Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

winfixer et d'autres spywares

 

1 utilisateur anonyme et 44 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1
Auteur
 Sujet :

winfixer et d'autres spywares

Prévenir les modérateurs en cas d'abus 
belou2006
belou2006
  1. Posté le 02/01/2006 à 08:31:57  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salu à tous

 Comme beaucoup  je me suis chopé winfixer et d'autres spywares à mon avis

 après lecturer du post http://forum.telecharger.01net [...] ges-1.html

 après plusieurs passages d' adaware SE    il m'enreste

 Pourriez vous m'aider à les identifier et quoi supprimer

 Ci dessous les logs de Hijack   Kaspersky  et Panda on line
 Logfile of HijackThis v1.99.1
 Scan saved at 7:59:26, on 2/01/2006
 Platform: Windows XP SP2 (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
 C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
 C:\WINDOWS\system32\brsvc01a.e​xe
 C:\WINDOWS\system32\brss01a.ex​e
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
 C:\Program Files\Aquarius Soft\PC Shutdown\ASSDNTS.exe
 C:\WINDOWS\System32\GEARSec.ex​e
 C:\WINDOWS\System32\mgabg.exe
 C:\Program Files\Norton AntiVirus\navapsvc.exe
 C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EX​E
 C:\WINDOWS\system32\RioMSC.exe
 C:\Program Files\Norton AntiVirus\SAVScan.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
 C:\WINDOWS\system32\wdfmgr.exe
 C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
 C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 C:\WINDOWS\Logi_MwX.Exe
 C:\PROGRA~1\Maxtor\OneTouch\Ut​ils\OneTouch.exe
 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
 C:\WINDOWS\System32\PDesk\PDes​k.exe
 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
 C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\Mixer.exe
 C:\Program Files\SlySoft\AnyDVD\AnyDVD.ex​e
 C:\Program Files\QuickTime\qttask.exe
 C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
 C:\Program Files\Netropa\Onscreen Display\OSD.exe
 C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe
 C:\WINDOWS\system32\paytime.ex​e
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe
 C:\Program Files\RKD\AuctionNavigator\Auc​tionNavigator.exe
 C:\Program Files\MSN Messenger\MsnMsgr.Exe
 C:\WINDOWS\system32\paytime.ex​e
 C:\Program Files\Aquarius Soft\PC Shutdown\assdtray.exe
 C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Trial\CalCheck.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\AdPopupKiller\PopupZeroT​ray.exe
 E:\download\HijackThis.exe
 C:\Program Files\Fichiers communs\Symantec Shared\NMain.exe
 C:\Program Files\Internet Explorer\iexplore.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = c:\secure32.html
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Start Page = c:\secure32.html
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = c:\secure32.html
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = c:\secure32.html
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Local Page = c:\secure32.html
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Local Page = c:\secure32.html
 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = localhost
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: PopupZeroIEDLL.CPopupZeroIEDLL - {A94EDD52-85B3-472F-8BC0-D651D​760FBF8} - C:\Program Files\AdPopupKiller\PopupZeroI​EDLL.dll
 O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445E​E161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l
 O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6​B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
 O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E​2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l
 O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859D​F00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
 O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9​BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Tool​band.dll
 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
 O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Ut​ils\OneTouch.exe
 O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
 O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDes​k.exe /Autolaunch
 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\​ADVCHK.EXE
 O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.ex​e /Consumer
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
 O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
 O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.ex​e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe"  -osboot
 O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\system32\paytime.ex​e
 O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe
 O4 - HKCU\..\Run: [AuctionNavigator] C:\Program Files\RKD\AuctionNavigator\Auc​tionNavigator.exe
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
 O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\system32\paytime.ex​e
 O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.ex​e
 O4 - HKCU\..\Run: [CU1] C:\Program Files\Common Files\VCClient\VCClient.exe
 O4 - HKCU\..\Run: [CU2] C:\Program Files\Common Files\VCClient\VCMain.exe
 O4 - HKCU\..\Run: [WinFixer  2005] C:\Program Files\WinFixer  2005\uwfx5.exe /scan
 O4 - Global Startup: Aquarius Soft PC Shutdown Tray Icon.lnk = C:\Program Files\Aquarius Soft\PC Shutdown\assdtray.exe
 O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Trial\CalCheck.exe
 O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMC​onf.exe
 O8 - Extra context menu item: Add all items to the auction list - res://c:\Program Files\RKD\AuctionNavigator\Bid​CtxtClick.dll/202
 O8 - Extra context menu item: Add this item to the auction list - res://c:\Program Files\RKD\AuctionNavigator\Bid​CtxtClick.dll/201
 O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECaptureSelLinks.html
 O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppendSelLinks.html
 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_AddToList.html
 O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_HSPrint.html
 O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Print.html
 O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Preview.html
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O15 - Trusted IP range: 193.58.81.70
 O16 - DPF: {00B71CFB-6864-4346-A978-C0A14​556272C} (Checkers Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downl [...] nicode.cab
 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215​F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C547​34667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105​AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/s [...] vSniff.cab
 O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C​1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/w [...] 0-3-36.cab
 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF​33E833C} (WUWebControl Class) - http://v5.windowsupdate.micros [...] 3325059371
 O16 - DPF: {644E432F-49D3-41A1-8DD5-E0991​62EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/s [...] /cabsa.cab
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD​1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F​29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/a [...] asinst.cab
 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0​A5519FF} (MsnMessengerSetupDownloadCont​rol Class) - http://messenger.msn.com/downl [...] loader.cab
 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-22031​3175592} (ZoneIntro Class) - http://messenger.zone.msn.com/ [...] b32846.cab
 O16 - DPF: {BD393C14-72AD-4790-A095-76522​973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A​3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
 O18 - Protocol: bw+0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw+0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9​B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305​202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.​dll" (file missing)
 O18 - Protocol: offline-8876480 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O20 - Winlogon Notify: avpe32 - C:\WINDOWS\SYSTEM32\avpe32.dll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: Aquarius Soft PC Shutdown NT Service - Aquarius Soft - C:\Program Files\Aquarius Soft\PC Shutdown\ASSDNTS.exe
 O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.e​xe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
 O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
 O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\Pg\command.exe (file missing)
 O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.ex​e
 O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
 O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
 O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
 O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EX​E
 O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
 O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
 O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\​SCRIPT~1\SBServ.exe
 O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
 O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe


 -----------

 ------------------------------​------------------------------​-------------------
 KASPERSKY ON-LINE SCANNER REPORT
 Monday, January 02, 2006 07:58:57
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky On-line Scanner version: 5.0.67.0
 Kaspersky Anti-Virus database last update:  1/01/2006
 Kaspersky Anti-Virus database records: 158327
 ------------------------------​------------------------------​-------------------

 Scan Settings:
  Scan using the following antivirus database: standard
  Scan Archives: true
  Scan Mail Bases: true

 Scan Target - My Computer:
  A:\
  C:\
  D:\
  E:\
  F:\
  G:\
  H:\
  I:\
  J:\
  K:\
  L:\
  M:\
  O:\

 Scan Statistics:
  Total number of scanned objects: 95235
  Number of viruses found: 18
  Number of infected objects: 64
  Number of suspicious objects: 0
  Duration of the scan process: 16656 sec

 Infected Object Name - Virus Name
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\8H47KZ8Z\sec​ure32[1].htm Infected: Trojan.Win32.Harnig.a
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\AB5DVZMF\ins​tall[1].exe/data0010 Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\AB5DVZMF\ins​tall[1].exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\ms1[1].txt Infected: Trojan-Downloader.Win32.Tiny.a​l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\Sim​pleCopier%204[1].13%20by%20CaSaPu.zip/crack.​ex​e Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\Sim​pleCopier%204[1].13%20by%20CaSaPu.zip Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\LTSF59NW\drs​martload[1].exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\OXK5M381\too​l2[1].txt Infected: not-virus:Hoax.Win32.Renos.aj
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\Q903E9I5\drs​martloadb[1].exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\QPBK1C3M\too​lbar[1].txt Infected: Trojan-Downloader.Win32.Adload​.j
 C:\Program Files\Norton AntiVirus\Quarantine\11F7536B/​File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\11F7536B Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\18BC1B49.​exe Infected: Email-Worm.Win32.Bagle.eg
 C:\Program Files\Norton AntiVirus\Quarantine\2340244C.​COM Infected: Trojan.DOS.KillCMOS.c
 C:\Program Files\Norton AntiVirus\Quarantine\2C8A01B5.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8A01B5.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8E2BB2.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8E2BB2.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9155AE.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9155AE.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C947FAA.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C947FAA.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9729A7.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9729A7.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2D14651E.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D14651E.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D170F1B.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D170F1B.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1A3917.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1A3917.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1D6314.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1D6314.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2DEE622E.​exe Infected: Trojan-Clicker.Win32.VB.kc
 C:\Program Files\Norton AntiVirus\Quarantine\389A0FAC.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\42834663/​File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\42834663 Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\44FA41CE Infected: Trojan-Downloader.Win32.IstBar​.is
 C:\Program Files\Norton AntiVirus\Quarantine\547A1383 Infected: Trojan-Downloader.Win32.IstBar​.is
 C:\Program Files\Norton AntiVirus\Quarantine\54A43554 Infected: Trojan-Downloader.JS.IstBar.s
 C:\Program Files\Norton AntiVirus\Quarantine\6D3E0959/[From info@sds.akzonobel.com][Date Mon, 09 May 2005 12:15:58 UTC]/mail_info.zip Infected: Email-Worm.Win32.Sober.p
 C:\Program Files\Norton AntiVirus\Quarantine\6D3E0959 Infected: Email-Worm.Win32.Sober.p
 C:\Program Files\Norton AntiVirus\Quarantine\70865A68 Infected: Trojan.DOS.KillCMOS.c
 C:\Program Files\Norton AntiVirus\Quarantine\72D231AD.​exe Infected: Packed.Win32.Klone.b
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\crack.exe Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\SimpleCopier 4[1].13 by CaSaPu.zip/crack.exe Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\SimpleCopier 4[1].13 by CaSaPu.zip Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​3\VCClient\installer.exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​6.exe Infected: not-virus:Hoax.Win32.Renos.aj
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​8.exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​9.exe/data0010 Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​9.exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​0.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​3.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​4.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​5.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​6.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​8.exe Infected: not-virus:Hoax.Win32.Renos.aj
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​0.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​3.exe Infected: Trojan-Downloader.Win32.Adload​.j
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​6.exe Infected: Trojan-Downloader.Win32.Tiny.a​l
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​7.html Infected: Trojan.Win32.Harnig.a
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115966.EXE Infected: Trojan-Downloader.Win32.Adload​.l
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115967.EXE Infected: Trojan-Downloader.Win32.Small.​buy
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115988.EXE Infected: Trojan.Win32.StartPage.aw

 Scan process completed.


 --------------------
 ------------------------------​------------------------------​-------------------
 KASPERSKY ON-LINE SCANNER REPORT
 Monday, January 02, 2006 07:58:57
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky On-line Scanner version: 5.0.67.0
 Kaspersky Anti-Virus database last update:  1/01/2006
 Kaspersky Anti-Virus database records: 158327
 ------------------------------​------------------------------​-------------------

 Scan Settings:
  Scan using the following antivirus database: standard
  Scan Archives: true
  Scan Mail Bases: true

 Scan Target - My Computer:
  A:\
  C:\
  D:\
  E:\
  F:\
  G:\
  H:\
  I:\
  J:\
  K:\
  L:\
  M:\
  O:\

 Scan Statistics:
  Total number of scanned objects: 95235
  Number of viruses found: 18
  Number of infected objects: 64
  Number of suspicious objects: 0
  Duration of the scan process: 16656 sec

 Infected Object Name - Virus Name
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\8H47KZ8Z\sec​ure32[1].htm Infected: Trojan.Win32.Harnig.a
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\AB5DVZMF\ins​tall[1].exe/data0010 Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\AB5DVZMF\ins​tall[1].exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\ms1[1].txt Infected: Trojan-Downloader.Win32.Tiny.a​l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\Sim​pleCopier%204[1].13%20by%20CaSaPu.zip/crack.​ex​e Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\KHQ3O1AJ\Sim​pleCopier%204[1].13%20by%20CaSaPu.zip Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\LTSF59NW\drs​martload[1].exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\OXK5M381\too​l2[1].txt Infected: not-virus:Hoax.Win32.Renos.aj
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\Q903E9I5\drs​martloadb[1].exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\Documents and Settings\abc\Local Settings\Temporary Internet Files\Content.IE5\QPBK1C3M\too​lbar[1].txt Infected: Trojan-Downloader.Win32.Adload​.j
 C:\Program Files\Norton AntiVirus\Quarantine\11F7536B/​File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\11F7536B Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\18BC1B49.​exe Infected: Email-Worm.Win32.Bagle.eg
 C:\Program Files\Norton AntiVirus\Quarantine\2340244C.​COM Infected: Trojan.DOS.KillCMOS.c
 C:\Program Files\Norton AntiVirus\Quarantine\2C8A01B5.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8A01B5.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8E2BB2.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C8E2BB2.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9155AE.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9155AE.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C947FAA.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C947FAA.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9729A7.​exe Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2C9729A7.​txt Infected: Trojan-PSW.Win32.Agent.bu
 C:\Program Files\Norton AntiVirus\Quarantine\2D14651E.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D14651E.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D170F1B.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D170F1B.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1A3917.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1A3917.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1D6314.​exe Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2D1D6314.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\2DEE622E.​exe Infected: Trojan-Clicker.Win32.VB.kc
 C:\Program Files\Norton AntiVirus\Quarantine\389A0FAC.​txt Infected: Packed.Win32.Klone.b
 C:\Program Files\Norton AntiVirus\Quarantine\42834663/​File-packed_dataInfo.exe Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\42834663 Infected: Email-Worm.Win32.Sober.y
 C:\Program Files\Norton AntiVirus\Quarantine\44FA41CE Infected: Trojan-Downloader.Win32.IstBar​.is
 C:\Program Files\Norton AntiVirus\Quarantine\547A1383 Infected: Trojan-Downloader.Win32.IstBar​.is
 C:\Program Files\Norton AntiVirus\Quarantine\54A43554 Infected: Trojan-Downloader.JS.IstBar.s
 C:\Program Files\Norton AntiVirus\Quarantine\6D3E0959/[From info@sds.akzonobel.com][Date Mon, 09 May 2005 12:15:58 UTC]/mail_info.zip Infected: Email-Worm.Win32.Sober.p
 C:\Program Files\Norton AntiVirus\Quarantine\6D3E0959 Infected: Email-Worm.Win32.Sober.p
 C:\Program Files\Norton AntiVirus\Quarantine\70865A68 Infected: Trojan.DOS.KillCMOS.c
 C:\Program Files\Norton AntiVirus\Quarantine\72D231AD.​exe Infected: Packed.Win32.Klone.b
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\crack.exe Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\SimpleCopier 4[1].13 by CaSaPu.zip/crack.exe Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​1\SimpleCopier 4[1].13 by CaSaPu.zip Infected: Trojan-Downloader.Win32.PassAl​ert.h
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​3\VCClient\installer.exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​6.exe Infected: not-virus:Hoax.Win32.Renos.aj
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​8.exe Infected: Trojan-Downloader.Win32.Adload​.l
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​9.exe/data0010 Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc15​9.exe Infected: Trojan-Downloader.Win32.Qoolog​ic.at
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​0.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​3.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​4.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​5.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​6.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc16​8.exe Infected: not-virus:Hoax.Win32.Renos.aj
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​0.html Infected: Trojan.Win32.Harnig.a
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​3.exe Infected: Trojan-Downloader.Win32.Adload​.j
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​6.exe Infected: Trojan-Downloader.Win32.Tiny.a​l
 C:\RECYCLER\S-1-5-21-448539723​-484763869-839522115-1003\Dc17​7.html Infected: Trojan.Win32.Harnig.a
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115966.EXE Infected: Trojan-Downloader.Win32.Adload​.l
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115967.EXE Infected: Trojan-Downloader.Win32.Small.​buy
 C:\System Volume Information\_restore{B1AF87C6-​65F7-4D26-BF8E-952C6CFC31A8}\R​P249\A0115988.EXE Infected: Trojan.Win32.StartPage.aw

 Scan process completed.


 SI vous avez une idée de quel soft faire tourner pour le nettoyage ou quoi suprrimer ....

 d'avance un grand merci

 a+




regis59ccm8
Tu cartonnes ! (de 500 à 999 messages postés)
  1. Posté le 02/01/2006 à 14:18:22  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Salut

 1/¤Désactive ta restauration système (uniquement si tu es sous XP):
 Clic droit sur poste de travail puis,
 propriété, tu cliques sur onglet restauration système
 tu coches la case « désactiver la restauration » et applique.

 2/telecharge et utilise ceci
 Clean Up 40:
 http://pageperso.aol.fr/balltrap34/CleanUp40.exe
 -aide en image:(merci à Balltrap34).
 http://pageperso.aol.fr/balltrap34/democleanup.htm

 3/vide la quarantaine de norton:
 C:\Program Files\Norton AntiVirus\Quarantine << supprime tout ce qu il y a dedans

 4/Vide ta corbeille

 5/Télécharge ceci: (merci a S!RI pour ce petit programme).
 http://siri.urz.free.fr/Fix/SmitfraudFix.zip
 Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
 Copie/colle le sur le poste stp.
 ------------------------------​------------------------------​----------------
 Démarre en mode sans échec :
 Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
 Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
 Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
 (Si F8 ne marche pas utilise la touche F5).  
 ------------------------------​------------------------------​----------------
 Relance le programme Smitfraud,
 Cette fois choisit l’option 2, répond oui a tous ;
 Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

 7/Remet un hijack this

 A+

(Publicité)
belou2006
  1. Posté le 02/01/2006 à 19:46:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci Régis

 J'étais impatient de rentrer du bureau pour tout remettre en ordre
 er surtout découvrir ton post

 merci d'être là

 voilà c'est faît comme demandé

 SmitFraudFix v2.11

 Rapport fait à 19:32:05,10 le lun. 02/01/2006
 Executé à partir de C:\Program Files\smitfraud\SmitfraudFix
 OS: Microsoft Windows XP [version 5.1.2600]

  » » » » » » » » » » » » » » » » » » » » » » » » Arret des processus


  » » » » » » » » » » » » » » » » » » » » » » » » Suppression des fichiers infectés

 C:\WINDOWS\system32\paytime.ex​e supprimé
 C:\Documents and Settings\abc\Application Data\Install.dat supprimé
 C:\Documents and Settings\abc\Menu Démarrer\Programmes\SpySheriff supprimé

 
  » » » » » » » » » » » » » » » » » » » » » » » » Nettoyage du registre
 
 Nettoyage terminé.

  » » » » » » » » » » » » » » » » » » » » » » » » Fin du rapport

 Logfile of HijackThis v1.99.1
 Scan saved at 19:42:29, on 2/01/2006
 Platform: Windows XP SP2 (WinNT 5.01.2600)
 MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\csrss.exe
 C:\WINDOWS\system32\services.e​xe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\system32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
 C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
 C:\WINDOWS\system32\brsvc01a.e​xe
 C:\WINDOWS\system32\spoolsv.ex​e
 C:\WINDOWS\system32\brss01a.ex​e
 C:\WINDOWS\Logi_MwX.Exe
 C:\PROGRA~1\Maxtor\OneTouch\Ut​ils\OneTouch.exe
 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
 C:\WINDOWS\System32\PDesk\PDes​k.exe
 C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
 C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
 C:\WINDOWS\Mixer.exe
 C:\Program Files\SlySoft\AnyDVD\AnyDVD.ex​e
 C:\Program Files\QuickTime\qttask.exe
 C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe
 C:\WINDOWS\system32\ctfmon.exe
 C:\Program Files\Messenger\msmsgs.exe
 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe
 C:\Program Files\RKD\AuctionNavigator\Auc​tionNavigator.exe
 C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
 C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
 C:\Program Files\Netropa\Onscreen Display\OSD.exe
 C:\Program Files\MSN Messenger\MsnMsgr.Exe
 C:\Program Files\Aquarius Soft\PC Shutdown\ASSDNTS.exe
 C:\WINDOWS\System32\GEARSec.ex​e
 C:\WINDOWS\System32\mgabg.exe
 C:\Program Files\Norton AntiVirus\navapsvc.exe
 C:\Program Files\Aquarius Soft\PC Shutdown\assdtray.exe
 C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Trial\CalCheck.exe
 C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EX​E
 C:\WINDOWS\system32\RioMSC.exe
 C:\Program Files\Norton AntiVirus\SAVScan.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
 C:\WINDOWS\system32\wdfmgr.exe
 C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
 C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 C:\WINDOWS\System32\svchost.ex​e
 C:\WINDOWS\system32\wuauclt.ex​e
 C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\AdPopupKiller\PopupZeroT​ray.exe
 C:\Program Files\Norton AntiVirus\OPScan.exe
 E:\download\HijackThis.exe

 R1 - HKCU\Software\Microsoft\Window​s\CurrentVersion\Internet Settings,ProxyOverride = localhost
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me = Liens
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: PopupZeroIEDLL.CPopupZeroIEDLL - {A94EDD52-85B3-472F-8BC0-D651D​760FBF8} - C:\Program Files\AdPopupKiller\PopupZeroI​EDLL.dll
 O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445E​E161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l
 O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6​B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
 O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E​2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l
 O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859D​F00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
 O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9​BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Tool​band.dll
 O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
 O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Ut​ils\OneTouch.exe
 O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
 O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\System32\PDesk\PDes​k.exe /Autolaunch
 O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
 O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\​ADVCHK.EXE
 O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.ex​e /Consumer
 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.​exe
 O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
 O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
 O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.ex​e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
 O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsch​ed.exe"  -osboot
 O4 - HKLM\..\Run: [drsmartloadb] c:\\drsmartloadb.exe
 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
 O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
 O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\Logi​techDesktopMessenger.exe
 O4 - HKCU\..\Run: [AuctionNavigator] C:\Program Files\RKD\AuctionNavigator\Auc​tionNavigator.exe
 O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
 O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
 O4 - HKCU\..\Run: [WinFixer  2005] C:\Program Files\WinFixer  2005\uwfx5.exe /scan
 O4 - Global Startup: Aquarius Soft PC Shutdown Tray Icon.lnk = C:\Program Files\Aquarius Soft\PC Shutdown\assdtray.exe
 O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 4.0 Trial\CalCheck.exe
 O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMC​onf.exe
 O8 - Extra context menu item: Add all items to the auction list - res://c:\Program Files\RKD\AuctionNavigator\Bid​CtxtClick.dll/202
 O8 - Extra context menu item: Add this item to the auction list - res://c:\Program Files\RKD\AuctionNavigator\Bid​CtxtClick.dll/201
 O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECapture.html
 O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppend.html
 O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIECaptureSelLinks.html
 O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dl​l/AcroIEAppendSelLinks.html
 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_AddToList.html
 O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_HSPrint.html
 O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Print.html
 O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Reso​urce.dll/RC_Preview.html
 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04​F795683} - C:\Program Files\Messenger\msmsgs.exe
 O15 - Trusted IP range: 193.58.81.70
 O16 - DPF: {00B71CFB-6864-4346-A978-C0A14​556272C} (Checkers Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C​29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downl [...] nicode.cab
 O16 - DPF: {14B87622-7E19-4EA8-93B3-97215​F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {17492023-C23A-453E-A040-C7C58​0BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
 O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C547​34667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/LSSupCtl.cab
 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105​AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/s [...] vSniff.cab
 O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C​1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/w [...] 0-3-36.cab
 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF​33E833C} (WUWebControl Class) - http://v5.windowsupdate.micros [...] 3325059371
 O16 - DPF: {644E432F-49D3-41A1-8DD5-E0991​62EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/s [...] /cabsa.cab
 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD​1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F​29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/a [...] asinst.cab
 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0​A5519FF} (MsnMessengerSetupDownloadCont​rol Class) - http://messenger.msn.com/downl [...] loader.cab
 O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-22031​3175592} (ZoneIntro Class) - http://messenger.zone.msn.com/ [...] b32846.cab
 O16 - DPF: {BD393C14-72AD-4790-A095-76522​973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/ [...] b31267.cab
 O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A​3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/SymAData.cab
 O18 - Protocol: bw+0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw+0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw-0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw00s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw10s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw20s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw30s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw40s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw50s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw60s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw70s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw80s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bw90s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwa0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwb0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwc0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwd0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwe0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwf0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9​B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwg0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwh0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwi0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwj0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwk0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwl0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwm0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwn0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwo0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwp0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwq0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwr0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bws0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwt0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwu0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwv0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bww0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwx0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwy0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: bwz0s - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305​202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.​dll" (file missing)
 O18 - Protocol: offline-8876480 - {B42BE85B-240E-493A-B199-85E6E​D41AAFA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPl​ugProtocol-8876480.dll
 O20 - Winlogon Notify: avpe32 - C:\WINDOWS\SYSTEM32\avpe32.dll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: Aquarius Soft PC Shutdown NT Service - Aquarius Soft - C:\Program Files\Aquarius Soft\PC Shutdown\ASSDNTS.exe
 O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.e​xe
 O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
 O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
 O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
 O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.ex​e
 O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\System32\mgabg.exe
 O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
 O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
 O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EX​E
 O23 - Service: RIO Mass Storage C (RioMSC) - Digital Networks North America, Inc. - C:\WINDOWS\system32\RioMSC.exe
 O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
 O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\​SCRIPT~1\SBServ.exe
 O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
 O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
 O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
 O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe

 merci pour votre aide

 ça a déjà l'air d'aller nettement mieux

 MAIS RESTE T IL QQ CHOSE DE SUSPECT ?

 Bonne soirée

 Page :
1

Aller à :
 

Sujets relatifs
malwares spywares Trojan Downloader Winfixer O résolu
Winfixer winfixer
Rogue:W32/WinFixer, navipromo + toolbar [résolu] Probleme Winfixer.cv
virus win32:Winfixer-H[Rtk] toujours présent avec avast Invasion de Winfixer
De l'aide pour supprimer WINfixer Présence de Win32:Adware-gen et Win32:Winfixer [résolu]
Plus de sujets relatifs à : winfixer et d'autres spywares

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
Error safe help 7
scan qui se bloque, compte utilisateur inconnu ? help ! 1
scan qui se bloque ?? gros probleme !!! 2
Wanadoo 8mega connexion faible > spyware? 16
Spyware impossible à supprimer 22