Application: LEXPPS.EXE

    -3ème question:
    Un seul pare-feu suffit-il (ZoneAlarm) ou bien est-ce que celui de Windows activé avec ZoneAlarm est encore plus efficace ou au contraire déconseillé ?

    -Dernière question:
    Quand j'ai acheté mon PC, Etrust Antivirus était fourni en version d'essai... Arrivé à expiration, je l'ai désinstallé pour mettre Norton 2003. Mais depuis, J'ai toujours vu un résidu de Etrust dans Ajout/suppression de programme: "Etrust Registration" que je n'arrive pas à enlever...
    Y a-t-il des risques qu'il marche sur les pieds de mon brave Norton?

    Voilà voilà, merci d'avance et je te souhaite un bon week end! ;-)
    0