Fenetres pop up s'ouvrent intempestivement
philwak
Messages postés
25
Statut
Membre
-
philwak Messages postés 25 Statut Membre -
philwak Messages postés 25 Statut Membre -
Bonjour, j'ai firefox, et des fenêtes pop up s'ouvrent intempestivement, je crois que je suis infecté par une cochonnerie. Ci dessous le rapport blacklight:
05/17/07 15:56:35 [Info]: BlackLight Engine 1.0.61 initialized
05/17/07 15:56:35 [Info]: OS: 5.1 build 2600 ()
05/17/07 15:56:36 [Note]: 7019 4
05/17/07 15:56:36 [Note]: 7005 0
05/17/07 15:56:41 [Note]: 7006 0
05/17/07 15:56:42 [Note]: 7011 1068
05/17/07 15:56:42 [Note]: 7026 0
05/17/07 15:56:42 [Note]: 7026 0
05/17/07 15:56:42 [Note]: 7024 3
05/17/07 15:56:42 [Info]: Hidden process: C:\windows\system32\kribntrcfm.exe
05/17/07 15:56:48 [Note]: FSRAW library version 1.7.1021
05/17/07 15:57:21 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~3.DAT
05/17/07 15:57:22 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~1.EXE
05/17/07 15:57:23 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~1.DAT
05/17/07 15:57:24 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~2.DAT
05/17/07 15:57:36 [Note]: 7007 0
et le rapport de hijackthis V2:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:31:55, on 17/05/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthisV2\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Vous êtes sur le PC de PHILWAK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: Interface Chat Voila - http://chat4.x-echo.com/version8/Applet/vchatsign.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
05/17/07 15:56:35 [Info]: BlackLight Engine 1.0.61 initialized
05/17/07 15:56:35 [Info]: OS: 5.1 build 2600 ()
05/17/07 15:56:36 [Note]: 7019 4
05/17/07 15:56:36 [Note]: 7005 0
05/17/07 15:56:41 [Note]: 7006 0
05/17/07 15:56:42 [Note]: 7011 1068
05/17/07 15:56:42 [Note]: 7026 0
05/17/07 15:56:42 [Note]: 7026 0
05/17/07 15:56:42 [Note]: 7024 3
05/17/07 15:56:42 [Info]: Hidden process: C:\windows\system32\kribntrcfm.exe
05/17/07 15:56:48 [Note]: FSRAW library version 1.7.1021
05/17/07 15:57:21 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~3.DAT
05/17/07 15:57:22 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~1.EXE
05/17/07 15:57:23 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~1.DAT
05/17/07 15:57:24 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\KRIBNT~2.DAT
05/17/07 15:57:36 [Note]: 7007 0
et le rapport de hijackthis V2:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:31:55, on 17/05/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Outlook Express\MSIMN.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\hijackthisV2\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.neuf.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Vous êtes sur le PC de PHILWAK
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: Interface Chat Voila - http://chat4.x-echo.com/version8/Applet/vchatsign.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A90B93B-E373-414D-87D9-A2118F361893} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINDOWS\System32\tlntsvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe
A voir également:
- Fenetres pop up s'ouvrent intempestivement
- Pop up mcafee - Accueil - Piratage
- Pop corn time - Télécharger - TV & Vidéo
- Serveur pop - Guide
- Youtube sur freebox pop - Forum Téléviseurs
- Augmenter débit freebox pop fibre ✓ - Forum Freebox
10 réponses
Salut
Suite de la marche à suivre ici : popups ouverture de fenetres internet publicitaires pop up
++
Suite de la marche à suivre ici : popups ouverture de fenetres internet publicitaires pop up
++
pensez vous que je puisse passer à la désinfection automatique sans risque ?
merci pour vos réponses
merci pour vos réponses
voici le rapport après le nettoyage:
Clean Navipromo version 2.0.1 commencé le 17/05/2007 à 18:32:00,22
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
** 2ème passage **
C:\WINDOWS\system32\kribntrcfm_navup.dat absent !
C:\WINDOWS\system32\kribntrcfm_navtmp.dat absent !
C:\WINDOWS\system32\kribntrcfm_m2s.xml absent !
C:\WINDOWS\system32\kribntrcfm.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm.dat supprimé !
C:\WINDOWS\system32\kribntrcfm_nav.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm_nav.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm_nav.dat supprimé !
C:\WINDOWS\system32\kribntrcfm_navps.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm_navps.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm_navps.dat supprimé !
C:\WINDOWS\prefetch\kribntrcfm*.pf trouvé !
Copie C:\WINDOWS\prefetch\kribntrcfm*.pf realise avec succes !
C:\WINDOWS\prefetch\kribntrcfm*.pf supprimé !
C:\WINDOWS\system32\kribntrcfm.exe trouvé !
Copie C:\WINDOWS\system32\kribntrcfm.exe realise avec succes !
C:\WINDOWS\system32\kribntrcfm.exe supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Standard\Application Data ***
...\Application Data\MessengerSkinner ...suppression...
...\Application Data\MessengerSkinner supprimé !
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Standard\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre realise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
*** Nettoyage termine le 17/05/2007 à 18:35:23,89 ***
C'est good ou c'est pas good ?
Clean Navipromo version 2.0.1 commencé le 17/05/2007 à 18:32:00,22
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
** 2ème passage **
C:\WINDOWS\system32\kribntrcfm_navup.dat absent !
C:\WINDOWS\system32\kribntrcfm_navtmp.dat absent !
C:\WINDOWS\system32\kribntrcfm_m2s.xml absent !
C:\WINDOWS\system32\kribntrcfm.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm.dat supprimé !
C:\WINDOWS\system32\kribntrcfm_nav.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm_nav.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm_nav.dat supprimé !
C:\WINDOWS\system32\kribntrcfm_navps.dat trouvé !
Copie C:\WINDOWS\system32\kribntrcfm_navps.dat realise avec succes !
C:\WINDOWS\system32\kribntrcfm_navps.dat supprimé !
C:\WINDOWS\prefetch\kribntrcfm*.pf trouvé !
Copie C:\WINDOWS\prefetch\kribntrcfm*.pf realise avec succes !
C:\WINDOWS\prefetch\kribntrcfm*.pf supprimé !
C:\WINDOWS\system32\kribntrcfm.exe trouvé !
Copie C:\WINDOWS\system32\kribntrcfm.exe realise avec succes !
C:\WINDOWS\system32\kribntrcfm.exe supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Standard\Application Data ***
...\Application Data\MessengerSkinner ...suppression...
...\Application Data\MessengerSkinner supprimé !
*** Suppression fichiers ***
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Standard\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre realise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
*** Nettoyage termine le 17/05/2007 à 18:35:23,89 ***
C'est good ou c'est pas good ?
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Search Navipromo version 2.0.1 commencé le 17/05/2007 à 18:08:10,32
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 10.05.2007 a 22h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Standard\Application Data ***
...\Application Data\MessengerSkinner trouvé !
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\kribntrcfm.exe
*** Recherche fichiers ***
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\kribntrcfm.dat trouvé !
**
C:\WINDOWS\system32\kribntrcfm.dat trouvé !
***
****
C:\WINDOWS\system32\kribntrcfm_navps.dat trouvé !
*****
******
*******
********
*** Analyse Terminé le 17/05/2007 à 18:09:40,89 ***
Merci pour vos réponses