Saleté de virus

Résolu/Fermé
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009 - 7 août 2009 à 16:32
 Utilisateur anonyme - 24 juin 2010 à 20:04
Bonjour,
moi j'ai la saleté de virus "qui te bloques sur msn" même si j'me souviens pas l'avoir ouvert pis j'sais pas comment faire pour m'en débarasser, j'y connais rien bordel! À l'aide!
A voir également:

54 réponses

Utilisateur anonyme
7 août 2009 à 17:05
ok, du calme, je l'impression que tu es tendu

télécharge GenProc sur ton bureau :
http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip

ou ici : http://www.genproc.com/GenProc.exe

dézippe le dossier, puis double-clique sur GenProc.bat
le programme va s'executer et générer un rappor à la fin de sacn

poste le contenu du rappor généré par genproc

Aide en images : http://www.alt-shift-return.org/Info/Fichiers/GenProc.zip

ou ici directement : http://www.genproc.com/GenProc.exe

Aide en images : http://www.alt-shift-return.org/Info/GenProc-HowTo.html

ou télécharge GenProc directement http://www.genproc.com/GenProc.exe

double-clique sur GenProc.exe et poste le contenu du rapport qui s'ouvre ensuite tu suit la procédure dans l'ordre .
1
Utilisateur anonyme
7 août 2009 à 16:57
bonjour,
prends le temps d'expliquer le symptomes de tes anomalies sur ton pc, ralentissement, fenetres pubilitaires......
on pourra mieux comprendre ton message.
sache une chose que nous ne sommes pas devant ton pc, on diagnostique avec ce que tu nous donnes comme élements.
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 17:02
Internet plante sans arrêt dès que j'ouvre ma boîte de messagerie pis quand j'suis sur le net, c'est très long avant que les pages s'ouvrent et ça c'est quand elle ouvrent! J'ai essayé avec spybot s&d pis avec avast ccleaner pis c'est toujours le même problème!
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 17:33
Rapport GenProc 2.611 [2] - 2009-08-07 à 11:29:07
@ Windows XP Service Pack 3 - Mode normal
@ Google Chrome (2.0.172.39) [Navigateur par défaut]

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :


Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
C:\Program Files\EsetOnlineScanner\log.txt




~~~~ INFORMATION COMPLEMENTAIRE ~~~~


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:08, on 2009-08-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cmd.exe
C:\Genproc\outil\Dede_GenProc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LogitechSetup] E:\Setup\Setup.exe /start /restart /l:fra
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1242940655406
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6CCB732-C7DC-408E-9B3D-30B7C2393F5A}: NameServer = 205.236.148.130 205.236.148.131
O18 - Protocol: bw+0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Utilisateur anonyme
7 août 2009 à 17:46
quand tu lances une recherches sur internet, est que tes recherches sont redirigé vers un autre site?
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 18:06
wow! Je crois pas mais j'vais t'avoué que j'le sais pas trop!
0
Utilisateur anonyme
7 août 2009 à 18:20
Edit:

Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
http://images.malwareremoval.com/random/RSIT.exe

Tuto : https://forum.pcastuces.com/randoms_system_information_tool_rsit-f31s31.htm
Double clique sur RSIT.exe pour lancer l'outil.
Clique sur ' continue ' à l'écran Disclaimer.
Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
Une fois le scan fini, 2 rapports vont apparaître. Poste le contenu des 2 rapports séparément. Ils se trouvent sur c :
(log.txt & info.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 18:37
Là, j'me sens plutôt nul, comment j'peux voir ça??? par ex; quand j'ouvre kijiji, dans le bas de page ça écrit "en attente de l'hôte..." pis là, y'a l'air de faire plusieurs page avant de finalement ouvrir!
0
Utilisateur anonyme
7 août 2009 à 18:43
tout est marqué comme porc salut deuus, lis un peu mon ami :

2 rapports séparément. Ils se trouvent sur c :
(log.txt & info.txt)
(CTRL+A Pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)
0
esquisse Messages postés 847 Date d'inscription samedi 5 juillet 2008 Statut Membre Dernière intervention 20 avril 2014 406
7 août 2009 à 18:47
Bonjour ici,

D'après ce que j'ai pu lire ici et là sur le net si tu reçois un mail ou un lien venant d'un de tes contact qui te dis de cliquer pour savoir "qui te bloque sur msn" bah c'est simple faut pas cliquer...faut supprimer.Si par malheur tu as cliquer, le site te demande tes identifiants,ta question secrète...etc,il ne faut en aucun cas donner ces informations c'est forcement une arnaque!!!!!

As-tu fais un scan avec ton antivirus personnel? si oui,as t-il trouver quelque chose?

Essaye aussi MSNFix que tu peux télécharger ici:
https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/43103.html
(il chercheras et supprimeras le virus s'il en trouve)

Tuto MSNFix:
https://www.malekal.com/supprimer-virus-desinfecter-pc/

Pour finir voici un lien pour vous informez des virus en cours,de leurs dangereusité et plein d'autre chose:
http://www.secuser.com/index.htm

Bon courage et tiens nous au courant :)
0
Utilisateur anonyme
7 août 2009 à 18:53
bonjour,
/!\ passer msnfix sans avoir ciblé l'infection pourrait cacher d'autres infection, pour tout diagnistique, il faut un rapport rsit, même avec hijackthis, on ne vois pas tout, d'ailleur un rapport rsit comporte un rapport ht.
le faite de cliquer sur le lien ne change rien avec avast, qui est son antivirus
Avast ne détecte pas grande chose ce stad.
lis ceci
Pourquoi changer ? :Avast Vs Antivir
Un point sur les antivirus : http://forum.malekal.com/ftopic3123.php
Antivir VS Avast! http://forum.malekal.com/ftopic3528.php
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 19:32
info.txt logfile of random's system information tool 1.06 2009-08-07 13:26:35

======Uninstall list======

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\system32\UninstIPP.isu
-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{329899E1-CBBA-49BC-9FFE-199E94316727}\setup.exe" -l0x40c -removeonly
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A91000000001}
AnyDVD-->"C:\Program Files\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Program Files\SlySoft\AnyDVD"
Apple Mobile Device Support-->MsiExec.exe /I{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c
ArcSoft Print Creations - Album Page-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1AlbumPage
ArcSoft Print Creations - Funhouse-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1Funhouse
ArcSoft Print Creations - Greeting Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1GreetingCard
ArcSoft Print Creations - Photo Book-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1PhotoBook
ArcSoft Print Creations - Photo Calendar-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1Calendar
ArcSoft Print Creations - Scrapbook-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1ScrapBook
ArcSoft Print Creations - Slimline Card-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c -1Slimline
ArcSoft Print Creations-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB0746B-5D91-48C1-9B87-27D503A220EC}\Setup.exe" -l0x40c
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bonjour-->C:\Program Files\Fichiers communs\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E0A96F36-D546-4A2A-BDAA-2A2A578B2C0D} /l1036
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Canon CanoScan Toolbox 5.0-->"C:\Program Files\Canon\CanoScan Toolbox Ver5.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\CanoScan Toolbox Ver5.0\uninst.ini
Canon PhotoRecord-->MsiExec.exe /X{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
Canon Utilities Easy-PrintToolBox-->C:\Program Files\Canon\Easy-PrintToolBox\uninst.exe uninst.ini
CanoScan 4400F-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803 /L0x000c
CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Correctif pour Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"
Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}
ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}
ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}
ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}
ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}
ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}
ESSPDock-->MsiExec.exe /I{FCDB1C92-03C6-4C76-8625-371224256091}
ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}
essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}
EVEREST Home Edition v2.20-->"C:\Program Files\Lavalys\EVEREST Home Edition\unins000.exe"
Galerie de photos Windows Live-->MsiExec.exe /X{44E54A81-9D91-4AA1-9417-80AFF134F5FF}
HijackThis 2.0.2-->"C:\Genproc\outil\HijackThis.exe" /uninstall
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{7370DF47-B4F9-4279-BFC3-3F09919F720D}
iTunes-->MsiExec.exe /I{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}
Java(TM) 6 Update 15-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216015FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}
kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}
kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}
kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}
kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}
kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}
kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}
Logiciel Kodak EasyShare-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0001_43b9d4\Setup.exe /APR-REMOVE
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\Setup.exe" -l0x40c UNINSTALL
Logitech QuickCam-->MsiExec.exe /X{10110FE9-1EE8-4A3D-ADFD-1294F86BE5FC}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB969897)-->"C:\WINDOWS\ie8updates\KB969897-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Mise à jour de sécurité pour Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Mise à jour de sécurité pour Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Mise à jour pour Windows Internet Explorer 8 (KB971180)-->"C:\WINDOWS\ie8updates\KB971180-IE8\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}
OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Presto! PageManager 7.15.14-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}\PMSetup.exe" -l0x40c anything -removeonly
Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x40c -removeonly
ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{C1E693A4-B1D5-4DCD-B68D-2087835B7184}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}
SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}
skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}
SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}
tooltips-->MsiExec.exe /I{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
VLC media player 1.0.0-->C:\Program Files\VideoLAN\VLC\uninstall.exe
VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Mail-->MsiExec.exe /I{63DC2DA0-2A6C-4C38-9249-B75395458657}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
Windows Live Sync-->MsiExec.exe /X{9C5EB781-0D37-44B8-9A58-77B3E4BF5F5E}
Windows Live Toolbar-->MsiExec.exe /X{F7D27C70-90F5-49B9-B188-0A133C0CE353}
Windows Live Writer-->MsiExec.exe /X{2231CE39-B963-4B9D-823A-F412ECA637B1}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090807-0]

======System event log======

Computer Name: DEDE-96B604BF90
Event Code: 20159
Message: La connexion à sogetel effectuée par l'utilisateur audreybedard utilisant le périphérique PPPoE7-0 a été déconnectée.

Record Number: 6275
Source Name: RemoteAccess
Time Written: 20090721203915.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 7036
Message: Le service Windows Installer est entré dans l'état : arrêté.

Record Number: 6274
Source Name: Service Control Manager
Time Written: 20090721144756.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 7023
Message: Le service Gestion d'applications s'est arrêté avec l'erreur :
Le module spécifié est introuvable.


Record Number: 6273
Source Name: Service Control Manager
Time Written: 20090721143807.000000-240
Event Type: erreur
User:

Computer Name: DEDE-96B604BF90
Event Code: 7036
Message: Le service Gestion d'applications est entré dans l'état : arrêté.

Record Number: 6272
Source Name: Service Control Manager
Time Written: 20090721143807.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 7035
Message: Un contrôle Démarrer a correctement été envoyé au service Gestion d'applications.

Record Number: 6271
Source Name: Service Control Manager
Time Written: 20090721143807.000000-240
Event Type: Informations
User: DEDE-96B604BF90\Dede

=====Application event log=====

Computer Name: DEDE-96B604BF90
Event Code: 1000
Message: Les compteurs de performances pour le service ContentIndex (ContentIndex) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20090520110858.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 1000
Message: Les compteurs de performances pour le service TermService (Services Terminal Server) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20090520110856.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 1000
Message: Les compteurs de performances pour le service RemoteAccess (Routage et accès distant) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20090520110724.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 1000
Message: Les compteurs de performances pour le service PSched (PSched) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20090520110651.000000-240
Event Type: Informations
User:

Computer Name: DEDE-96B604BF90
Event Code: 1000
Message: Les compteurs de performances pour le service RSVP (QoS RSVP) ont été chargés.
Les données d'enregistrement contiennent les nouvelles valeurs d'index
assignées à ce service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20090520110650.000000-240
Event Type: Informations
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Fichiers communs\DivX Shared\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 3 Stepping 3, GenuineIntel
"PROCESSOR_REVISION"=0303
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 19:33
Logfile of random's system information tool 1.06 (written by random/random)
Run by Dede at 2009-08-07 13:26:09
Microsoft Windows XP Édition familiale Service Pack 3
System drive C: has 86 GB (86%) free of 100 GB
Total RAM: 1015 MB (36% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:26:32, on 2009-08-07
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\QuickTime\QuickTimePlayer.exe
C:\Documents and Settings\Dede\Mes documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Dede.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LogitechSetup] E:\Setup\Setup.exe /start /restart /l:fra
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://www.catalog.update.microsoft.com/ClientControl/en/x86/MuCatalogWebControl.cab?1242940655406
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6CCB732-C7DC-408E-9B3D-30B7C2393F5A}: NameServer = 205.236.148.130 205.236.148.131
O18 - Protocol: bw+0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {F29FC026-58D3-4873-9227-D550BDF9F180} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
0
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
7 août 2009 à 21:22
Patenté : Electricien69 est absent pour le moment ...

Juste pour avancé les choses :

Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
https://forospyware.com
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

? Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

? Désactive provisoirement et seulement le temps de l'utilisation de ComboFix,
la protection en temps réel de ton Antivirus et de tes Antispywares,
qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Renomme combofix.exe en scan.exe

Une fois fait, sur ton bureau double-clic sur Scan.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt,.
est automatiquement sauvegardé et rangé à C:\Combofix.txt)

? Réactive la protection en temps réel de ton Antivirus et de tes Antispywares,
avant de te reconnecter à internet.

? Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 22:06
ComboFix 09-08-07.03 - Dede 2009-08-07 15:49.1.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.576 [GMT -4:00]
Running from: c:\documents and settings\Dede\Mes documents\Downloads\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090807-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
[i] ADS - system32: deleted 40 bytes in 1 streams. /i

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\Dede\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\Dede\Local Settings\Temp\IadHide5.dll

.
((((((((((((((((((((((((( Files Created from 2009-07-07 to 2009-08-07 )))))))))))))))))))))))))))))))
.

2009-08-07 17:26 . 2009-08-07 17:26 -------- d-----w- c:\program files\trend micro
2009-08-07 17:26 . 2009-08-07 17:26 -------- d-----w- C:\rsit
2009-08-07 15:13 . 2009-08-07 15:13 -------- d-----w- C:\Genproc
2009-08-07 01:05 . 2009-08-07 01:05 152576 ----a-w- c:\documents and settings\Dede\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-06 13:51 . 2009-08-06 13:51 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-05 19:48 . 2009-08-05 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-05 19:48 . 2009-08-05 19:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-04 14:38 . 2009-08-04 14:38 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-08-04 14:37 . 2009-08-04 14:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-08-04 14:36 . 2009-08-04 14:36 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-04 14:14 . 2009-08-04 14:14 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-03 01:04 . 2009-08-03 01:04 -------- d-----w- c:\documents and settings\Dede\Local Settings\Application Data\PCHealth
2009-07-29 12:53 . 2009-07-03 16:57 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 12:53 . 2009-07-03 16:57 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-24 08:39 . 2009-07-24 08:39 104512 ----a-w- c:\windows\system32\drivers\AnyDVD.sys
2009-07-23 14:05 . 2009-07-23 14:05 -------- d-----w- c:\program files\iPod
2009-07-23 14:05 . 2009-07-23 14:05 -------- d-----w- c:\program files\iTunes
2009-07-23 14:00 . 2009-07-23 14:00 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-22 00:48 . 2009-07-31 13:00 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-21 18:47 . 2009-08-01 23:35 -------- d-----w- c:\documents and settings\Dede\Application Data\dvdcss
2009-07-21 18:47 . 2009-08-07 17:06 -------- d-----w- c:\documents and settings\Dede\Application Data\vlc
2009-07-21 18:45 . 2009-07-21 18:45 -------- d-----w- c:\program files\VideoLAN
2009-07-21 18:23 . 2009-07-21 20:27 -------- d-----w- c:\documents and settings\Dede\Application Data\DivX
2009-07-21 18:21 . 2009-07-21 18:21 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-07-21 18:21 . 2009-07-21 18:22 -------- d-----w- c:\program files\DivX
2009-07-21 18:01 . 2009-07-21 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SlySoft
2009-07-21 17:49 . 2009-07-21 17:49 -------- d-----w- c:\program files\SlySoft
2009-07-17 18:48 . 2009-08-02 12:48 -------- d-----w- c:\documents and settings\Dede\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-07 19:56 . 2009-06-09 15:39 602 ----a-w- c:\documents and settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2009-08-07 18:47 . 2009-05-20 20:41 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-07 01:06 . 2009-06-03 18:07 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-04 15:04 . 2009-05-20 16:09 64960 ----a-w- c:\documents and settings\Dede\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-04 14:38 . 2009-05-20 18:36 -------- d-----w- c:\program files\Windows Live
2009-07-23 14:05 . 2009-05-21 00:22 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-07-22 00:48 . 2009-05-20 18:37 -------- d-----w- c:\program files\Microsoft
2009-07-17 15:14 . 2009-05-20 21:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-03 16:57 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-28 00:58 . 2006-03-02 12:00 71248 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-28 00:58 . 2006-03-02 12:00 458230 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-24 15:39 . 2009-06-24 15:39 -------- d-----w- c:\documents and settings\Dede\Application Data\KodakCredentialStore
2009-06-16 20:09 . 2009-06-16 20:04 -------- d-----w- c:\documents and settings\Dede\Application Data\Canon
2009-06-16 20:06 . 2009-06-09 15:39 -------- d-----w- c:\documents and settings\Dede\Application Data\ArcSoft
2009-06-16 20:04 . 2009-06-16 20:04 -------- d-----w- c:\documents and settings\Dede\Application Data\NewSoft
2009-06-16 18:59 . 2009-06-16 18:58 -------- d-----w- c:\program files\Fichiers communs\PDFView
2009-06-16 18:58 . 2009-06-16 18:58 -------- d-----w- c:\program files\NewSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\Dede\Application Data\ScanSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-06-16 18:57 . 2009-05-20 21:17 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-06-16 18:56 . 2009-06-16 18:56 -------- d-----w- c:\program files\ScanSoft
2009-06-16 18:55 . 2009-06-09 15:38 -------- d-----w- c:\program files\ArcSoft
2009-06-16 18:54 . 2009-05-20 23:36 -------- d-----w- c:\program files\Canon
2009-06-16 18:53 . 2009-06-16 18:53 -------- d--h--w- c:\program files\CanonBJ
2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-09 15:45 . 2009-06-09 15:45 -------- d-----w- c:\documents and settings\Dede\Application Data\Skinux
2009-06-09 15:39 . 2009-06-09 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2009-06-09 15:39 . 2009-06-09 15:38 -------- d-----w- c:\program files\Fichiers communs\ArcSoft
2009-06-09 15:38 . 2009-06-09 13:33 -------- d-----w- c:\program files\Kodak
2009-06-09 15:37 . 2009-06-09 13:36 -------- d-----w- c:\program files\Fichiers communs\Kodak
2009-06-09 15:23 . 2009-06-09 13:34 77824 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\bindbins\bindbins.exe
2009-06-09 15:22 . 2009-06-09 15:22 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\finish.exe
2009-06-09 15:22 . 2009-06-09 15:22 175104 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\reduced_contents_PrintCreation_expanded\setup.exe
2009-06-09 15:10 . 2009-06-09 15:10 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\update.exe
2009-06-09 15:09 . 2009-06-09 15:09 45056 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\SysFiles\kb945060\kb945060.exe
2009-06-09 15:07 . 2009-06-09 15:07 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\start.exe
2009-06-09 15:07 . 2009-06-09 15:07 1187840 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0001_43b9d4\EasyShrx.Dll
2009-06-09 13:48 . 2009-06-09 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-06-09 13:48 . 2009-06-09 13:48 114688 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Registration\KodakCameraAPI_7.9.30.1.dll
2009-06-09 13:37 . 2009-05-21 00:23 -------- d-----w- c:\program files\Bonjour
2009-06-09 13:34 . 2009-06-09 13:34 14813832 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\bonjour\BonjourSetup.exe
2009-06-09 13:34 . 2009-06-09 13:34 69632 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\ksustop.exe
2009-06-09 13:34 . 2009-06-09 13:34 167936 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\CCS\CCSStop.exe
2009-06-09 13:33 . 2009-06-09 13:33 983040 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140010_471e0\EasyShrx.Dll
2009-06-03 19:10 . 2006-03-02 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-25 12:01 . 2009-05-25 12:01 89256 ----a-w- c:\windows\system32\ElbyCDIO.dll
2009-05-22 03:22 . 2009-05-20 15:11 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-21 20:03 . 2009-05-21 20:02 826344 ----a-w- c:\documents and settings\Dede\Application Data\MSNInstaller\msnauins.exe
2009-05-20 21:19 . 2009-05-20 21:19 118784 ------r- c:\windows\bwUnin-7.2.0.157-8876480SL.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
2009-05-20 15:09 . 2009-05-20 15:09 21892 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-20 133104]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-05-20 36864]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2009-07-25 2968512]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 284184]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-16 746520]
"LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-16 244512]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-07 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logiciel Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-5-20 196608]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-05-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-05-20 20560]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{460b4eb1-452b-11de-a2c2-806d6172696f}]
\Shell\AutoRun\command - E:\setup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-764733703-725345543-1004Core.job
- c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 15:40]

2009-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-764733703-725345543-1004UA.job
- c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 15:40]

2009-08-07 c:\windows\Tasks\User_Feed_Synchronization-{9A0A0C32-3578-4783-BFC4-F55D05B87C3C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-LogitechSetup - e:\setup\Setup.exe


.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-07 15:57
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(7696)
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
c:\program files\SlySoft\AnyDVD\ADvdDiscHlp1.dll
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe
c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Completion time: 2009-08-07 16:00 - machine was rebooted
ComboFix-quarantined-files.txt 2009-08-07 20:00

Pre-Run: 90 149 449 728 octets libres
Post-Run: 90 581 229 568 octets libres

218 --- E O F --- 2009-07-31 04:22
0
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
7 août 2009 à 22:13
Tu n'as pas renommé combofix comme je te l'ai dit .........

c:\documents and settings\Dede\Mes documents\Downloads\ComboFix.exe

Je part tres tot demain ....Je vous laisse continuer .
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 22:23
Ah, je sais,dès que j'ai cliqué dessus j'm'en suis souvenu, j'l'ai arrê té et renommé avant de recliquer dessus je croyais m'en sortir, visiblement non! Qu'estce-que je fais, estce-que je recommence! Merci d'essayer de m'aider!
0
Utilisateur anonyme
7 août 2009 à 22:41
re,

Merci JFK d'être venu pendant mon absence :-)
suis le poste 14 comme il te l'a indiqué JFK
merci, je regarde tout ceci demain à+
0
Patenté Messages postés 26 Date d'inscription vendredi 7 août 2009 Statut Membre Dernière intervention 12 août 2009
7 août 2009 à 23:06
ComboFix 09-08-07.03 - Dede 2009-08-07 16:58.3.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1015.650 [GMT -4:00]
Running from: c:\documents and settings\Dede\Mes documents\Downloads\scan.exe.exe
AV: avast! antivirus 4.8.1335 [VPS 090807-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2009-07-07 to 2009-08-07 )))))))))))))))))))))))))))))))
.

2009-08-07 17:26 . 2009-08-07 17:26 -------- d-----w- c:\program files\trend micro
2009-08-07 17:26 . 2009-08-07 17:26 -------- d-----w- C:\rsit
2009-08-07 15:13 . 2009-08-07 15:13 -------- d-----w- C:\Genproc
2009-08-07 01:05 . 2009-08-07 01:05 152576 ----a-w- c:\documents and settings\Dede\Application Data\Sun\Java\jre1.6.0_15\lzma.dll
2009-08-06 13:51 . 2009-08-06 13:51 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2009-08-05 19:48 . 2009-08-05 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-08-05 19:48 . 2009-08-05 19:58 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-04 14:38 . 2009-08-04 14:38 -------- d-----w- c:\program files\Microsoft Sync Framework
2009-08-04 14:37 . 2009-08-04 14:37 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2009-08-04 14:36 . 2009-08-04 14:36 -------- d-----w- c:\program files\Windows Live SkyDrive
2009-08-04 14:14 . 2009-08-04 14:14 -------- d-----w- c:\windows\SxsCaPendDel
2009-08-03 01:04 . 2009-08-03 01:04 -------- d-----w- c:\documents and settings\Dede\Local Settings\Application Data\PCHealth
2009-07-29 12:53 . 2009-07-03 16:57 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-29 12:53 . 2009-07-03 16:57 594432 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2009-07-23 14:05 . 2009-07-23 14:05 -------- d-----w- c:\program files\iPod
2009-07-23 14:05 . 2009-07-23 14:05 -------- d-----w- c:\program files\iTunes
2009-07-23 14:00 . 2009-07-23 14:00 75040 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.2.1.6\SetupAdmin.exe
2009-07-22 00:48 . 2009-07-31 13:00 -------- d-----w- c:\program files\Microsoft Silverlight
2009-07-21 18:47 . 2009-08-01 23:35 -------- d-----w- c:\documents and settings\Dede\Application Data\dvdcss
2009-07-21 18:47 . 2009-08-07 17:06 -------- d-----w- c:\documents and settings\Dede\Application Data\vlc
2009-07-21 18:45 . 2009-07-21 18:45 -------- d-----w- c:\program files\VideoLAN
2009-07-21 18:23 . 2009-07-21 20:27 -------- d-----w- c:\documents and settings\Dede\Application Data\DivX
2009-07-21 18:21 . 2009-07-21 18:21 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
2009-07-21 18:21 . 2009-07-21 18:22 -------- d-----w- c:\program files\DivX
2009-07-21 18:01 . 2009-07-21 18:01 -------- d-----w- c:\documents and settings\All Users\Application Data\SlySoft
2009-07-21 17:49 . 2009-08-07 20:47 -------- d-----w- c:\program files\SlySoft
2009-07-17 18:48 . 2009-08-02 12:48 -------- d-----w- c:\documents and settings\Dede\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-08-07 19:56 . 2009-06-09 15:39 602 ----a-w- c:\documents and settings\All Users\Application Data\ArcSoft\kodak-printcreations-22-080812-oem\acforall.dll
2009-08-07 18:47 . 2009-05-20 20:41 664 ----a-w- c:\windows\system32\d3d9caps.dat
2009-08-07 01:06 . 2009-06-03 18:07 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-08-04 15:04 . 2009-05-20 16:09 64960 ----a-w- c:\documents and settings\Dede\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-08-04 14:38 . 2009-05-20 18:36 -------- d-----w- c:\program files\Windows Live
2009-07-23 14:05 . 2009-05-21 00:22 -------- d-----w- c:\program files\Fichiers communs\Apple
2009-07-22 00:48 . 2009-05-20 18:37 -------- d-----w- c:\program files\Microsoft
2009-07-17 15:14 . 2009-05-20 21:19 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-03 16:57 . 2006-03-02 12:00 915456 ----a-w- c:\windows\system32\wininet.dll
2009-06-28 00:58 . 2006-03-02 12:00 71248 ----a-w- c:\windows\system32\perfc00C.dat
2009-06-28 00:58 . 2006-03-02 12:00 458230 ----a-w- c:\windows\system32\perfh00C.dat
2009-06-24 15:39 . 2009-06-24 15:39 -------- d-----w- c:\documents and settings\Dede\Application Data\KodakCredentialStore
2009-06-16 20:09 . 2009-06-16 20:04 -------- d-----w- c:\documents and settings\Dede\Application Data\Canon
2009-06-16 20:06 . 2009-06-09 15:39 -------- d-----w- c:\documents and settings\Dede\Application Data\ArcSoft
2009-06-16 20:04 . 2009-06-16 20:04 -------- d-----w- c:\documents and settings\Dede\Application Data\NewSoft
2009-06-16 18:59 . 2009-06-16 18:58 -------- d-----w- c:\program files\Fichiers communs\PDFView
2009-06-16 18:58 . 2009-06-16 18:58 -------- d-----w- c:\program files\NewSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\Dede\Application Data\ScanSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2009-06-16 18:57 . 2009-06-16 18:57 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2009-06-16 18:57 . 2009-05-20 21:17 -------- d-----w- c:\program files\Fichiers communs\InstallShield
2009-06-16 18:56 . 2009-06-16 18:56 -------- d-----w- c:\program files\ScanSoft
2009-06-16 18:55 . 2009-06-09 15:38 -------- d-----w- c:\program files\ArcSoft
2009-06-16 18:54 . 2009-05-20 23:36 -------- d-----w- c:\program files\Canon
2009-06-16 18:53 . 2009-06-16 18:53 -------- d--h--w- c:\program files\CanonBJ
2009-06-16 14:40 . 2006-03-02 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-06-16 14:40 . 2006-03-02 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-06-09 15:45 . 2009-06-09 15:45 -------- d-----w- c:\documents and settings\Dede\Application Data\Skinux
2009-06-09 15:39 . 2009-06-09 15:39 -------- d-----w- c:\documents and settings\All Users\Application Data\ArcSoft
2009-06-09 15:39 . 2009-06-09 15:38 -------- d-----w- c:\program files\Fichiers communs\ArcSoft
2009-06-09 15:38 . 2009-06-09 13:33 -------- d-----w- c:\program files\Kodak
2009-06-09 15:37 . 2009-06-09 13:36 -------- d-----w- c:\program files\Fichiers communs\Kodak
2009-06-09 15:23 . 2009-06-09 13:34 77824 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\ESS\bindbins\bindbins.exe
2009-06-09 15:22 . 2009-06-09 15:22 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\finish.exe
2009-06-09 15:22 . 2009-06-09 15:22 175104 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\reduced_contents_PrintCreation_expanded\setup.exe
2009-06-09 15:10 . 2009-06-09 15:10 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\update.exe
2009-06-09 15:09 . 2009-06-09 15:09 45056 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\SysFiles\kb945060\kb945060.exe
2009-06-09 15:07 . 2009-06-09 15:07 225280 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\wtf\start.exe
2009-06-09 15:07 . 2009-06-09 15:07 1187840 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_1e0001_43b9d4\EasyShrx.Dll
2009-06-09 13:48 . 2009-06-09 13:33 -------- d-----w- c:\documents and settings\All Users\Application Data\Kodak
2009-06-09 13:48 . 2009-06-09 13:48 114688 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$Registration\KodakCameraAPI_7.9.30.1.dll
2009-06-09 13:37 . 2009-05-21 00:23 -------- d-----w- c:\program files\Bonjour
2009-06-09 13:34 . 2009-06-09 13:34 14813832 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\bonjour\BonjourSetup.exe
2009-06-09 13:34 . 2009-06-09 13:34 69632 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\Ksu\ksustop.exe
2009-06-09 13:34 . 2009-06-09 13:34 167936 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\CCS\CCSStop.exe
2009-06-09 13:33 . 2009-06-09 13:33 983040 ----a-w- c:\documents and settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140010_471e0\EasyShrx.Dll
2009-06-03 19:10 . 2006-03-02 12:00 1297408 ----a-w- c:\windows\system32\quartz.dll
2009-05-22 03:22 . 2009-05-20 15:11 76507 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-05-21 20:03 . 2009-05-21 20:02 826344 ----a-w- c:\documents and settings\Dede\Application Data\MSNInstaller\msnauins.exe
2009-05-20 21:19 . 2009-05-20 21:19 118784 ------r- c:\windows\bwUnin-7.2.0.157-8876480SL.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
2009-05-20 21:19 . 2009-05-20 21:19 10134 ----a-r- c:\documents and settings\Dede\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
2009-05-20 15:09 . 2009-05-20 15:09 21892 ----a-w- c:\windows\system32\emptyregdb.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-20 133104]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-05-20 36864]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 284184]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-16 746520]
"LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-16 244512]
"Easy-PrintToolBox"="c:\program files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE" [2006-10-17 398944]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696]
"ArcSoft Connection Service"="c:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2009-07-10 195072]
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-09-28 185896]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-10-11 75304]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-07-13 292128]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-08-07 149280]
"SoundMan"="SOUNDMAN.EXE" - c:\windows\soundman.exe [2007-04-16 577536]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logiciel Kodak EasyShare.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2008-10-30 282624]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-5-20 196608]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-05-20 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-05-20 20560]

--- Other Services/Drivers In Memory ---

*Deregistered* - ElbyCDIO

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-06 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 16:34]

2009-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-764733703-725345543-1004Core.job
- c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 15:40]

2009-08-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-764733703-725345543-1004UA.job
- c:\documents and settings\Dede\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-20 15:40]

2009-08-07 c:\windows\Tasks\User_Feed_Synchronization-{9A0A0C32-3578-4783-BFC4-F55D05B87C3C}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 08:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-07 17:00
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ñw*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(8036)
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\webcheck.dll
.
Completion time: 2009-08-07 17:02
ComboFix-quarantined-files.txt 2009-08-07 21:02
ComboFix2.txt 2009-08-07 20:53
ComboFix3.txt 2009-08-07 20:00

Pre-Run: 90 584 883 200 octets libres
Post-Run: 90 575 007 744 octets libres

189 --- E O F --- 2009-07-31 04:22

Et voilà, cette fois j'crois que c'est bien fait! Merci encore de m'aider, j'aimerais vraiment comprendre tout ce que je fais, pourquoi c'est si important de renommer combofix???
0
jfkpresident Messages postés 13408 Date d'inscription lundi 3 septembre 2007 Statut Contributeur sécurité Dernière intervention 5 janvier 2015 1 175
8 août 2009 à 03:41
Juste de passage avant le départ en vacances -;)

pourquoi c'est si important de renommer combofix???


Certaines infections rootkité se cache si combofix n'est pas renommé .....Ce n'est pas le cas ici et tant mieux .

Bonne continuation a vous deux ...
0
Utilisateur anonyme
8 août 2009 à 22:01
bonsoir,
à part la surperssion de ces clés de ces fichiers , rien de bien méchant :

:\docume~1\Dede\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\Dede\Local Settings\Temp\IadHide5.dll


sur ton rapport, il n'y a rien, donc tout va bien :-)

la prochaine fois, tu n'ouvres pas des liens que tu ne connais pas

sur ce n'oublie pas de cocher ton poster comme résolu

bon surf et bonne soirée
0