Sujet Précédent Sujet Suivant

Virus Win32 Adware.infecté.pubs

grinde Messages postés 2 Statut Membre -  
Destrio5 Messages postés 99820 Statut Modérateur -
Bonjour,

Pouvez vous m'aider? Je suis infesté de publicité à cause de win32...
Voici mon rapport hi-jack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:26:27, on 25/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\QTTask.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\documents and settings\m\local settings\application data\hijlmnop.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [hijlmnop] "c:\documents and settings\m\local settings\application data\hijlmnop.exe" hijlmnop
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
A voir également:

23 réponses

  • 1
  • 2
Réponse 1 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Salut,

- Télécharge Navilog1 (de IL-MAFIOSO) et enregistre-le sur le bureau :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

- Double-clique sur Navilog1.exe afin de lancer l'installation

- Si le fix ne se lance pas automatiquement après son installation, double-clique sur Navilog1 présent sur le bureau

- Appuie sur F ou f puis valide par Entrée

- Appuie sur une touche de ton clavier à chaque fois que cela est demandé, tu arriveras au menu des options

- Choisis l'option 1 et appuie sur la touche Entrée pour valider ton choix

- Patiente jusqu'au message : *** Analyse terminée le ..... ***

- Le scan fini, le bloc-notes contenant le rapport sera affiché, poste le contenu de ce rapport dans ta prochaine réponse

- Si le résultat du scan ne s'affiche pas, tu le trouveras dans C:\fixnavi.txt

N'utilise pas l'option 2, 3 et 4 sans notre accord, des fichiers légitimes peuvent être inclus dans ce scan.
0
Réponse 2 / 23
grinde Messages postés 2 Statut Membre
 
Merci pour ta réponse,

Entre temps j'ai restauré mon système à un état antérieur. Les pubs semblent être parties mais je pense que mon système est encore infecté. Je t'envoi le nouveau rapport hi-jack this.
Est-ce que les problèmes subsistent? Dois-je entamer la démarche de ton premier message?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:12:50, on 25/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 3 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Fais quand même Navilog1.
0
Réponse 4 / 23
grinde
 
Ok, voici le rapport :

Search Navipromo version 3.7.0 commencé le 25/12/2008 à 19:43:00,39

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : m ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1296 [VPS 081224-0] 4.8.1296 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:158 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\m\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\m\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\m\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\m\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\m\locals~1\applic~1" :

hijlmnop.dat trouvé !
hijlmnop_nav.dat trouvé !
hijlmnop_navps.dat trouvé !

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :

*** Analyse terminée le 25/12/2008 à 19:45:37,65 ***
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Infecté.

---> Relance Navilog1, fais l'option 2 et poste le rapport.
0
Réponse 6 / 23
grinde
 
Ok, voici le rapport :

Clean Navipromo version 3.7.0 commencé le 25/12/2008 à 20:45:48,18

Outil exécuté depuis C:\Program Files\navilog1

Mise à jour le 10.12.2008 à 21h00 par IL-MAFIOSO

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : Award Medallion BIOS v6.00PG
USER : m ( Administrator )
BOOT : Normal boot

Antivirus : avast! antivirus 4.8.1296 [VPS 081224-0] 4.8.1296 (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:186 Go (Free:158 Go)
D:\ (CD or DVD)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

Mode suppression automatique
avec prise en charge résultats Catchme et GNS

Nettoyage exécuté au redémarrage de l'ordinateur

*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans "C:\WINDOWS\System32" *

* Suppression dans "C:\Documents and Settings\m\locals~1\applic~1" *

*** Suppression dossiers dans "C:\WINDOWS" ***

*** Suppression dossiers dans "C:\Program Files" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***

*** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\m\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\m\locals~1\applic~1" ***

*** Suppression dossiers dans "C:\Documents and Settings\m\menudm~1\progra~1" ***

*** Suppression fichiers ***

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\m\locals~1\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :

* Dans "C:\WINDOWS\system32" *

* Dans "C:\Documents and Settings\m\locals~1\applic~1" *

hijlmnop.dat trouvé !
Copie hijlmnop.dat réalisée avec succès !
hijlmnop.dat supprimé !

hijlmnop_nav.dat trouvé !
Copie hijlmnop_nav.dat réalisée avec succès !
hijlmnop_nav.dat supprimé !

hijlmnop_navps.dat trouvé !
Copie hijlmnop_navps.dat réalisée avec succès !
hijlmnop_navps.dat supprimé !

*** Sauvegarde du Registre vers dossier Safebackup ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok

*** Certificats ***

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !

*** Recherche autres dossiers et fichiers connus ***

*** Nettoyage terminé le 25/12/2008 à 20:48:46,39 ***
0
Réponse 7 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
- Télécharge Random's System Information Tool (RSIT) (par random/random) sur ton Bureau.

- Double-clique sur RSIT.exe afin de lancer le programme.

- Clique sur Continue à l'écran Disclaimer.

- Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.

- Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (c'est celui qui apparaît à l'écran) ainsi que de info.txt (que tu verras dans la barre des tâches).

Note : Les rapports sont sauvegardés dans le dossier C:\rsit.
0
Réponse 8 / 23
grinde
 
Voici les rapports :

Logfile of random's system information tool 1.05 (written by random/random)
Run by m at 2008-12-25 21:27:28
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 163 GB (85%) free of 191 GB
Total RAM: 1023 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:33, on 25/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
C:\Documents and Settings\m\Bureau\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\m.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 9 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Désinstalle Java 6 Update 7.

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
---> Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
---> Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
---> Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
---> Sélectionne Exécuter un examen rapide.
---> Clique sur Rechercher. L'analyse démarre.

A la fin de l'analyse, un message s'affiche :

L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

---> Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
---> Ferme tes navigateurs.
Si des malwares ont été détectés, clique sur Afficher les résultats.
---> Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
---> MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
0
Réponse 10 / 23
grinde
 
Voici le rapport :

Malwarebytes' Anti-Malware 1.31
Version de la base de données: 1544
Windows 5.1.2600 Service Pack 3

25/12/2008 22:06:53
mbam-log-2008-12-25 (22-06-53).txt

Type de recherche: Examen rapide
Eléments examinés: 49657
Temps écoulé: 2 minute(s), 51 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d} (Adware.2020Search) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 11 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
---> Relance MBAM, va dans Quarantaine et supprime tout.

---> Désinstalle Navilog1 et HijackThis.

Ton PC va comment ?
0
Réponse 12 / 23
grinde
 
Je pense que mon PC va très bien maintenant, merci beaucoup.
Juste une question encore : Lors du démarrage du pc, un écran noir s'affiche avec le message suivant :
OC fail. Please enter set up to change fail settings

Comment faire pour cela (aller dans "installation" et changer les paramètres d'échec) ?
0
Réponse 13 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Depuis quand as-tu ce message ?
0
Réponse 14 / 23
grinde
 
Ce message s'affiche depuis un certain temps (6 mois environ ou plus).
0
Réponse 15 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Si le message s'affiche au démarrage quand le Bureau apparaît, fais ceci :

- Télécharge HijackThis v2.0.2 sur ton Bureau.

- Double-clique sur HJTInstall afin de lancer l'installation.

- Clique sur Install ensuite sur I Accept.

- Clique sur Do a system scan and save a logfile.

- Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.
0
Réponse 16 / 23
grinde
 
En fait le message apparaît pendant le démarrage avant l'apparition de l'écran bureau. Il apparaît sur un écran noir.
Voici le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:46, on 26/12/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\Dsp24Set.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\HP\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Logitech\SetPoint\LU\LULnchr.exe
C:\Program Files\HP\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Logitech\SetPoint\LU\LogitechUpdate.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DSP24] Dsp24Set.exe /n
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Le Petit Robert Hyperappel] C:\Program Files\Le Robert\Le Petit Robert\prhyper.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins FE\exe\l-express.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O18 - Protocol: bw+0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D9FCC52B-29E2-4D65-B9C6-F5A9068CF6C7} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 17 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Tu as fait de l'overclocking ?
0
Réponse 18 / 23
grinde
 
Non, en tout cas pas à ma connaissance. Je ne m'y connais pas du tout dans le overclocking...
0
Réponse 19 / 23
Destrio5 Messages postés 99820 Statut Modérateur 10 305
 
Je ne vois pas d'où vient l'erreur.
0
Réponse 20 / 23
grinde
 
Ok. En tout cas merci pour ton aide.
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses