Mon lecteur s'ouvre tout seul
blackgamer
Messages postés
12
Statut
Membre
-
blackgamer Messages postés 12 Statut Membre -
blackgamer Messages postés 12 Statut Membre -
Bonjour à tous.
Alors mon problème est que mon graveur s'ouvre tout seul alors que je ne lui ai rien demander. Avant je ne m'inquiété pas trop mais aujourd'hui il l'a refait mais tout juste après il s'est mit à faire un peu beaucoup de bruit ^^. Je suspecte donc un trojan ou quelque chose dans ce genre car je peux rester une semaine sans que ça se produise comme ça peut le faire 5 fois par jour. J'avais eu quelques problemes avant et je croyais que c'était un trojan mais après ça ne s'est pas reproduit. Mon pc se bloqué toute les minutes pendant a peu près 30 secondes (précis hein ^^) et c'était toujours au même intervalle. Pourtant avec tout les scan que j'ai fait j'ai jamais rien trouver. je scannais avec mon antivirus à savoir norton antivirus 2005 et A-squared free.
Je vous poste donc mon log hijackthis en éspérant trouver quelqu'un qui puisse m'aider.
Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:07:32, on 27/04/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\téléchargement firefox\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ares] "F:\logiciels installés\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UltraMètre.lnk = C:\ultrameter\ultrameter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O12 - Plugin for .mpe: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
Alors mon problème est que mon graveur s'ouvre tout seul alors que je ne lui ai rien demander. Avant je ne m'inquiété pas trop mais aujourd'hui il l'a refait mais tout juste après il s'est mit à faire un peu beaucoup de bruit ^^. Je suspecte donc un trojan ou quelque chose dans ce genre car je peux rester une semaine sans que ça se produise comme ça peut le faire 5 fois par jour. J'avais eu quelques problemes avant et je croyais que c'était un trojan mais après ça ne s'est pas reproduit. Mon pc se bloqué toute les minutes pendant a peu près 30 secondes (précis hein ^^) et c'était toujours au même intervalle. Pourtant avec tout les scan que j'ai fait j'ai jamais rien trouver. je scannais avec mon antivirus à savoir norton antivirus 2005 et A-squared free.
Je vous poste donc mon log hijackthis en éspérant trouver quelqu'un qui puisse m'aider.
Merci d'avance.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 19:07:32, on 27/04/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
F:\téléchargement firefox\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ares] "F:\logiciels installés\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UltraMètre.lnk = C:\ultrameter\ultrameter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O12 - Plugin for .mpe: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
A voir également:
- Mon lecteur s'ouvre tout seul
- Lecteur windows media - Télécharger - Lecture
- Box sfr un seul voyant allumé - Forum SFR / NeufBox / Numéricable
- Mon iphone se verrouille tout seul - Forum iPhone
- Lecteur pptx - Télécharger - Présentation
- Lecteur video pc - Guide
18 réponses
Salut,
Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
Prends connaissance du contenu le lien suivant:
http://www.f-secure.com/products/license-terms/eult_fra.pdf
Tu as donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que tu vas télécharger.
Maintenant fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.bat
Laisses-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2 sans notre avis/accord)
Patientes jusqu'au message :
*** Analyse Termine le ..... ***
Appuies sur une touche comme demandé, le blocnote va s'ouvrir.
Copies-colles l'intégralité dans une réponse. Refermes le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
voila ce que ça donne :
Search Navipromo version 1.1.5 commencé le 27/04/2007 à 21:30:34,05
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Documents and Settings\guillus\Bureau\Nouveau dossier
Mise a jour le 13.04.2007 a 20h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\guillus\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.
[+] Started on 04/27/07 at 21:30:35.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 04/27/07 at 21:36:08 (return code = 0).
*** Recherche fichiers ***
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********
*** Analyse Terminé le 27/04/2007 à 21:36:36,21 ***
Search Navipromo version 1.1.5 commencé le 27/04/2007 à 21:30:34,05
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Documents and Settings\guillus\Bureau\Nouveau dossier
Mise a jour le 13.04.2007 a 20h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\guillus\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.
[+] Started on 04/27/07 at 21:30:35.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 04/27/07 at 21:36:08 (return code = 0).
*** Recherche fichiers ***
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********
*** Analyse Terminé le 27/04/2007 à 21:36:36,21 ***
* télécharge AVG Anti-Spyware (ewido)
https://www.avg.com/en-ww/free-antivirus-download
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html
* tu l'installes
* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
si tu n'arrives pas à le mettre à jour prends ici les màj
http://downloads.ewido.net/avgas-signatures-full-current.exe
Copie Et colle le rapport ici
https://www.avg.com/en-ww/free-antivirus-download
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html
* tu l'installes
* lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
si tu n'arrives pas à le mettre à jour prends ici les màj
http://downloads.ewido.net/avgas-signatures-full-current.exe
Copie Et colle le rapport ici
Bon les mises à jour sont faites y a plus qu'à attendre le rapport.
Je te remercie de ton aide, ça fait plaisir de tomber sur des gens comme toi.
Je te remercie de ton aide, ça fait plaisir de tomber sur des gens comme toi.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bon l'analyse n'est pas encore fini mais apparemment il m'a trouvé un trojan donc mes suppositions sont bien fondées.
Bon le scan est enfin fini
le rapport :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:27:21 27/04/2007
+ Résultat de l'analyse:
:mozilla.9:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.27:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.62:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.63:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.30:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.31:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.33:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.59:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.68:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.69:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.70:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Program Files\MSN Messenger\All_version.exe -> Trojan.Feutel.av : Aucune action entreprise.
Fin du rapport
Tout les tracking cookie ont été supprimé et le trojan est en quarantaine.
le rapport :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:27:21 27/04/2007
+ Résultat de l'analyse:
:mozilla.9:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.27:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.62:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.63:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.30:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.31:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.32:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.33:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.59:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\guillus\Cookies\guillus@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.68:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.69:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.70:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Program Files\MSN Messenger\All_version.exe -> Trojan.Feutel.av : Aucune action entreprise.
Fin du rapport
Tout les tracking cookie ont été supprimé et le trojan est en quarantaine.
slt,
télécharges smitfraudfix :
En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.
Copie/colle le rapport sur le forum stp.
A+
télécharges smitfraudfix :
En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
tu doubles cliques sur smitfraudfix.cmd et tu choisi l option 1
cela vas générer un rapport.
Copie/colle le rapport sur le forum stp.
A+
Voila le rapport :
SmitFraudFix v2.171
Rapport fait à 12:22:16,06, 28/04/2007
Executé à partir de F:\t‚l‚chargement firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\sessmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guillus
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guillus\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\guillus\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.171
Rapport fait à 12:22:16,06, 28/04/2007
Executé à partir de F:\t‚l‚chargement firefox\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\sessmgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guillus
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\guillus\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\guillus\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.1.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer=192.168.1.1
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Salut,
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
ensuite relance avg et coche mettre en quarentaine pour qu'il enleve les saletées
postele rapport avg plus un nouveau hijackthis
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
ensuite relance avg et coche mettre en quarentaine pour qu'il enleve les saletées
postele rapport avg plus un nouveau hijackthis
Bon j'ai un probleme pour démarrer en mode sans échec => mon clavier répond pas :s
j'avais installer un logiciel (bootskin) pour modifier mon bootscreen et je crois que ça viens de là. J'ai supprimé bootskin mais le probleme est toujours le même . Là je sais pas trop quoi faire .....
j'avais installer un logiciel (bootskin) pour modifier mon bootscreen et je crois que ça viens de là. J'ai supprimé bootskin mais le probleme est toujours le même . Là je sais pas trop quoi faire .....
Voila pour le scan AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:18:58 28/04/2007
+ Résultat de l'analyse:
:mozilla.6:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.26:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.27:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.28:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP169\A0052546.exe -> Trojan.Feutel.av : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:18:58 28/04/2007
+ Résultat de l'analyse:
:mozilla.6:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.26:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.27:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.28:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.12:C:\Documents and Settings\guillus\Application Data\Mozilla\Firefox\Profiles\mom9yu3z.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP169\A0052546.exe -> Trojan.Feutel.av : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
ou en sont tes problemes??
fait scanner ton pc par un ou plusieurs antivirus en ligne:
Quelques AV en lignes:
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
http://www.bitdefender.fr/scan_fr/scan8/ie.html
https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/fr/activescan_principal.htm
https://www.trendmicro.com/en_us/forHome/products/housecall.html
si l'antivirus ne peut pas supprimer:
- noter le chemin et le nom des fichiers infectés (ou encore mieux, le rapport du scan) et poster le resultat du scan sur le forum.
fait scanner ton pc par un ou plusieurs antivirus en ligne:
Quelques AV en lignes:
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
http://www.bitdefender.fr/scan_fr/scan8/ie.html
https://www.pandasecurity.com/?ref=www.pandasoftware.com/activescan/fr/activescan_principal.htm
https://www.trendmicro.com/en_us/forHome/products/housecall.html
si l'antivirus ne peut pas supprimer:
- noter le chemin et le nom des fichiers infectés (ou encore mieux, le rapport du scan) et poster le resultat du scan sur le forum.
Ok je suis en train de scanner mon ordinateur avec Bitdefender.
Par contre mon lecteur s'est reouvert donc bizarre AVG avait pourtant mit le trojan en quarantaine.
Par contre mon lecteur s'est reouvert donc bizarre AVG avait pourtant mit le trojan en quarantaine.
Voila le rapport est ici => http://fileshosting.free.fr/FILES/0j1pYuLNRu7DsPlTKVPm9qbcmBTKJkYjXhLFH8bzYNfUj6A5L4fu1EC9fnqHUgkIPXinXH2OYq2KHu40B8IXz8SO9x.html
BitDefender Online Scanner
Rapport d'analyse généré à: Tue, May 01, 2007 - 22:25:59
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
Statistiques
Temps
02:23:23
Fichiers
353062
Directoires
4830
Secteurs de boot
4
Archives
2562
Paquets programmes
18007
Résultats
Virus identifiés
11
Fichiers infectés
60
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
111
Info sur les moteurs
Définition virus
503539
Version des moteurs
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
6
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Infecté par: Generic.PWStealer.17427AA5
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Spy.Advancedkeylogger.A
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Infecté par: Generic.PWStealer.17427AA5
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Spy.Advancedkeylogger.A
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Infecté par: Trojan.Fdos.Msn.A
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)
Echec de la mise à jour
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe=>wise0018
Détecté avec: Application.Adware.NewDotNet.B.Dropper
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe=>wise0018
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe
Echec de la mise à jour
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe=>wise0018
Détecté avec: Application.Adware.NewDotNet.B.Dropper
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe=>wise0018
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe
Echec de la mise à jour
Rapport d'analyse généré à: Tue, May 01, 2007 - 22:25:59
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;
Statistiques
Temps
02:23:23
Fichiers
353062
Directoires
4830
Secteurs de boot
4
Archives
2562
Paquets programmes
18007
Résultats
Virus identifiés
11
Fichiers infectés
60
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
111
Info sur les moteurs
Définition virus
503539
Version des moteurs
AVCORE v1.0 (build 2397) (i386) (Feb 8 2007 14:24:08)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
6
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Désinfecté
Seconde Action
Supprimé
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\04305C1B.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\04373014.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\0D6D0486.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\10F40FC6.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\10F739C3.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\1AE22122.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\1AF66593.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\221B3DB7.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\225C056F.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\2D872777.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\2E560A48.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\31C61F63.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\31C9495F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\386B334A.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\516A7A42.jpg=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\52F97C8C.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\54AB0539.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\5D882735.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Infecté par: Generic.PWStealer.17427AA5
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Spy.Advancedkeylogger.A
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\64580708.exe=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.dll=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0004
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Infecté par: Generic.PWStealer.17427AA5
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0005
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Infecté par: Trojan.Spy.Advancedkeylogger.A
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)=>zlib_nsis0006
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\646858F6.tmp=>(Quarantine-2)=>(NSIS o)
Echec de la mise à jour
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\68DE78EB.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\6B9B22CD.tmp=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7169426A.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\797E55E4.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\798429DD.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\798E27D2.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\79A54DB9.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7D457F6F.exe=>(Quarantine-2)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Infecté par: Trojan.Fdos.Msn.A
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Echec de la désinfection
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)=>(Instyler Module 1)
Supprimé
C:\Program Files\Norton AntiVirus\Quarantine\7F42778C.exe=>(Quarantine-2)=>(Instyler o)
Echec de la mise à jour
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053093.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053094.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053095.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053096.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053097.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053098.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053099.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053100.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Infecté par: Trojan.Hacktool.Homac.D
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053101.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053102.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Infecté par: Trojan.Win32.MSNTrick.B
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053103.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053104.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Infecté par: Win32.Hotlix.A@mm
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053105.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053106.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053107.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Infecté par: Trojan.Spy.Advancedkeylogger.17.1
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053108.dll=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053109.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053110.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Détecté avec: Application.PWCrack.Brutus.A
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053111.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053112.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.Q
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053113.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053114.exe=>(Quarantine-2)
Supprimé
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Infecté par: Backdoor.Prorat.1.9.Dam.2
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Echec de la désinfection
C:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP170\A0053115.exe=>(Quarantine-2)
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe=>wise0018
Détecté avec: Application.Adware.NewDotNet.B.Dropper
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe=>wise0018
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051113.exe
Echec de la mise à jour
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe=>wise0018
Détecté avec: Application.Adware.NewDotNet.B.Dropper
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe=>wise0018
Supprimé
F:\System Volume Information\_restore{9195588D-9BB8-455F-B967-F40E26CFB9F1}\RP163\A0051114.exe
Echec de la mise à jour
Voila pour le log hijackthis :
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:59:29, on 06/05/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\guillus\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ares] "F:\logiciels installés\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UltraMètre.lnk = C:\ultrameter\ultrameter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O12 - Plugin for .mpe: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:59:29, on 06/05/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe
C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\ultrameter\ultrameter.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\guillus\Bureau\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2\printray.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [ares] "F:\logiciels installés\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UltraMètre.lnk = C:\ultrameter\ultrameter.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O12 - Plugin for .mpe: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{69E59E92-C408-4E76-AD6F-14E66412D9F5}: NameServer = 192.168.1.1
O18 - Protocol: bw+0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79889EBD-9A88-4BC1-9CF0-E407CA0F548A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
