Bonjour, Depuis quelques temps je me dis qu'il faut agir et vérifier un peu l'ordi car il est plus lent que d'habitude et c'est plutot mauvais signe. Le portable branché par Cpl a aussi des signes de faiblesses parfois Merci de votre aide Maxouplus

Ordi lent , certainement malade sos docteur!! [Résolu]

Réponse 1 / 36

Utilisateur anonyme
10 janv. 2010 à 11:55

Bonjour

• Télécharge rsit outil de diagnostic afin d'identifier les divers infections: http://images.malwareremoval.com/random/RSIT.exe
* Sous XP : double-cliquez sur RSIT.exe pour lancer l'outil.
* Si vous êtes sous vista vous devez exécuter RSIT avec les droits d'administrateur, pour cela Clique droit sur RSIT et "Lancer en tant qu'administrateur"
• Double clique sur RSIT.exe pour lancer l'outil.
• Clique sur 'Continue' à l'écran Disclaimer.
• Si l'outil Hijackthis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
• Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports.
( C:\RSIT\log.txt et C:\RSIT\info.txt )
• CTRL A pour sélectionner tout, CTRL C pour copier et puis CTRL V pour coller

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
10 janv. 2010 à 12:13

Bonjour

Ci dessous les rapports demandés
Merci de ton aide

Maxou

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2010-01-10 12:01:06
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 16 GB (43%) free of 38 GB
Total RAM: 2014 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:01:12, on 10/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OmniPageSE\opware32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Fred\Bureau\RSIT.exe
C:\Program Files\trend micro\Fred.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [EPSON Stylus D120 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCE.EXE /FU "C:\WINDOWS\TEMP\E_S184.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Directrec Configuration Tool.lnk = C:\Program Files\Olympus\DeviceDetector\DirectrecConfig.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: DM1Service - OLYMPUS IMAGING CORP. - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

Réponse 2 / 36

Utilisateur anonyme
10 janv. 2010 à 12:47

• Télécharge et enregistre le fichier d installation sur ton bureau :
http://pagesperso-orange.fr/NosTools/C_XX/AD-R.exe
ou
https://www.androidworld.fr/
• Double clique sur le programme d'installation , et installe le dans son emplacement par défaut. ( le bureau )
• Ouvre le dossier Ad-remover présent sur ton bureau, et double clique sur Ad-remover.bat.
* Sous XP : double-cliquez sur l'icône pour lancer l'outil.
* Si tu es sous Vista : clic droit sur AD-Remover et sélectionner "Exécuter en tant qu'administrateur"
• Au menu principal choisi l'option "L" et tape sur [entrée] .
• Laisse travailler l'outil et ne touche à rien ...
• Poste le rapport qui apparait à la fin.
• ( le rapport est sauvegardé aussi sous C:\Ad-report.log )

(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
• Note :
Process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
Mis
entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels
de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces
antivirus.

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
10 janv. 2010 à 18:36

Resalut

Voici le rapport
ça a redemarré l'ordi puis ça a scanné, et l'ordi s'est mis en veille et impossible de voir ensuite la progression de l'analyse.
J'ai donc redémarrer l'ordi en appuyant sur le bouton physique du PC
Le rapport dans C: avait ce nom : Ad-report-CLEAN[1].log
Mon ordi est protégé par antivir

Merci
.
======= RAPPORT D'AD-REMOVER 1.1.4.6_G | UNIQUEMENT XP/VISTA/7 =======
.
Mis à jour par C_XX le 05.01.2010 à 18:50
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:21:42, 10/01/2010 | Mode Normal | Option: CLEAN
Exécuté de: C:\PROGRA~1\AD-REM~1\
Système d'exploitation: Microsoft® Windows XP™ Service Pack 3 v5.1.2600
Nom du PC: DIAZ-E439AB2F45 | Utilisateur actuel: Fred

.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

Réponse 3 / 36

Utilisateur anonyme
10 janv. 2010 à 18:49

• Bonjour

• Télécharge et installe : Malwarebyte’s Anti-Malware
• (NB : S'il te manque"COMCTL32.OCX" lors de l'installe, alors télécharge le ici : https://www.malekal.com/tutorial-aboutbuster/
• A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée
• Lance MBAM et laisse les Mises à jour se télécharger (sinon fais les manuellement au lancement du programme)
• Puis va dans l'onglet "Recherche", coche "Exécuter un examen complet" puis "Rechercher"
• Sélectionne tes disques durs" puis clique sur "Lancer l’examen"
• A la fin du scan, clique sur Afficher les résultats
• Coche tous les éléments détectés puis clique sur Supprimer la sélection
• Enregistre le rapport
• S'il t'est demandé de redémarrer, clique sur Yes
• Poste le rapport de scan après la suppression ici.(poste le rapport, même si rien n'est détecté.)
• Si tu as besoin d’aide regarde ce tutorial
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
10 janv. 2010 à 19:34

salut

J'avais déja Malwarebyte’s Anti-Malware sur l'ordi
J'ai fait une mise a jour mais je vois pas le fichier COMCTL32.OCX et le lien que vous m'avez donné ne mene pas au fichier
J'ai ce fichier par contre : vbalsgrid6.ocx
Merci de me dire quoi faire par conséquent

Maxou

Réponse 4 / 36

Utilisateur anonyme
10 janv. 2010 à 20:06

Si tu as fait la maj alors lances le scan.

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
10 janv. 2010 à 22:36

Bonsoir

Voila le résultat
Merci

Maxou

Malwarebytes' Anti-Malware 1.44
Version de la base de données: 3510
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

10/01/2010 22:34:34
mbam-log-2010-01-10 (22-34-34).txt

Type de recherche: Examen complet (C:\|G:\|L:\|)
Eléments examinés: 434164
Temps écoulé: 2 hour(s), 14 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 6

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Program Files\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
C:\SDFix\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\SDFix\apps\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.
G:\Seagate Backup\DIAZ-E439AB2F45\C\Program Files\Steinberg\Cubase SX 3\UNWISE.EXE (Malware.Packer.Morphine) -> Quarantined and deleted successfully.
G:\Seagate Backup\DIAZ-E439AB2F45\C\SDFix\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.
G:\Seagate Backup\DIAZ-E439AB2F45\C\SDFix\apps\dummy.sys (Malware.Trace) -> Quarantined and deleted successfully.

Réponse 5 / 36

Utilisateur anonyme
10 janv. 2010 à 22:42

Post un nouveau rapport rsit.a++

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
10 janv. 2010 à 22:51

bonsoir

Voici le rapport rsit

Le info.txt date du 29 avril 2009 ???
Ci dessous le log.txt

Merci encore et buena noche

Maxou

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2010-01-10 22:48:08
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 16 GB (43%) free of 38 GB
Total RAM: 2014 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:13, on 10/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\OmniPageSE\opware32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Fred\Bureau\RSIT.exe
C:\Program Files\trend micro\Fred.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
O4 - HKCU\..\Run: [EPSON Stylus D120 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATICCE.EXE /FU "C:\WINDOWS\TEMP\E_S184.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Directrec Configuration Tool.lnk = C:\Program Files\Olympus\DeviceDetector\DirectrecConfig.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: DM1Service - OLYMPUS IMAGING CORP. - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

Réponse 6 / 36

Utilisateur anonyme
10 janv. 2010 à 23:33

Redémarre en mode sans échec
(Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier (F5 ou F10 sur certains PC) jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.

Réexécute Ad Remover en mode sans échec et post le rapport.

Réponse 7 / 36

vergla
10 janv. 2010 à 23:39

suprime quelques fichier inutile sur ton dsisque dur !!

Réponse 8 / 36

dany31
10 janv. 2010 à 23:51

maxouplus

pourquoi 3 A / V sur ton pc je vois que tu as kaspersky
c'est une version d'évaluation gratuite ou c'est ton A/V que tu as payé
si tu veux une version gratuite garde AVIRA / ANTIVIR
et supprime totalement BIT DEFENDER ET KASPERSKY
3 A/V c'est pas bon du tout car ils entrent en conflit entre eux et ils ne protègent plus rien

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 10:04

salut dany

Kaspersky c'est juste une version online
Merci
Maxou

Réponse 9 / 36

Utilisateur anonyme
11 janv. 2010 à 10:20

Salut maxouplus

si tu as fait le post 11 j'attends le rapport.Tu es encore pas mal infecté.

Pour dany.
Si tu avais pris la peine d'analyser le rapport rsit tu aurais remarqué ces deux lignes.
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 12:02

Salut

1)Je suis allé en mode sans echec
2)j'ai lancé ad-remover
3)l'ordi a redémarré automatiquement
4)j'ai cliqué sur ma session (pas en sans echec)
5)ad-remover a commencé a scanné et des que l'ecran s'est mis en veille je voyais plus la progression du scan donc je sais pas s'il bosse ou pas
6)je t'ecris avec le portable tandis que le PC est censé faire tourner le logiciel

7)devais je faire demarrer en sans echec
Puis lancer le logiciel du mode sans echec
Puis enfin laisser redemarrer l'ordi et me remettre en sans echec pour faire tourner le logiciel???

Merci de ta reponse
Faudra que je fasse un sacré ménage sur l'ordi!!Mais j'ai peur que les desinstall mettent le souk!!

Maxou

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 17:22

Reresalut

Souvent quand je vais sur internet je n'arrive plus a me connecter sur les pages et ya cette adresse super longue qui apparait : api.browserbar.........enfin avec un stock de truc derriere
Et l'erreur serveur introuvable!!
C'est space un peu tout ça
C'est lié a mon infection?

Je vais bouger et je reviens vers 22h45 mais je suppose que tu aura jeté l'ordi d'ici là !!!
Bonne soirée

Merci
Maxou

Réponse 10 / 36

Utilisateur anonyme
11 janv. 2010 à 13:38

On va laisser tomber Ad Remover.Fait ce qui suis en mode normal.

/!\ A l'attention de ceux qui passent sur ce sujet /!\
Le logiciel qui suit n'est pas à utiliser à la légère et peut faire des dégâts s'il est mal utilisé ! Ne le faites que si un helpeur du forum qui connait bien cet outil vous l'a recommandé.

/!\ Désactive tous tes logiciels de protection /!\

• Télécharge combofix(de sUBs) sur ton Bureau.
• Double-clique sur ComboFix.exe afin de le lancer.
• Il va te demander d'installer la console de récupération : accepte. (important en cas de problème)
• Ne touche à rien pendant le scan.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.
#Si combofix ne veut pas se lancer renommes le en ccm.exe et éxécutes le en mode sans échec .
Tutoriel officiel de Combofix : http://www.bleepingcomputer.com/combofix/fr/comment-utiliser¬-combofix

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 14:20

Rebonjour

Donc voici le rapport demandé
Un peu flippant ton histoire!!!!
Merci de ton aide c'est sympa

Maxou

ComboFix 10-01-04.01 - Fred 11/01/2010 13:56:55.1.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2014.1544 [GMT 1:00]
Lancé depuis: c:\documents and settings\Fred\Bureau\ComboFix.exe
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\pdfforge Toolbar\SeARchsettings.dll
c:\windows\system32\KGyGaAvL.sys
c:\windows\system32\muzapp.exe
G:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-11 au 2010-01-11 ))))))))))))))))))))))))))))))))))))
.

2010-01-10 12:10 . 2010-01-11 11:52 -------- d-----w- c:\program files\Ad-Remover
2010-01-07 09:57 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-01-07 09:57 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-01-07 09:57 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-01-07 09:57 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-21 17:07 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-21 17:07 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-19 09:57 . 2009-12-19 09:57 -------- d-----w- c:\documents and settings\Nadia\Application Data\Search Settings
2009-12-19 09:57 . 2009-12-19 09:57 -------- d-----w- c:\documents and settings\Nadia\Application Data\pdfforge
2009-12-14 09:35 . 2009-12-14 09:35 -------- d-----w- c:\documents and settings\Fred\Application Data\Search Settings
2009-12-14 09:34 . 2009-12-14 09:34 -------- d-----w- c:\documents and settings\Fred\Application Data\pdfforge
2009-12-13 16:52 . 2010-01-11 13:10 -------- d-----w- c:\program files\pdfforge Toolbar
2009-12-13 16:52 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-12-13 16:52 . 1998-07-13 01:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL
2009-12-13 16:52 . 2009-12-13 16:53 -------- d-----w- c:\program files\PDFCreator
2009-12-13 16:52 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-12-13 12:13 . 2009-12-13 12:13 -------- d-----w- c:\program files\FACTOURE

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-11 12:35 . 2007-01-10 23:38 -------- d-----w- c:\documents and settings\Fred\Application Data\OpenOffice.org2
2010-01-10 21:48 . 2008-11-22 14:19 -------- d-----w- c:\program files\Trend Micro
2010-01-10 18:28 . 2008-11-22 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 18:28 . 2009-04-30 10:58 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2008-11-22 21:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-11-22 21:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 11:25 . 2007-01-13 14:39 -------- d-----w- c:\documents and settings\Nadia\Application Data\OpenOffice.org2
2010-01-07 09:56 . 2007-01-26 13:54 -------- d-----w- c:\documents and settings\Nadia\Application Data\Skype
2010-01-07 09:55 . 2008-10-02 15:47 -------- d-----w- c:\documents and settings\Nadia\Application Data\skypePM
2009-12-30 22:44 . 2008-04-12 20:04 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus
2009-12-29 21:48 . 2007-11-11 14:33 -------- d-----w- c:\program files\Azureus
2009-12-24 07:47 . 2006-03-02 12:00 63854 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-24 07:47 . 2006-03-02 12:00 445434 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-17 10:30 . 2007-01-10 13:52 -------- d-----w- c:\documents and settings\Fred\Application Data\Canon
2009-12-14 23:23 . 2008-10-17 15:54 -------- d-----w- c:\documents and settings\Fred\Application Data\Audacity
2009-12-10 18:02 . 2009-08-07 18:29 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-10 10:08 . 2009-12-10 10:07 17614320 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\rp\RealPlayerSPGold_fr.exe
2009-12-06 18:05 . 2009-08-24 18:44 10686001 ----a-w- c:\documents and settings\Fred\Application Data\Azureus\plugins\azump\mplayer.exe
2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-11-24 13:05 . 2009-11-24 13:05 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-16 11:33 . 2008-11-24 10:27 -------- d-----w- c:\program files\Trillian
2009-11-14 13:57 . 2009-11-14 13:57 8405312 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-11-14 13:57 . 2009-11-14 13:57 10309448 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\chr\ChromeInstaller.exe
2009-11-12 09:11 . 2009-11-12 09:11 152576 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 09:11 . 2009-11-12 09:11 79488 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-29 07:44 . 2006-03-02 12:00 832512 ----a-w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-27 20:36 . 2009-10-27 20:36 435720 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\setup.exe
2009-10-21 05:39 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2006-05-03 10:06 . 2008-08-09 20:56 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2008-08-09 20:56 31232 --sh--r- c:\windows\system32\msfDX.dll
2007-12-17 13:43 . 2008-08-09 20:56 27648 --sh--w- c:\windows\system32\Smab0.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
2009-07-31 01:00 698880 ----a-w- c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2009-06-16 16:22 1144712 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712]
"{B922D405-6D13-4A2B-AE89-08A030DA4402}"= "c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll" [2009-07-31 698880]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CLASSES_ROOT\clsid\{b922d405-6d13-4a2b-ae89-08a030da4402}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2009-06-16 1144712]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Google Update"="c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-23 133104]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-09-07 36864]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-24 7311360]
"nwiz"="nwiz.exe" [2006-01-24 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-24 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-04 98304]
"Omnipage"="c:\program files\OmniPageSE\opware32.exe" [2002-06-03 49152]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-18 185784]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 132624]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"JeticoPFStartup"="c:\program files\Jetico\Jetico Personal Firewall\fwsrv.exe" [2005-07-19 118784]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 284184]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 746520]
"LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 244512]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-03-27 181544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]
"SearchSettings"="c:\program files\pdfforge Toolbar\SearchSettings.exe" [2009-07-29 1024512]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Anna\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Nadia\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-12-18 344064]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-1-4 110592]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-5-28 163840]
Directrec Configuration Tool.lnk - c:\program files\Olympus\DeviceDetector\DirectrecConfig.exe [2009-5-28 122880]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-9-7 196608]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\OmniPageSE\\EregFre\\NAVBrowser.exe"=
"c:\\Documents and Settings\\Fred\\Bureau\\Dames_-_DO_1.1.exe"=
"c:\\Program Files\\VLC\\vlc.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [07/08/2009 19:29 108289]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [27/03/2009 15:54 165160]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [24/10/2008 10:01 33792]
R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [23/11/2007 10:30 6528]
S2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [11/03/2009 09:42 266240]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [05/11/2007 20:59 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [05/11/2007 20:59 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [05/11/2007 20:59 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [05/11/2007 21:00 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [05/11/2007 20:59 77072]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [06/11/2007 10:18 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [06/11/2007 10:18 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [06/11/2007 10:18 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [06/11/2007 10:18 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [06/11/2007 10:18 98568]
.
Contenu du dossier 'Tâches planifiées'

2010-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003Core.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]

2010-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003UA.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]

2010-01-11 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2009-06-16 16:22]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=TRL&o=101823&locale=en_US&q=
FF - component: c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-DW6 - c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe
AddRemove-Steinberg Cubase SX v3.1.1.944 - c:\progra~1\STEINB~1\CUBASE~1\UNWISE.EXE

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-11 14:12
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2010-01-11 14:13:59
ComboFix-quarantined-files.txt 2010-01-11 13:13

Avant-CF: 16 930 770 944 octets libres
Après-CF: 18 134 282 240 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect

- - End Of File - - B13B364F183987E89DB760FF9769F31D

Réponse 11 / 36

Utilisateur anonyme
11 janv. 2010 à 14:57

/!\ ATTENTION /!\ Le script qui suit a été écrit spécialement pour maxouplus, il n'est pas transposable sur un autre ordinateur !
• Télécharge ce dossier maxouplus.zip
• Fais un clic-droit dessus --> Extraire tout --> choisis le Bureau comme destination
• Un autre dossier va apparaitre, prends le fichier CFScript.txt qui se trouve à l'intérieur et place le sur le Bureau et pas ailleurs.
• Désactive tes logiciels de protection
• Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe
comme ceci :http://img155.imageshack.us/img155/4837/cfscriptop0.gif
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici → C:\ComboFix.txt

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 15:39

Resalut

J'ai laissé faire mais vers la fin il a fait redémarrer l'ordi et donc tous les programmes se sont lancés dont antivir et jeticho firewall
Je les ai donc déconnecté pour que combo fix finisse tranquillou.
J'espère que c'était pas une connerie!!

Merci

Maxou

ComboFix 10-01-04.01 - Fred 11/01/2010 15:23:39.2.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2014.1572 [GMT 1:00]
Lancé depuis: c:\documents and settings\Fred\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Fred\Bureau\CFScript .txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}

FILE ::
"c:\program files\Ask.com\GenericAskToolbar.dll"
"c:\program files\Ask.com\UpdateTask.exe"
"c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll"
"c:\windows\system32\Smab0.dll"
"c:\windows\Tasks\Scheduled Update for Ask Toolbar.job"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Fred\Application Data\pdfforge
c:\documents and settings\Fred\Application Data\pdfforge\res\widgets.xml
c:\documents and settings\Fred\Application Data\Search Settings
c:\documents and settings\Fred\Application Data\Search Settings\kb128\temp\ws-14618.log
c:\documents and settings\Fred\Application Data\Search Settings\kb128\temp\ws-14619.log
c:\documents and settings\Nadia\Application Data\pdfforge
c:\documents and settings\Nadia\Application Data\pdfforge\res\widgets.xml
c:\documents and settings\Nadia\Application Data\Search Settings
c:\program files\Ask.com\GenericAskToolbar.dll
c:\program files\Ask.com\UpdateTask.exe
c:\program files\pdfforge Toolbar
c:\program files\pdfforge Toolbar\config.ini
c:\program files\pdfforge Toolbar\pdfforgeToolbarIE.dll
c:\program files\pdfforge Toolbar\Res\icon_settings.gif
c:\program files\pdfforge Toolbar\Res\pdfc_branding.gif
c:\program files\pdfforge Toolbar\Res\pdfc_branding_hover.gif
c:\program files\pdfforge Toolbar\Res\pdfc_icon.gif
c:\program files\pdfforge Toolbar\Res\pdfc_portal_logo.gif
c:\program files\pdfforge Toolbar\Res\search-button-hover.gif
c:\program files\pdfforge Toolbar\Res\search-button.gif
c:\program files\pdfforge Toolbar\Res\search-chevron-hover.gif
c:\program files\pdfforge Toolbar\Res\search-chevron.gif
c:\program files\pdfforge Toolbar\Res\search_amazon.gif
c:\program files\pdfforge Toolbar\Res\search_ebay.gif
c:\program files\pdfforge Toolbar\Res\search_yahoo.gif
c:\program files\pdfforge Toolbar\Res\widgets.xml
c:\program files\pdfforge Toolbar\SearchSettings.exe
c:\program files\pdfforge Toolbar\SearchSettingsRes409.dll
c:\program files\pdfforge Toolbar\sscfg.ini
c:\program files\pdfforge Toolbar\WidgiHelper.exe
c:\windows\system32\Smab0.dll
c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
G:\Autorun.inf

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-11 au 2010-01-11 ))))))))))))))))))))))))))))))))))))
.

2010-01-10 12:10 . 2010-01-11 11:52 -------- d-----w- c:\program files\Ad-Remover
2010-01-07 09:57 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-01-07 09:57 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-01-07 09:57 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-01-07 09:57 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-21 17:07 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-21 17:07 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-13 16:52 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-12-13 16:52 . 1998-07-13 01:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL
2009-12-13 16:52 . 2009-12-13 16:53 -------- d-----w- c:\program files\PDFCreator
2009-12-13 16:52 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-12-13 12:13 . 2009-12-13 12:13 -------- d-----w- c:\program files\FACTOURE

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-11 14:33 . 2007-01-10 23:38 -------- d-----w- c:\documents and settings\Fred\Application Data\OpenOffice.org2
2010-01-11 14:27 . 2009-11-11 21:40 -------- d-----w- c:\program files\Ask.com
2010-01-10 21:48 . 2008-11-22 14:19 -------- d-----w- c:\program files\Trend Micro
2010-01-10 18:28 . 2008-11-22 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 18:28 . 2009-04-30 10:58 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2008-11-22 21:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-11-22 21:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 11:25 . 2007-01-13 14:39 -------- d-----w- c:\documents and settings\Nadia\Application Data\OpenOffice.org2
2010-01-07 09:56 . 2007-01-26 13:54 -------- d-----w- c:\documents and settings\Nadia\Application Data\Skype
2010-01-07 09:55 . 2008-10-02 15:47 -------- d-----w- c:\documents and settings\Nadia\Application Data\skypePM
2009-12-30 22:44 . 2008-04-12 20:04 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus
2009-12-29 21:48 . 2007-11-11 14:33 -------- d-----w- c:\program files\Azureus
2009-12-24 07:47 . 2006-03-02 12:00 63854 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-24 07:47 . 2006-03-02 12:00 445434 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-17 10:30 . 2007-01-10 13:52 -------- d-----w- c:\documents and settings\Fred\Application Data\Canon
2009-12-14 23:23 . 2008-10-17 15:54 -------- d-----w- c:\documents and settings\Fred\Application Data\Audacity
2009-12-10 18:02 . 2009-08-07 18:29 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-10 10:08 . 2009-12-10 10:07 17614320 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\rp\RealPlayerSPGold_fr.exe
2009-12-06 18:05 . 2009-08-24 18:44 10686001 ----a-w- c:\documents and settings\Fred\Application Data\Azureus\plugins\azump\mplayer.exe
2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-11-24 13:05 . 2009-11-24 13:05 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-16 11:33 . 2008-11-24 10:27 -------- d-----w- c:\program files\Trillian
2009-11-14 13:57 . 2009-11-14 13:57 8405312 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-11-14 13:57 . 2009-11-14 13:57 10309448 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\chr\ChromeInstaller.exe
2009-11-12 09:11 . 2009-11-12 09:11 152576 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 09:11 . 2009-11-12 09:11 79488 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-29 07:44 . 2006-03-02 12:00 832512 ------w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-27 20:36 . 2009-10-27 20:36 435720 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\setup.exe
2009-10-21 05:39 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2006-05-03 10:06 . 2008-08-09 20:56 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2008-08-09 20:56 31232 --sh--r- c:\windows\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Google Update"="c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-23 133104]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-09-07 36864]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-24 7311360]
"nwiz"="nwiz.exe" [2006-01-24 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-24 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-04 98304]
"Omnipage"="c:\program files\OmniPageSE\opware32.exe" [2002-06-03 49152]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-18 185784]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 132624]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"JeticoPFStartup"="c:\program files\Jetico\Jetico Personal Firewall\fwsrv.exe" [2005-07-19 118784]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 284184]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 746520]
"LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 244512]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-03-27 181544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Anna\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Nadia\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-12-18 344064]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-1-4 110592]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-5-28 163840]
Directrec Configuration Tool.lnk - c:\program files\Olympus\DeviceDetector\DirectrecConfig.exe [2009-5-28 122880]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-9-7 196608]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\OmniPageSE\\EregFre\\NAVBrowser.exe"=
"c:\\Documents and Settings\\Fred\\Bureau\\Dames_-_DO_1.1.exe"=
"c:\\Program Files\\VLC\\vlc.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [07/08/2009 19:29 108289]
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [11/03/2009 09:42 266240]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [27/03/2009 15:54 165160]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [24/10/2008 10:01 33792]
R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [23/11/2007 10:30 6528]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [05/11/2007 20:59 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [05/11/2007 20:59 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [05/11/2007 20:59 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [05/11/2007 21:00 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [05/11/2007 20:59 77072]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [06/11/2007 10:18 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [06/11/2007 10:18 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [06/11/2007 10:18 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [06/11/2007 10:18 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [06/11/2007 10:18 98568]
.
Contenu du dossier 'Tâches planifiées'

2010-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003Core.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]

2010-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003UA.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=TRL&o=101823&locale=en_US&q=
FF - component: c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-11 15:30
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(6676)
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
c:\docume~1\Fred\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
c:\program files\OmniPageSE\ophook32.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Olympus\DeviceDetector\DM1Service.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Sony\MD Simple Burner\NetMDSB.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\program files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
c:\windows\system32\rundll32.exe
c:\program files\OpenOffice.org 2.1\program\soffice.exe
c:\program files\OpenOffice.org 2.1\program\soffice.BIN
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
c:\program files\avira\antivir desktop\avcenter.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2010-01-11 15:36:24 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-11 14:36
ComboFix2.txt 2010-01-11 13:13

Avant-CF: 18 150 674 432 octets libres
Après-CF: 18 114 293 760 octets libres

- - End Of File - - D694EE4C4093627354DBA7CF2FF161B2

Réponse 12 / 36

Utilisateur anonyme
11 janv. 2010 à 17:36

Recommence la procédure combofix mais cette fois ci avec un nouveau script.

• Télécharge ce dossier maxouplus.zip
• Fais un clic-droit dessus --> Extraire tout --> choisis le Bureau comme destination
• Un autre dossier va apparaitre, prends le fichier CFScript.txt qui se trouve à l'intérieur et place le sur le Bureau et pas ailleurs.
• Désactive tes logiciels de protection
• Fais un glisser/déposer de ce fichier CFScript.txt sur le fichier Combofix.exe
comme ceci :http://img155.imageshack.us/img155/4837/cfscriptop0.gif
• Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici → C:\ComboFix.txt

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 18:21

rebonsoir

Voila
a ce soir ou a demain
Merci

ComboFix 10-01-04.01 - Fred 11/01/2010 18:05:43.3.1 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2014.1558 [GMT 1:00]
Lancé depuis: c:\documents and settings\Fred\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Fred\Bureau\CFScript .txt
AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Ask.com
c:\program files\Ask.com\config.xml
c:\program files\Ask.com\mupcfg.xml
c:\program files\Ask.com\SaUpdate.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-12-11 au 2010-01-11 ))))))))))))))))))))))))))))))))))))
.

2010-01-11 14:37 . 2010-01-11 14:37 -------- d-----w- c:\program files\pdfforge Toolbar
2010-01-11 14:37 . 2010-01-11 14:37 -------- d-----w- c:\documents and settings\Fred\Application Data\Search Settings
2010-01-11 14:37 . 2010-01-11 14:37 -------- d-----w- c:\documents and settings\Fred\Application Data\pdfforge
2010-01-10 12:10 . 2010-01-11 11:52 -------- d-----w- c:\program files\Ad-Remover
2010-01-07 09:57 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-01-07 09:57 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-01-07 09:57 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-01-07 09:57 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Nadia\Application Data\Mozilla\Firefox\Profiles\hfafypdj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 43008 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2009-12-21 17:07 . 2009-12-16 13:42 340480 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2009-12-21 17:07 . 2009-12-16 13:41 346624 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2009-12-21 17:07 . 2009-12-16 13:42 872960 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2009-12-13 16:52 . 2001-10-28 16:42 116224 ----a-w- c:\windows\system32\pdfcmnnt.dll
2009-12-13 16:52 . 1998-07-13 01:08 59904 ----a-w- c:\windows\system32\MSCC2FR.DLL
2009-12-13 16:52 . 2009-12-13 16:53 -------- d-----w- c:\program files\PDFCreator
2009-12-13 16:52 . 1998-07-06 00:00 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2009-12-13 12:13 . 2009-12-13 12:13 -------- d-----w- c:\program files\FACTOURE

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-01-11 17:14 . 2007-01-10 23:38 -------- d-----w- c:\documents and settings\Fred\Application Data\OpenOffice.org2
2010-01-10 21:48 . 2008-11-22 14:19 -------- d-----w- c:\program files\Trend Micro
2010-01-10 18:28 . 2008-11-22 21:27 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-01-10 18:28 . 2009-04-30 10:58 5115823 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-01-07 15:07 . 2008-11-22 21:27 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 15:07 . 2008-11-22 21:27 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-07 11:25 . 2007-01-13 14:39 -------- d-----w- c:\documents and settings\Nadia\Application Data\OpenOffice.org2
2010-01-07 09:56 . 2007-01-26 13:54 -------- d-----w- c:\documents and settings\Nadia\Application Data\Skype
2010-01-07 09:55 . 2008-10-02 15:47 -------- d-----w- c:\documents and settings\Nadia\Application Data\skypePM
2009-12-30 22:44 . 2008-04-12 20:04 -------- d-----w- c:\documents and settings\Fred\Application Data\Azureus
2009-12-29 21:48 . 2007-11-11 14:33 -------- d-----w- c:\program files\Azureus
2009-12-24 07:47 . 2006-03-02 12:00 63854 ----a-w- c:\windows\system32\perfc00C.dat
2009-12-24 07:47 . 2006-03-02 12:00 445434 ----a-w- c:\windows\system32\perfh00C.dat
2009-12-17 10:30 . 2007-01-10 13:52 -------- d-----w- c:\documents and settings\Fred\Application Data\Canon
2009-12-14 23:23 . 2008-10-17 15:54 -------- d-----w- c:\documents and settings\Fred\Application Data\Audacity
2009-12-10 18:02 . 2009-08-07 18:29 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2009-12-10 10:08 . 2009-12-10 10:07 17614320 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\rp\RealPlayerSPGold_fr.exe
2009-12-06 18:05 . 2009-08-24 18:44 10686001 ----a-w- c:\documents and settings\Fred\Application Data\Azureus\plugins\azump\mplayer.exe
2009-12-04 09:03 . 2009-12-04 09:03 251376 ----a-w- c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
2009-11-24 13:05 . 2009-11-24 13:05 -------- d-----w- c:\program files\Microsoft Silverlight
2009-11-16 11:33 . 2008-11-24 10:27 -------- d-----w- c:\program files\Trillian
2009-11-14 13:57 . 2009-11-14 13:57 8405312 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\gtb\GOOGLE_TOOLBAR\GoogleToolbarInstaller.exe
2009-11-14 13:57 . 2009-11-14 13:57 10309448 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\chr\ChromeInstaller.exe
2009-11-12 09:11 . 2009-11-12 09:11 152576 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\lzma.dll
2009-11-12 09:11 . 2009-11-12 09:11 79488 ----a-w- c:\documents and settings\Fred\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll
2009-10-29 07:44 . 2006-03-02 12:00 832512 ------w- c:\windows\system32\wininet.dll
2009-10-29 07:44 . 2006-03-02 12:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-10-29 07:44 . 2006-03-02 12:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-10-27 20:36 . 2009-10-27 20:36 435720 ----a-w- c:\documents and settings\Nadia\Application Data\Real\Update\setup3.08\setup.exe
2009-10-21 05:39 . 2006-03-02 12:00 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-21 05:39 . 2006-03-02 12:00 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-20 16:20 . 2006-03-02 12:00 265728 ----a-w- c:\windows\system32\drivers\http.sys
2006-05-03 10:06 . 2008-08-09 20:56 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2008-08-09 20:56 31232 --sh--r- c:\windows\system32\msfDX.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]
"Google Update"="c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-08-23 133104]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-09-07 36864]
"googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-11-21 3297280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-24 7311360]
"nwiz"="nwiz.exe" [2006-01-24 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-01-24 86016]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-01-04 98304]
"Omnipage"="c:\program files\OmniPageSE\opware32.exe" [2002-06-03 49152]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"WireLessKeyboard"="c:\program files\Trust\Trust Keyboard 15036\StartAutorun.exe" [2005-11-30 94208]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-18 185784]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"SMSTray"="c:\program files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-09-20 132624]
"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-22 385024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"JeticoPFStartup"="c:\program files\Jetico\Jetico Personal Firewall\fwsrv.exe" [2005-07-19 118784]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-30 284184]
"LogitechQuickCamRibbon"="c:\program files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 746520]
"LVCOMSX"="c:\program files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 244512]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-03-27 181544]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Anna\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Nadia\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]

c:\documents and settings\Fred\Menu D‚marrer\Programmes\D‚marrage\
OpenOffice.org 2.1.lnk - c:\program files\OpenOffice.org 2.1\program\quickstart.exe [2006-11-27 393216]
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-12-18 344064]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-1-4 110592]
Device Detector 3.lnk - c:\program files\Olympus\DeviceDetector\DevDtct2.exe [2009-5-28 163840]
Directrec Configuration Tool.lnk - c:\program files\Olympus\DeviceDetector\DirectrecConfig.exe [2009-5-28 122880]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-9-7 196608]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Macromedia\\Dreamweaver MX 2004\\Dreamweaver.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\OmniPageSE\\EregFre\\NAVBrowser.exe"=
"c:\\Documents and Settings\\Fred\\Bureau\\Dames_-_DO_1.1.exe"=
"c:\\Program Files\\VLC\\vlc.exe"=
"c:\\Program Files\\HomePlayer\\HomePlayer.exe"=
"c:\\Program Files\\HomePlayer\\VLC\\vlc.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Fred\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [07/08/2009 19:29 108289]
R2 CSHelper;CopySafe Helper Service;c:\windows\system32\CSHelper.exe [11/03/2009 09:42 266240]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe [27/03/2009 15:54 165160]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [24/10/2008 10:01 33792]
R3 KEYBOARDWDFilter;KEYBOARDWDFilter;c:\windows\system32\drivers\KEYBOARDWD.SYS [23/11/2007 10:30 6528]
S3 k600bus;Sony Ericsson 600i driver (WDM);c:\windows\system32\drivers\k600bus.sys [05/11/2007 20:59 52384]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;c:\windows\system32\drivers\k600mdfl.sys [05/11/2007 20:59 6096]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;c:\windows\system32\drivers\k600mdm.sys [05/11/2007 20:59 87456]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;c:\windows\system32\drivers\k600mgmt.sys [05/11/2007 21:00 79248]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;c:\windows\system32\drivers\k600obex.sys [05/11/2007 20:59 77072]
S3 s115bus;Sony Ericsson Device 115 driver (WDM);c:\windows\system32\drivers\s115bus.sys [06/11/2007 10:18 83208]
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter;c:\windows\system32\drivers\s115mdfl.sys [06/11/2007 10:18 15112]
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver;c:\windows\system32\drivers\s115mdm.sys [06/11/2007 10:18 108680]
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s115mgmt.sys [06/11/2007 10:18 100488]
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface;c:\windows\system32\drivers\s115obex.sys [06/11/2007 10:18 98568]
.
Contenu du dossier 'Tâches planifiées'

2010-01-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003Core.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]

2010-01-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-861567501-839522115-1003UA.job
- c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-23 20:45]
.
.
------- Examen supplémentaire -------
.
mWindow Title =
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath - c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr
FF - prefs.js: keyword.URL - hxxp://supertoolbar.ask.com/redirect?client=ff&src=kw&tb=TRL&o=101823&locale=en_US&q=
FF - component: c:\documents and settings\Fred\Application Data\Mozilla\Firefox\Profiles\8zeu0tb4.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components\pdfforgeToolbarFF.dll
FF - component: c:\program files\Mozilla Firefox\extensions\search@searchsettings.com\components\SearchSettingsFF.dll
FF - plugin: c:\documents and settings\Fred\Application Data\Mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\Fred\Local Settings\Application Data\Google\Update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScope42.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npArtistScopeDRM11.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- PARAMETRES FIREFOX ----
FF - user.js: yahoo.homepage.dontask - true.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-01-11 18:11
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(7988)
c:\program files\Fichiers communs\Logitech\LVMVFM\LVPrcInj.dll
c:\docume~1\Fred\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\nview.dll
c:\windows\system32\NVWRSFR.DLL
c:\program files\OmniPageSE\ophook32.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\nvwddi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Olympus\DeviceDetector\DM1Service.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
c:\program files\OpenOffice.org 2.1\program\soffice.exe
c:\program files\OpenOffice.org 2.1\program\soffice.BIN
c:\windows\system32\wscntfy.exe
c:\program files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
.
**************************************************************************
.
Heure de fin: 2010-01-11 18:17:14 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-01-11 17:17
ComboFix2.txt 2010-01-11 14:36
ComboFix3.txt 2010-01-11 13:13

Avant-CF: 18 124 517 376 octets libres
Après-CF: 18 091 466 752 octets libres

- - End Of File - - 2EA8FFFFE604A5463A9661B26CD09A71

Réponse 13 / 36

Utilisateur anonyme
11 janv. 2010 à 18:24

Post un nouveau rapport rsit

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 22:52

bonsoir

Voici le rapport rsit
Merci bonne soirée

Maxou

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2010-01-11 22:51:38
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 17 GB (45%) free of 38 GB
Total RAM: 2014 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:51:41, on 11/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\OmniPageSE\opware32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Fred\Bureau\RSIT.exe
C:\Program Files\trend micro\Fred.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Directrec Configuration Tool.lnk = C:\Program Files\Olympus\DeviceDetector\DirectrecConfig.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: DM1Service - OLYMPUS IMAGING CORP. - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

Réponse 14 / 36

Utilisateur anonyme
11 janv. 2010 à 22:59

Regarde si tu peux te servir de Ad Remover.Si oui Lances un Scan et post le rapport.

• Rends toi sur le site https://www.virustotal.com/gui/
• Clique sur Parcourir, et navigue jusqu'au fichier suivant et valide : C:\WINDOWS\MBR.exe
• Clique sur "Envoyer le fichier" : s'il a déjà été analysé, demande une nouvelle analyse.
• Fais un copier/coller du rapport sur le forum.

idem pour ce fichier:C:\WINDOWS\PEV.exe

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
12 janv. 2010 à 00:20

salut
Ad-remover reste bloqué 10min a 15 pourcent donc j'ai stoppé
Ya des message NetMDSB.exe a rencontré des problèmes
Et un truc dont je ne suis pas sur du nom complet fwsrv.exe

Ci dessous les rapports demandés

Et je vais me coucher
A demain
Et encore merci pour ton aide

Maxou

Fichier MBR.exe reçu le 2010.01.11 23:10:57 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/40 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.48 2010.01.11 -
AhnLab-V3 5.0.0.2 2010.01.11 -
AntiVir 7.9.1.134 2010.01.11 -
Antiy-AVL 2.0.3.7 2010.01.11 -
Authentium 5.2.0.5 2010.01.11 -
Avast 4.8.1351.0 2010.01.11 -
AVG 9.0.0.725 2010.01.11 -
BitDefender 7.2 2010.01.11 -
CAT-QuickHeal 10.00 2010.01.11 -
ClamAV 0.94.1 2010.01.11 -
Comodo 3550 2010.01.11 -
DrWeb 5.0.1.12222 2010.01.11 -
eSafe 7.0.17.0 2010.01.11 -
eTrust-Vet 35.2.7229 2010.01.11 -
F-Prot 4.5.1.85 2010.01.10 -
F-Secure 9.0.15370.0 2010.01.11 -
Fortinet 4.0.14.0 2010.01.09 -
GData 19 2010.01.11 -
Ikarus T3.1.1.80.0 2010.01.11 -
Jiangmin 13.0.900 2010.01.11 -
K7AntiVirus 7.10.944 2010.01.11 -
Kaspersky 7.0.0.125 2010.01.12 -
McAfee 5858 2010.01.11 -
McAfee+Artemis 5858 2010.01.11 -
McAfee-GW-Edition 6.8.5 2010.01.11 -
Microsoft 1.5302 2010.01.11 -
NOD32 4762 2010.01.11 -
Norman 6.04.03 2010.01.11 -
nProtect 2009.1.8.0 2010.01.11 -
Panda 10.0.2.2 2010.01.11 -
PCTools 7.0.3.5 2010.01.11 -
Rising 22.30.00.05 2010.01.11 -
Sophos 4.49.0 2010.01.11 -
Sunbelt 3.2.1858.2 2010.01.11 -
Symantec 20091.2.0.41 2010.01.11 -
TheHacker 6.5.0.3.146 2010.01.11 -
TrendMicro 9.120.0.1004 2010.01.11 -
VBA32 3.12.12.1 2010.01.11 -
ViRobot 2010.1.11.2130 2010.01.11 -
VirusBuster 5.0.21.0 2010.01.11 -
Information additionnelle
File size: 77312 bytes
MD5...: c5ec72a20b4c98db5314e6c46765b148
SHA1..: e51e0b26d3a8fb28e0e4dcf78b6e4df2da879ff4
SHA256: 42855149b90c059b62ebc4027188361860fb6ffd9e4a2aa074c665181a2b9326
ssdeep: 1536:NVAHk0dbcNRrBamAh83imalysWPvRhzjJNJDs0YpvcgHHHM6:8Hk0dbcfrB
amAh8fIWPLzJI0YpvcgHnp
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x30510
timedatestamp.....: 0x4add81e3 (Tue Oct 20 09:24:51 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0x1d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0x1e000 0x13000 0x12800 7.89 b382e0bad5749bcf197d12b291ced9c1
.rsrc 0x31000 0x1000 0x200 2.48 976be2cc34adbef1cc44f46191c5ea77

( 2 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess
> ADVAPI32.dll: RegCloseKey

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
packers (Kaspersky): PE_Patch.UPX, UPX, PE_Patch
packers (F-Prot): UPX
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned

Fichier PEV.exe reçu le 2010.01.11 23:17:52 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 4/41 (9.76%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.48 2010.01.12 -
AhnLab-V3 5.0.0.2 2010.01.11 -
AntiVir 7.9.1.134 2010.01.11 -
Antiy-AVL 2.0.3.7 2010.01.11 -
Authentium 5.2.0.5 2010.01.11 -
Avast 4.8.1351.0 2010.01.11 -
AVG 9.0.0.725 2010.01.11 -
BitDefender 7.2 2010.01.11 -
CAT-QuickHeal 10.00 2010.01.11 (Suspicious) - DNAScan
ClamAV 0.94.1 2010.01.11 -
Comodo 3550 2010.01.11 -
DrWeb 5.0.1.12222 2010.01.11 -
eSafe 7.0.17.0 2010.01.11 Suspicious File
eTrust-Vet 35.2.7229 2010.01.11 -
F-Prot 4.5.1.85 2010.01.10 -
F-Secure 9.0.15370.0 2010.01.11 -
Fortinet 4.0.14.0 2010.01.09 -
GData 19 2010.01.11 -
Ikarus T3.1.1.80.0 2010.01.11 -
Jiangmin 13.0.900 2010.01.11 -
K7AntiVirus 7.10.944 2010.01.11 -
Kaspersky 7.0.0.125 2010.01.12 -
McAfee 5858 2010.01.11 -
McAfee+Artemis 5858 2010.01.11 -
McAfee-GW-Edition 6.8.5 2010.01.11 Heuristic.LooksLike.Win32.Suspicious.C
Microsoft 1.5302 2010.01.11 -
NOD32 4762 2010.01.11 -
Norman 6.04.03 2010.01.11 -
nProtect 2009.1.8.0 2010.01.11 -
Panda 10.0.2.2 2010.01.11 Suspicious file
PCTools 7.0.3.5 2010.01.11 -
Prevx 3.0 2010.01.12 -
Rising 22.30.00.05 2010.01.11 -
Sophos 4.49.0 2010.01.11 -
Sunbelt 3.2.1858.2 2010.01.11 -
Symantec 20091.2.0.41 2010.01.11 -
TheHacker 6.5.0.3.146 2010.01.11 -
TrendMicro 9.120.0.1004 2010.01.11 -
VBA32 3.12.12.1 2010.01.11 -
ViRobot 2010.1.11.2130 2010.01.11 -
VirusBuster 5.0.21.0 2010.01.11 -
Information additionnelle
File size: 261632 bytes
MD5...: 4e20f3b27b334e9273fc3890b7948bd8
SHA1..: ff937b7eb12048f227d35d42efe3375dc5d7d1a0
SHA256: afb212b270e325888c330e97ef93fe5399e0ab6b0870c624ab28231fc8ee8c72
ssdeep: 6144:Lb0Cz2tkTv92ga9kLs9VCmm+9ah0jdWWG6tLoack7Z1Q:LbzitE92kLP9+9
8Iw6tTT1Q
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x4b1fb9ad (Wed Dec 09 14:52:29 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xd1000 0x3e600 8.00 aa60f3c16e3b0fab6e082459c3701555
.rsrc 0xd2000 0x2000 0x1200 7.23 7dd9c5b051360dcd9867eb9ac7e54706
.reloc 0xd4000 0x200 0x200 0.22 b2653d9ffb17cc053523a34099297f53

( 1 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree

( 0 exports )
RDS...: NSRL Reference Data Set
-
packers (Kaspersky): PE_Patch.PECompact, PecBundle
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
packers (F-Prot): PecBundle, PECompact
trid..: Win32 EXE PECompact compressed (v2.x) (48.9%)
Win32 EXE PECompact compressed (generic) (34.4%)
Win32 Executable Generic (7.0%)
Win32 Dynamic Link Library (generic) (6.2%)
Generic Win/DOS Executable (1.6%)
pdfid.: -

Réponse 15 / 36

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
11 janv. 2010 à 23:40

Bonsoir

Jetico m'a demandé quoi faire de ça quand j'ai lancé ad-remover:
"Application C:\Program Files\Ad-Remover\pv.com
Evènement l'attaquant écrit dans la mémoire de l'application
Attaquant c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe"

merci
Maxou

Réponse 16 / 36

Utilisateur anonyme
12 janv. 2010 à 07:14

Pour les alertes je pense que c'est normal.Ont va malgré tout analyser ce fichier comme tu la fait précédemment sur virustotal:
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe"
Post son rapport.Ensuite fais ce qui suis.
Si super antispyware ne te supprime pas la vérole je te préparerais un nouveau script.
Elle s'accroche la bestiole....:)

****************************************************************************

• Télécharge :https://www.superantispyware.com/
• Choisis "enregistrer" et enregistre-le sur ton bureau.
• Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.
• Créé une icône sur le bureau.
• Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.
• Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
• Sous Configuration and Preferences, clique sur le bouton "Preferences"
• Clique sur l'onglet "Scanning Control "
• Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :
• Close browsers before scanning
• Scan for tracking cookies
• Terminate memory threats before quarantining
• Laisse les autres lignes décochées.
• Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.
• Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".
• Dans la colonne de gauche, coche C:\Fixed Drive.
• Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"
• Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.
• A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.
• Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".
• Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.
• Pour recopier les informations sur le forum, fais ceci :
• après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
• Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
• Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.
• Le rapport va s'ouvrir dans ton éditeur de texte par défaut.
• Copie son contenu dans ta réponse.
• Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.
• https://www.malekal.com/?s=SUPERAntiSpyware

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
12 janv. 2010 à 12:07

Salut

Antivir s'active pendant que superantispyware bosse et j'ai cette alerte
Que dois je faire?
Pendant ce temps SASW ne bosse pas

Il me demande que faut il faire du fichier concerné : par defaut c'est coché refuser l'accès :

C:\Qoobox\quarantine\C\Programfiles\Ask.com\GenericAskToolbar.dll.vir
Contient le mode le de detection du ver WORM\Rbot.655092

Merci

Maxou

Réponse 17 / 36

litana
12 janv. 2010 à 12:16

Dès fois l'ordi est lent car les nouveaux sites que tu y vas ton ordi ne connaît pas encore alors il réfléchit ! ou internet ne fonctionne pas ou tu as pas branché les fils ou tu as branché mais sa ne marche pas ! mais ce n'est pas grave !

Réponse 18 / 36

Utilisateur anonyme
12 janv. 2010 à 13:13

Pendant le scan superantispyware tu peux désactiver antivir.
Pour ce fichier tu peux le supprimer manuellement sans aucun risque.C'est la quarentaine de combofix.
C:\Qoobox\quarantine\C\Programfiles\Ask.com\GenericAskToolbar.dll.vir

Réponse 19 / 36

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
12 janv. 2010 à 13:36

salut

J'avais déja fini le scan!

Il est coriace le machin!
C'est quoi ce machin?
Je devais pas faire le scan en mode sans échec?
C'est la journée questions!!

Ci dessous le rapport concernant LVPrcSrv.exe
Et le rapport superantispyware

Merci
a+
Maxou

Fichier LVPrcSrv.exe reçu le 2010.01.12 09:02:57 (UTC)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 0/41 (0%)
en train de charger les informations du serveur...
Votre fichier est dans la file d'attente, en position: ___.
L'heure estimée de démarrage est entre ___ et ___ .
Ne fermez pas la fenêtre avant la fin de l'analyse.
L'analyseur qui traitait votre fichier est actuellement stoppé, nous allons attendre quelques secondes pour tenter de récupérer vos résultats.
Si vous attendez depuis plus de cinq minutes, vous devez renvoyer votre fichier.
Votre fichier est, en ce moment, en cours d'analyse par VirusTotal,
les résultats seront affichés au fur et à mesure de leur génération.
Formaté Formaté
Impression des résultats Impression des résultats
Votre fichier a expiré ou n'existe pas.
Le service est en ce moment, stoppé, votre fichier attend d'être analysé (position : ) depuis une durée indéfinie.

Vous pouvez attendre une réponse du Web (re-chargement automatique) ou taper votre e-mail dans le formulaire ci-dessous et cliquer "Demande" pour que le système vous envoie une notification quand l'analyse sera terminée.
Email:

Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.48 2010.01.12 -
AhnLab-V3 5.0.0.2 2010.01.12 -
AntiVir 7.9.1.134 2010.01.11 -
Antiy-AVL 2.0.3.7 2010.01.12 -
Authentium 5.2.0.5 2010.01.12 -
Avast 4.8.1351.0 2010.01.11 -
AVG 9.0.0.725 2010.01.11 -
BitDefender 7.2 2010.01.12 -
CAT-QuickHeal 10.00 2010.01.12 -
ClamAV 0.94.1 2010.01.12 -
Comodo 3554 2010.01.12 -
DrWeb 5.0.1.12222 2010.01.12 -
eSafe 7.0.17.0 2010.01.11 -
eTrust-Vet 35.2.7232 2010.01.12 -
F-Prot 4.5.1.85 2010.01.12 -
F-Secure 9.0.15370.0 2010.01.12 -
Fortinet 4.0.14.0 2010.01.12 -
GData 19 2010.01.12 -
Ikarus T3.1.1.80.0 2010.01.12 -
Jiangmin 13.0.900 2010.01.12 -
K7AntiVirus 7.10.944 2010.01.11 -
Kaspersky 7.0.0.125 2010.01.12 -
McAfee 5858 2010.01.11 -
McAfee+Artemis 5858 2010.01.11 -
McAfee-GW-Edition 6.8.5 2010.01.12 -
Microsoft 1.5302 2010.01.12 -
NOD32 4762 2010.01.11 -
Norman 6.04.03 2010.01.11 -
nProtect 2009.1.8.0 2010.01.12 -
Panda 10.0.2.2 2010.01.11 -
PCTools 7.0.3.5 2010.01.12 -
Prevx 3.0 2010.01.12 -
Rising 22.30.01.03 2010.01.12 -
Sophos 4.49.0 2010.01.12 -
Sunbelt 3.2.1858.2 2010.01.12 -
Symantec 20091.2.0.41 2010.01.12 -
TheHacker 6.5.0.3.147 2010.01.12 -
TrendMicro 9.120.0.1004 2010.01.12 -
VBA32 3.12.12.1 2010.01.12 -
ViRobot 2010.1.12.2131 2010.01.12 -
VirusBuster 5.0.21.0 2010.01.11 -
Information additionnelle
File size: 109344 bytes
MD5...: 43c03e8e810087d7557628738033fb99
SHA1..: d09a3c1343216cceb89bbf5ace67e0879c97700d
SHA256: cbb66e5a37245c55ac2ea998eaa2e73cc4e2c97e4327633b5929999c8b4d24a2
ssdeep: 3072:jLwd3vNYQvIpcofEHQJPe0FJw/l62UhgHdedVdi:Hwd/NhApHEwp2g2UCde
dVdi
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x73c6
timedatestamp.....: 0x455bf2b6 (Thu Nov 16 05:10:14 2006)
machinetype.......: 0x14c (I386)

( 4 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0xe085 0xf000 6.28 ad4dbd4f16b46eb711227fe4b3149829
.rdata 0x10000 0x2eec 0x3000 5.25 b1e0248391ab9fc6f55f784c0dd5441e
.data 0x13000 0x2794 0x1000 3.39 8c9f0cf46b7a2ab0276e217db3aaf0b5
.rsrc 0x16000 0x48f8 0x5000 3.99 3ffa05861f9d0cd0e91b624419c3dd0f

( 6 imports )
> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA
> PSAPI.DLL: GetModuleFileNameExA, GetModuleBaseNameA, EnumProcessModules, EnumProcesses, GetModuleInformation
> KERNEL32.dll: GetSystemTime, LocalFree, lstrlenA, FormatMessageA, CompareStringA, GetTickCount, DeviceIoControl, SetThreadPriority, CreateFileA, ResetEvent, CreateThread, CancelIo, QueryPerformanceCounter, Sleep, GetModuleHandleA, SetEvent, GetVersionExA, WaitForMultipleObjects, WaitForMultipleObjectsEx, ReleaseMutex, GetLastError, CreateMutexA, WriteProcessMemory, GetModuleFileNameA, GetCurrentProcess, CreateRemoteThread, VirtualFreeEx, VirtualAllocEx, GetVersion, OpenProcess, CloseHandle, WaitForSingleObject, LoadLibraryA, FreeLibrary, GetFileAttributesA, CreateEventA, GetProcAddress, SetEndOfFile, ReadFile, HeapSize, GetCurrentThread, GetSystemInfo, ExitProcess, RtlUnwind, HeapAlloc, HeapFree, ExitThread, GetCurrentThreadId, GetStartupInfoA, GetCommandLineA, GetCurrentProcessId, GetSystemTimeAsFileTime, TlsAlloc, SetLastError, TlsFree, TlsSetValue, TlsGetValue, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, HeapReAlloc, IsBadWritePtr, InterlockedExchange, VirtualQuery, GetACP, GetOEMCP, GetCPInfo, LCMapStringA, WideCharToMultiByte, MultiByteToWideChar, LCMapStringW, SetHandleCount, GetStdHandle, GetFileType, SetFilePointer, TerminateProcess, UnhandledExceptionFilter, WriteFile, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, SetUnhandledExceptionFilter, IsBadReadPtr, IsBadCodePtr, InitializeCriticalSection, SetStdHandle, FlushFileBuffers, GetStringTypeA, GetStringTypeW, GetLocaleInfoA, VirtualProtect
> USER32.dll: LoadStringA, CharLowerA
> ADVAPI32.dll: RegOpenKeyA, RegEnumValueA, RegCloseKey, StartServiceCtrlDispatcherA, RegisterServiceCtrlHandlerA, QueryServiceStatus, DeleteService, ChangeServiceConfig2A, ChangeServiceConfigA, CreateServiceA, QueryServiceConfigA, ControlService, SetServiceStatus, OpenSCManagerA, OpenServiceA, StartServiceA, CloseServiceHandle, LookupPrivilegeValueA, PrivilegeCheck, AdjustTokenPrivileges, OpenProcessToken, DuplicateTokenEx, GetTokenInformation, SetTokenInformation, CreateProcessAsUserA, RevertToSelf, InitializeSecurityDescriptor, SetSecurityDescriptorDacl
> SHELL32.dll: SHGetFolderPathA

( 0 exports )
RDS...: NSRL Reference Data Set
-
trid..: Win32 Executable MS Visual C++ (generic) (65.2%)
Win32 Executable Generic (14.7%)
Win32 Dynamic Link Library (generic) (13.1%)
Generic Win/DOS Executable (3.4%)
DOS Executable Generic (3.4%)
pdfid.: -
sigcheck:
publisher....: Logitech Inc.
copyright....: (c) 1996-2007 Logitech. All rights reserved.
product......: Logitech QuickCam
description..: LVPrcSrv Module.
original name: LVPrcSrv.exe
internal name: LVPrcSrv.exe
file version.: 10.4.0.1401
comments.....: n/a
signers......: Logitech Inc
VeriSign Class 3 Code Signing 2004 CA
Class 3 Public Primary Certification Authority
signing date.: 7:03 AM 11/16/2006
verified.....: -

//////////////////////////////////////////////////////////////////////

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 01/12/2010 at 12:46 PM

Application Version : 4.33.1000

Core Rules Database Version : 4469
Trace Rules Database Version: 2288

Scan type : Complete Scan
Total Scan Time : 02:19:19

Memory items scanned : 686
Memory threats detected : 0
Registry items scanned : 5868
Registry threats detected : 0
File items scanned : 80394
File threats detected : 32

Adware.Tracking Cookie
C:\Documents and Settings\Fred\Cookies\fred@serving-sys[1].txt
C:\Documents and Settings\Fred\Cookies\fred@doubleclick[1].txt
C:\Documents and Settings\Fred\Cookies\fred@bs.serving-sys[2].txt
C:\Documents and Settings\Fred\Cookies\fred@xiti[1].txt
C:\Documents and Settings\Fred\Cookies\fred@atdmt[1].txt
C:\Documents and Settings\Fred\Cookies\fred@smartadserver[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@ad.yieldmanager[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@ad.zanox[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@adrevolver[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@adserver.aol[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@adtech[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@advertising[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@advertstream[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@affistats[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@atdmt[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@bluestreak[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@bluestreak[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@bluestreak[3].txt
C:\Documents and Settings\Nadia\Cookies\nadia@cdiscount[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@doubleclick[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@doubleclick[3].txt
C:\Documents and Settings\Nadia\Cookies\nadia@fastclick[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@media.adrevolver[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@movitex.122.2o7[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@msnportal.112.2o7[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@track.effiliation[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@uk.at.atwola[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@weba.cdiscount[1].txt
C:\Documents and Settings\Nadia\Cookies\nadia@weborama[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@ww251.smartadserver[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@www.smartadserver[2].txt
C:\Documents and Settings\Nadia\Cookies\nadia@xiti[1].txt

Réponse 20 / 36

Utilisateur anonyme
12 janv. 2010 à 18:02

* Télécharge OtmoveIT (de Old_Timer) sur ton Bureau
http://www.geekstogo.com/forum/files/file/402-otm-oldtimers-move-it/ (de OldTimer) sur ton Bureau
* Double-clique sur OTMoveIt.exe pour le lancer.
* Assure toi que la case Unregister Dll's and Ocx's soit bien cochée.
* copie la liste en gras ci-dessous et colle la dans le cadre de gauche de OTMoveIt sous Paste List of Files/Folders to move.

:processes
explorer.exe

:services
mbr

:files
C:\Documents and Settings\Fred\Application Data\Search Settings
C:\DOCUME~1\Fred\LOCALS~1\Temp\mbr.sys

:reg

:commands
[emptytemp]
[purity]
[start explorer]
[reboot]

-----------------------------

* clique sur MoveIt! pour lancer la suppression.
* Le résultat apparaitra dans le cadre "Results".
* Clique sur Exit pour fermer.
* Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
* Il te sera peut-être demandé de redémarrer le pc pour achever la suppression. Si c'est le cas accepte par Yes.

**********************************************************************
Aprés OTM dis moi si ca va mieux et post un rapport rsit.

je l"aurais un jour,je l'aurais.:)

maxouplus Messages postés 239 Date d'inscription samedi 22 novembre 2008 Statut Membre Dernière intervention 26 avril 2020 1
13 janv. 2010 à 00:21

bonsoir

Je te poste le rapport OTM puis un rsit
Tu l'auras oui tu l'auras
On va lui faire exploser les neurones

Bonne nuit

Maxou

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== SERVICES/DRIVERS ==========
Error: No service named mbr was found to stop!
Unable to stop service mbr!
========== FILES ==========
Folder move failed. C:\Documents and Settings\Fred\Application Data\Search Settings\kb128\temp scheduled to be moved on reboot.
C:\Documents and Settings\Fred\Application Data\Search Settings\kb128 folder moved successfully.
C:\Documents and Settings\Fred\Application Data\Search Settings folder moved successfully.
File/Folder C:\DOCUME~1\Fred\LOCALS~1\Temp\mbr.sys not found.
========== REGISTRY ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrateur
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: All Users

User: Anna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->FireFox cache emptied: 87479248 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Fred
->Temp folder emptied: 8349435 bytes
->Temporary Internet Files folder emptied: 5104115 bytes
->Java cache emptied: 87440538 bytes
->FireFox cache emptied: 103108113 bytes
->Google Chrome cache emptied: 0 bytes

User: Invité
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Nadia
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 78991 bytes
->Java cache emptied: 34422810 bytes
->FireFox cache emptied: 85657664 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 4378373 bytes
%systemroot%\System32 .tmp files removed: 26537472 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 402966 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 924910 bytes

Total Files Cleaned = 423,00 mb

OTM by OldTimer - Version 3.1.5.0 log created on 01132010_001240

Files moved on Reboot...

Registry entries deleted on Reboot...

//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Logfile of random's system information tool 1.06 (written by random/random)
Run by Fred at 2010-01-13 00:20:51
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 18 GB (46%) free of 38 GB
Total RAM: 2014 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:20:53, on 13/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\system32\CSHelper.exe
C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\OmniPageSE\opware32.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\Program Files\Trust\Trust Keyboard 15036\PS2USBKbdDrv.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\QuickCam10\QuickCam10.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
C:\Documents and Settings\Fred\Bureau\RSIT.exe
C:\Program Files\trend micro\Fred.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Trust\Trust Keyboard 15036\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\fwsrv.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Fred\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O4 - Global Startup: Directrec Configuration Tool.lnk = C:\Program Files\Olympus\DeviceDetector\DirectrecConfig.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {1592B385-AA72-4971-8F4E-F559A9A87FEE} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\WINDOWS\system32\CSHelper.exe
O23 - Service: DM1Service - OLYMPUS IMAGING CORP. - C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: MD Simple Burner Service (NetMDSB) - Sony Corporation - C:\Program Files\Sony\MD Simple Burner\NetMDSB.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

Ordi lent , certainement malade sos docteur!!

36 réponses

Discussions similaires

Newsletters