Virus Win32/Adware, download.getimar.com
Anakean
-
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour à tout le monde,
Tout d'abord merci de m'accueillir.
Mon antivirus a détecté un virus que je n'arrive pas à supprimer. Il m'enpêche de naviguer sur internet...
Voici ce que l'antivirus me précise:
Archive:
http://download.getmirar.com/f3/EXE-876927-5-SB.cab
Menace:
une variante de Win32/Adware.Mirarapplication
Que puis-je ou que dois-je faire?
Merci
@ bientôt
Tout d'abord merci de m'accueillir.
Mon antivirus a détecté un virus que je n'arrive pas à supprimer. Il m'enpêche de naviguer sur internet...
Voici ce que l'antivirus me précise:
Archive:
http://download.getmirar.com/f3/EXE-876927-5-SB.cab
Menace:
une variante de Win32/Adware.Mirarapplication
Que puis-je ou que dois-je faire?
Merci
@ bientôt
A voir également:
- Virus Win32/Adware, download.getimar.com
- Adware cleaner - Télécharger - Antivirus & Antimalwares
- Virus mcafee - Accueil - Piratage
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Adware - Guide
29 réponses
slt,
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
Merci jlpjlp de ton aide, très sympa.
Je collerai le rapport lorsque j'aurai été sur mon PC.
@ bientôt
Je collerai le rapport lorsque j'aurai été sur mon PC.
@ bientôt
ok
colle aussi un rapport avg antispyware
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
colle aussi un rapport avg antispyware
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
Qelle rapidité! merci!
Ok bien reçu ce sera fait.
Le souci est que je dois prendre les recommandations depuis un autre PC et le faire chez moi le soir.
@+
Ok bien reçu ce sera fait.
Le souci est que je dois prendre les recommandations depuis un autre PC et le faire chez moi le soir.
@+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Bonjour,
Voici le rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:56, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\tem443.tmp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 1 pour eden.exe.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nsc734.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [MbarInstall] C:\DOCUME~1\Dotigny\LOCALS~1\Temp\tem443.tmp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Voici le rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:56, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\tem443.tmp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 1 pour eden.exe.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nsc734.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [MbarInstall] C:\DOCUME~1\Dotigny\LOCALS~1\Temp\tem443.tmp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Puis le rapport AVG:
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:39:39 14/11/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Dotigny\Cookies\dotigny@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ice.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@rotator.its.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fortunecity[2].txt -> TrackingCookie.Fortunecity : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-businesslab.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-groupernetworks.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-neuftelecom.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@blackbox.weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@c1.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:39:39 14/11/2007
+ Résultat de l'analyse:
C:\Documents and Settings\Dotigny\Cookies\dotigny@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ice.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@notrefamille.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@rotator.its.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@fortunecity[2].txt -> TrackingCookie.Fortunecity : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-businesslab.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-groupernetworks.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-neuftelecom.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@revsci[1].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Utilisateur\Cookies\utilisateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@h.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@try.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@anad.tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@blackbox.weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@yadro[1].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@c1.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Dotigny\Cookies\dotigny@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
vire dans ajout/suppression de prog si present Media Holding Enterprise
______________________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nsc734.dll
_____________________
télécharges et installes :
kill box
https://www.bleepingcomputer.com/download/linux/
aide kill box
http://perso.wanadoo.fr/jesses/Docs/Logiciels/KillBox.htm
- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci
- Double-clic sur fix.reg
Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le dossier jaune à droite et sélectionne le fichier :
C:\Program Files\ContextTool\ContextTool-2.dll
C:\WINDOWS\system32\csseqch.dll
C:\WINDOWS\system32\nsc734.dll
- Clique sur la croix rouge et et blanche
- Répond yes et laisse redémarrer ton pc.
N'hésite pas à consulter l'Aide killbox
____________________
combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
____________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
______________________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: browser optimizer superiorads - {8E015787-B1E3-404a-95DE-3E71E1FA0305} - C:\WINDOWS\system32\spads.dll (file missing)
O2 - BHO: dcads - {C7C90A5E-BE0A-44DD-83D2-1BE138460BAC} - C:\WINDOWS\system32\nsc734.dll
_____________________
télécharges et installes :
kill box
https://www.bleepingcomputer.com/download/linux/
aide kill box
http://perso.wanadoo.fr/jesses/Docs/Logiciels/KillBox.htm
- Redémarre en mode sans échec, si tu sais pas comment on fait lis ceci
- Double-clic sur fix.reg
Ouvres killbox
- Sélectionne "delete on reboot"
- Clique sur le dossier jaune à droite et sélectionne le fichier :
C:\Program Files\ContextTool\ContextTool-2.dll
C:\WINDOWS\system32\csseqch.dll
C:\WINDOWS\system32\nsc734.dll
- Clique sur la croix rouge et et blanche
- Répond yes et laisse redémarrer ton pc.
N'hésite pas à consulter l'Aide killbox
____________________
combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
____________________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Je te cite:
"vire dans ajout/suppression de prog si present Media Holding Enterprise"
Désolé mais je comprend ce que tu veut dire par là...
Merci
"vire dans ajout/suppression de prog si present Media Holding Enterprise"
Désolé mais je comprend ce que tu veut dire par là...
Merci
OK je viens de percuter, désolé.
Je ferai les manipulations ce soir.
En éspérant que je puisse accéder à internet avec le virus pour le scan en ligne...
Merci encore et bonne après midi
Je ferai les manipulations ce soir.
En éspérant que je puisse accéder à internet avec le virus pour le scan en ligne...
Merci encore et bonne après midi
ok
si tu ne peux faire le scan en ligne telecharge bitdefender free et colle un rapport
https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html
a plus
si tu ne peux faire le scan en ligne telecharge bitdefender free et colle un rapport
https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html
a plus
Bonjour,
Voici le résultat:
Pas de programme Media Holding Entreprise donc pas de suppression.
___________________________________________________
Manipulation hijackthis faîte.
Je ne sais pas si c'est du à ça mais internet tourne beaucoup mieux voire normalement.
_____________________________________________________
Manipulation Killbox:
Killbox est bien installé.
Je ne trouve pas dans la liste déroulante ce fichier:
C:\Program Files\ContextTool\ContextTool-2.dll.
Voici le chemin que j'ai:
C:\Program Files\ContextTool\context helper
\pcre3.dll
\uninstall
J'ai ces trois fichiers mais ContextTool-2 n'existe pas.
Ensuite:
C:\WINDOWS\system32\csseqch.dll
Celui-ci j'arrive à le selectionner mais lorsque je tente d'appuyer sur la croix rouge et blanche voici le message que j'ai:
"PendingFileRenameOperations Registry Data has been Removed by External Process!"
Je n'arrive donc pas à supprimer ce fichier.
Le troisième:
C:\WINDOWS\system32\nsc734.dll
Celui est introuvable.
______________________________________
Voici le rapport Combofix:
ComboFix 07-11-08.1 - Dotigny 2007-11-15 22:50:38.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.554 [GMT 1:00]
Running from: L:\ComboFix.exe
* Created a new restore point
.
Incapable d'obtenir les privilèges Système
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-15 to 2007-11-15 ))))))))))))))))))))))))))))))))))))
.
2007-11-15 22:49 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-14 22:05 <REP> d-------- C:\Documents and Settings\Dotigny\Application Data\Grisoft
2007-11-14 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-14 22:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-09 20:46 <REP> d-------- C:\Program Files\PlayMP3z
2007-11-09 20:46 <REP> d-------- C:\Program Files\ContextTool
2007-11-08 23:36 18,688 C:\WINDOWS\system32\drivers\jtbahcuz.dat
2007-11-08 23:36 5,120 C:\WINDOWS\system32\drivers\ggijipug.dat
2007-11-08 23:35 93,696 --a------ C:\WINDOWS\system32\csseqch.dll
2007-11-08 23:13 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-11-08 23:08 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-11-08 22:47 <REP> d-------- C:\Program Files\Dcads Games Collection
2007-11-08 22:47 80,105 --a------ C:\WINDOWS\system32\dcads-remove.exe
2007-11-08 22:47 40,731 --a------ C:\WINDOWS\system32\superiorads-uninst.exe
2007-11-02 09:35 <REP> d-------- C:\Program Files\iTunes
2007-11-02 09:35 <REP> d-------- C:\Program Files\iPod
2007-11-02 09:35 <REP> d-------- C:\Documents and Settings\Dotigny\Application Data\Apple Computer
2007-11-02 09:34 <REP> d-------- C:\Program Files\QuickTime
2007-11-02 09:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-02 09:33 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2007-11-02 09:33 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-02 09:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-02 09:33 30,336 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2007-10-17 18:23 10,752 --a------ C:\WINDOWS\system32\WhoisCL.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-15 21:29 --------- d-----w C:\Documents and Settings\Dotigny\Application Data\OpenOffice.org2
2007-11-09 18:42 --------- d-----w C:\Documents and Settings\Dotigny\Application Data\LimeWire
2007-11-06 10:24 --------- d-----w C:\Program Files\Lx_cats
2007-09-24 18:09 --------- d-----w C:\Program Files\VirtualDJ
2007-09-22 01:09 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB}]
2006-03-02 13:00 93696 --a------ C:\WINDOWS\system32\csseqch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 11:15]
"nwiz"="nwiz.exe" [2006-01-24 11:15 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 14:21 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 14:35]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 12:12]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-24 11:15]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe" [2004-11-25 11:59]
"DataLayer"="C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE" [2004-12-09 11:14]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-03-12 22:43]
"LXBUCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-11-02 21:03]
"lxbumon.exe"="C:\Program Files\Lexmark 6200 Series\lxbumon.exe" [2005-01-18 15:36]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2004-11-22 12:29]
"EzPrint"="C:\Program Files\Lexmark 6200 Series\ezprint.exe" [2004-09-17 18:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
"mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 12:12]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-05-19 07:01]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
"spa_start"="C:\WINDOWS\system32\spads.dll" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-10-07 12:07]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2004-11-24 11:29]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 22:36]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R0 d346bus;d346bus;C:\WINDOWS\system32\DRIVERS\d346bus.sys
R0 d346prt;d346prt;C:\WINDOWS\system32\Drivers\d346prt.sys
R0 vxhhsueh;vxhhsueh;C:\WINDOWS\system32\drivers\jtbahcuz.dat
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys
*Newly Created Service* - HTTPFILTER
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-02 08:34:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-15 21:54:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-15 22:57:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-15 22:59:13 - machine was rebooted
.
--- E O F ---
_____________________________________________
Voici le rapport en ligne effectué avec pandasoftware:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-11-15 23:17:01
PROTECTIONS: 1
MALWARE: 23
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
NOD32 Antivirus System 2.50 2.50 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@com[1].txt
00167672 Cookie/DomainSponsor TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@landing.domainsponsor[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@xiti[2].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@fe.lea.lycos[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@azjmp[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@apmebf[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@888[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@advertising[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@media.adrevolver[3].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@metriweb[1].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@888[1].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@cassava[1].txt
00176499 Cookie/Maxifiles TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.maxifiles[1].txt
00176500 Cookie/Maxifiles TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@goto.maxifiles[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@bravenet[1].txt
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.errorsafe[2].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@errorsafe[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www6.addfreestats[1].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.drivecleaner[2].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@stats.drivecleaner[2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@drivecleaner[2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@adserver.easyad[1].txt
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
___________________________________
Voila...merci
Bonne journée
Voici le résultat:
Pas de programme Media Holding Entreprise donc pas de suppression.
___________________________________________________
Manipulation hijackthis faîte.
Je ne sais pas si c'est du à ça mais internet tourne beaucoup mieux voire normalement.
_____________________________________________________
Manipulation Killbox:
Killbox est bien installé.
Je ne trouve pas dans la liste déroulante ce fichier:
C:\Program Files\ContextTool\ContextTool-2.dll.
Voici le chemin que j'ai:
C:\Program Files\ContextTool\context helper
\pcre3.dll
\uninstall
J'ai ces trois fichiers mais ContextTool-2 n'existe pas.
Ensuite:
C:\WINDOWS\system32\csseqch.dll
Celui-ci j'arrive à le selectionner mais lorsque je tente d'appuyer sur la croix rouge et blanche voici le message que j'ai:
"PendingFileRenameOperations Registry Data has been Removed by External Process!"
Je n'arrive donc pas à supprimer ce fichier.
Le troisième:
C:\WINDOWS\system32\nsc734.dll
Celui est introuvable.
______________________________________
Voici le rapport Combofix:
ComboFix 07-11-08.1 - Dotigny 2007-11-15 22:50:38.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.554 [GMT 1:00]
Running from: L:\ComboFix.exe
* Created a new restore point
.
Incapable d'obtenir les privilèges Système
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-15 to 2007-11-15 ))))))))))))))))))))))))))))))))))))
.
2007-11-15 22:49 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-14 22:05 <REP> d-------- C:\Documents and Settings\Dotigny\Application Data\Grisoft
2007-11-14 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-14 22:05 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-09 20:46 <REP> d-------- C:\Program Files\PlayMP3z
2007-11-09 20:46 <REP> d-------- C:\Program Files\ContextTool
2007-11-08 23:36 18,688 C:\WINDOWS\system32\drivers\jtbahcuz.dat
2007-11-08 23:36 5,120 C:\WINDOWS\system32\drivers\ggijipug.dat
2007-11-08 23:35 93,696 --a------ C:\WINDOWS\system32\csseqch.dll
2007-11-08 23:13 <REP> d-------- C:\Program Files\Windows Media Connect 2
2007-11-08 23:08 <REP> d-------- C:\WINDOWS\system32\LogFiles
2007-11-08 22:47 <REP> d-------- C:\Program Files\Dcads Games Collection
2007-11-08 22:47 80,105 --a------ C:\WINDOWS\system32\dcads-remove.exe
2007-11-08 22:47 40,731 --a------ C:\WINDOWS\system32\superiorads-uninst.exe
2007-11-02 09:35 <REP> d-------- C:\Program Files\iTunes
2007-11-02 09:35 <REP> d-------- C:\Program Files\iPod
2007-11-02 09:35 <REP> d-------- C:\Documents and Settings\Dotigny\Application Data\Apple Computer
2007-11-02 09:34 <REP> d-------- C:\Program Files\QuickTime
2007-11-02 09:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-02 09:33 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2007-11-02 09:33 <REP> d-------- C:\Program Files\Apple Software Update
2007-11-02 09:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-11-02 09:33 30,336 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2007-10-17 18:23 10,752 --a------ C:\WINDOWS\system32\WhoisCL.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-15 21:29 --------- d-----w C:\Documents and Settings\Dotigny\Application Data\OpenOffice.org2
2007-11-09 18:42 --------- d-----w C:\Documents and Settings\Dotigny\Application Data\LimeWire
2007-11-06 10:24 --------- d-----w C:\Program Files\Lx_cats
2007-09-24 18:09 --------- d-----w C:\Program Files\VirtualDJ
2007-09-22 01:09 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB}]
2006-03-02 13:00 93696 --a------ C:\WINDOWS\system32\csseqch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 11:15]
"nwiz"="nwiz.exe" [2006-01-24 11:15 C:\WINDOWS\system32\nwiz.exe]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 14:21 C:\WINDOWS\system32\HdAShCut.exe]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 02:11]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-09-07 14:35]
"MMTray"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe" [2006-01-17 12:12]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-24 11:15]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe" [2004-11-25 11:59]
"DataLayer"="C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE" [2004-12-09 11:14]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-03-12 22:43]
"LXBUCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll" [2004-11-02 21:03]
"lxbumon.exe"="C:\Program Files\Lexmark 6200 Series\lxbumon.exe" [2005-01-18 15:36]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2004-11-22 12:29]
"EzPrint"="C:\Program Files\Lexmark 6200 Series\ezprint.exe" [2004-09-17 18:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
"mmtask"="C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe" [2006-01-17 12:12]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-05-19 07:01]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 14:42]
"spa_start"="C:\WINDOWS\system32\spads.dll" []
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-10-07 12:07]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2004-11-24 11:29]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 22:36]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
R0 d346bus;d346bus;C:\WINDOWS\system32\DRIVERS\d346bus.sys
R0 d346prt;d346prt;C:\WINDOWS\system32\Drivers\d346prt.sys
R0 vxhhsueh;vxhhsueh;C:\WINDOWS\system32\drivers\jtbahcuz.dat
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys
*Newly Created Service* - HTTPFILTER
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-02 08:34:04 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-15 21:54:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
.
**************************************************************************
catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-15 22:57:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-11-15 22:59:13 - machine was rebooted
.
--- E O F ---
_____________________________________________
Voici le rapport en ligne effectué avec pandasoftware:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-11-15 23:17:01
PROTECTIONS: 1
MALWARE: 23
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
NOD32 Antivirus System 2.50 2.50 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@com[1].txt
00167672 Cookie/DomainSponsor TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@landing.domainsponsor[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@xiti[2].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@fe.lea.lycos[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@azjmp[2].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@apmebf[1].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@888[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@advertising[1].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@media.adrevolver[3].txt
00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@metriweb[1].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@888[1].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@cassava[1].txt
00176499 Cookie/Maxifiles TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.maxifiles[1].txt
00176500 Cookie/Maxifiles TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@goto.maxifiles[1].txt
00187950 Cookie/bravenetA TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@bravenet[1].txt
00262024 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.errorsafe[2].txt
00262025 Cookie/ErrorSafe TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@errorsafe[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www6.addfreestats[1].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@www.drivecleaner[2].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@stats.drivecleaner[2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@drivecleaner[2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\NirCmd.exe
01606636 Cookie/Adserver TrackingCookie No 0 Yes No C:\Documents and Settings\Dotigny\Cookies\dotigny@adserver.easyad[1].txt
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
___________________________________
Voila...merci
Bonne journée
* Supprimez le dossier : C:\Program Files\DriveCleaner 2006 Free
* Supprimez le dossier : C:\Program Files\Common Files\DriveCleaner 2006 Free\
si ils sont presents
______________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-----------------------
ensuite:
scan avec des antiespions (en mode sans échec):
spybot : (si vous avez une version instalée avant sept 2007 changer là par la version 1.5)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html
voir demo d utilisation (merci Balltrap)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
_________________________
analyse ces fichiers sur virus total et dis moi lesquels sont supects: https://www.virustotal.com/gui/
C:\WINDOWS\system32\drivers\jtbahcuz.dat
C:\WINDOWS\system32\drivers\ggijipug.dat
C:\WINDOWS\system32\csseqch.dll
_______________________
smit fraud fix (colle le rapport)
1/ telecharger :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)
______________________
recolle un rapports hijakthic et dis tes soucis
* Supprimez le dossier : C:\Program Files\Common Files\DriveCleaner 2006 Free\
si ils sont presents
______________________
utilise pour supprimer tes traces
CCLEANER: (lance un nettoyage et répare 3 fois les erreurs) sans installer la barre yahoo
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
-----------------------
ensuite:
scan avec des antiespions (en mode sans échec):
spybot : (si vous avez une version instalée avant sept 2007 changer là par la version 1.5)
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html
voir demo d utilisation (merci Balltrap)
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm
_________________________
analyse ces fichiers sur virus total et dis moi lesquels sont supects: https://www.virustotal.com/gui/
C:\WINDOWS\system32\drivers\jtbahcuz.dat
C:\WINDOWS\system32\drivers\ggijipug.dat
C:\WINDOWS\system32\csseqch.dll
_______________________
smit fraud fix (colle le rapport)
1/ telecharger :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)
______________________
recolle un rapports hijakthic et dis tes soucis
Bonsoir,
Désolé mais je n'ai pas eu accès à mon pc depuis vendredi...
Voici les résultats des manipulations demandées:
Pas de dossier:
C:\Program Files\DriveCleaner 2006 Free
C:\Program Files\Common Files\DriveCleaner 2006 Free\
_________________________
CCLEANER: manipulation effectuées comme prévu
________________________
spybot : scanner et correction des problèmes effectués
_________________________
virus total:
Fichier csseqch.dll reçu le 2007.11.20 20:53:49 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 4/32 (12.5%)
Pour les deux autres ce message s'affiche:
0 bytes size received / Se ha recibido un archivo vacio
_______________________
rapport smit fraud fix:
SmitFraudFix v2.253
Rapport fait à 21:38:19,07, 20/11/2007
Executé à partir de C:\Documents and Settings\Dotigny\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dotigny
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dotigny\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dotigny\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 86.64.145.140
DNS Server Search Order: 84.103.237.140
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
_________________________
rapport hijackthis dans ùessage suivant
Désolé mais je n'ai pas eu accès à mon pc depuis vendredi...
Voici les résultats des manipulations demandées:
Pas de dossier:
C:\Program Files\DriveCleaner 2006 Free
C:\Program Files\Common Files\DriveCleaner 2006 Free\
_________________________
CCLEANER: manipulation effectuées comme prévu
________________________
spybot : scanner et correction des problèmes effectués
_________________________
virus total:
Fichier csseqch.dll reçu le 2007.11.20 20:53:49 (CET)
Situation actuelle: en cours de chargement ... mis en file d'attente en attente en cours d'analyse terminé NON TROUVE ARRETE
Résultat: 4/32 (12.5%)
Pour les deux autres ce message s'affiche:
0 bytes size received / Se ha recibido un archivo vacio
_______________________
rapport smit fraud fix:
SmitFraudFix v2.253
Rapport fait à 21:38:19,07, 20/11/2007
Executé à partir de C:\Documents and Settings\Dotigny\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dotigny
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dotigny\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dotigny\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: NVIDIA nForce Networking Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 86.64.145.140
DNS Server Search Order: 84.103.237.140
HKLM\SYSTEM\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
HKLM\SYSTEM\CS2\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer=86.64.145.140,84.103.237.140
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
_________________________
rapport hijackthis dans ùessage suivant
rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:55, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\lxbucoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 2 pour eden.exe.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:53:55, on 20/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Lexmark 6200 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\lxbucoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\FICHIE~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 2 pour eden.exe.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
________________________
vire ce fichier en allant dans poste de travail puis C puis systeme 32
C:\WINDOWS\system32\csseqch.dll
_______________________
recolle hijackthis et dis tes soucis
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 6200 Series\ezprint.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
________________________
vire ce fichier en allant dans poste de travail puis C puis systeme 32
C:\WINDOWS\system32\csseqch.dll
_______________________
recolle hijackthis et dis tes soucis
Bonsoir,
Manipulations faites sur Hijackthis.
En revanche pas de possibiliter de supprimer le fichier :C:\WINDOWS\system32\csseqch.dll
Il est noté de vérifier que le disque ne soit pas plein en écriture, que le fichier ne soit pas protégé ou qu'il ne soit pas utilisé actuellement.
______________________________
Rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:19:50, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 3 pour eden.exe.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Manipulations faites sur Hijackthis.
En revanche pas de possibiliter de supprimer le fichier :C:\WINDOWS\system32\csseqch.dll
Il est noté de vérifier que le disque ne soit pas plein en écriture, que le fichier ne soit pas protégé ou qu'il ne soit pas utilisé actuellement.
______________________________
Rapport Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:19:50, on 22/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Lexmark 6200 Series\lxbumon.exe
C:\Program Files\Eset\nod32kui.exe
C:\PROGRA~1\FICHIE~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\system32\lxbucoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\WINDOWS\system32\rundll32.exe
C:\DOCUME~1\Dotigny\LOCALS~1\Temp\Répertoire temporaire 3 pour eden.exe.zip\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3E59AF1E-EDD7-4449-A18E-B5EB5EC7ACCB} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [LXBUCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxbumon.exe] "C:\Program Files\Lexmark 6200 Series\lxbumon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan
O17 - HKLM\System\CCS\Services\Tcpip\..\{A32792D6-BE6A-49D5-8F30-457C06E6EB25}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: bw+0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {381684F3-ECE1-4627-BAB4-2BC9B949802C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxbu_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxbucoms.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\csseqch.dll
essaye de le virer en mode sans echec
___________________
sinon
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS\system32\csseqch.dll
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_____________________
essaye de le virer en mode sans echec
___________________
sinon
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.
Citation :
C:\WINDOWS\system32\csseqch.dll
clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
_____________________
Salut,
Ne sachant pas comment le faire en mode sans echec je l'ai fait avec le logiciel mais ça ne marche pas j'ai l'impression...
Voici le rapport:
LoadLibrary failed for C:\WINDOWS\system32\csseqch.dll
C:\WINDOWS\system32\csseqch.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\csseqch.dll scheduled to be moved on reboot.
Created on 11/22/2007 22:00:23
Comment fait-on exactement en mode sans echec?
Ne sachant pas comment le faire en mode sans echec je l'ai fait avec le logiciel mais ça ne marche pas j'ai l'impression...
Voici le rapport:
LoadLibrary failed for C:\WINDOWS\system32\csseqch.dll
C:\WINDOWS\system32\csseqch.dll NOT unregistered.
File move failed. C:\WINDOWS\system32\csseqch.dll scheduled to be moved on reboot.
Created on 11/22/2007 22:00:23
Comment fait-on exactement en mode sans echec?
