Virus msn
pascjacq
-
pascjacq -
pascjacq -
Bonjour,
voici mon rapport après avoir effectuer msn fix.bat sur mon pc.MSNFix 1.699
C:\Documents and Settings\Robic\Bureau\MSNFix
Fix exécuté le 22/04/2008 - 15:22:41,17 By Robic
mode normal
************************ Recherche les fichiers présents
... C:\??????.exe
************************ Recherche les dossiers présents
... \TEMP\
************************ Suppression des fichiers
/!\ ... C:\??????.exe
************************ Suppression des dossiers
/!\ ... \TEMP\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
/!\ ... C:\??????.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\CHIPSET.ZIP] 9306018837434671A8435DD1FFB560EC
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\Robic\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22042008_15281093.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
voici mon rapport après avoir effectuer msn fix.bat sur mon pc.MSNFix 1.699
C:\Documents and Settings\Robic\Bureau\MSNFix
Fix exécuté le 22/04/2008 - 15:22:41,17 By Robic
mode normal
************************ Recherche les fichiers présents
... C:\??????.exe
************************ Recherche les dossiers présents
... \TEMP\
************************ Suppression des fichiers
/!\ ... C:\??????.exe
************************ Suppression des dossiers
/!\ ... \TEMP\
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
/!\ ... C:\??????.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\CHIPSET.ZIP] 9306018837434671A8435DD1FFB560EC
[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\Robic\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 22042008_15281093.zip
************************ HKLM\...\Winlogon\Userinit
Userinit = C:\WINDOWS\system32\userinit.exe,
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
A voir également:
- Virus msn
- Virus mcafee - Accueil - Piratage
- Telecharger msn - Télécharger - Messagerie
- Virus informatique - Guide
- Msn messenger - Télécharger - Messagerie
- Msn plus - Télécharger - Messagerie
7 réponses
slt,
analyse ce fichier sur virus toal et si infécté tu le vire: https://www.virustotal.com/gui/
C:\CHIPSET.ZIP
_________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
analyse ce fichier sur virus toal et si infécté tu le vire: https://www.virustotal.com/gui/
C:\CHIPSET.ZIP
_________________
scan avec
MalwareByte's Anti-Malware et vire ce qui est trouvé et colle le rapport
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/
_________________
colle un rapport hijackthis
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/download
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
https://leblogdeclaude.blogspot.com/2006/10/informatique-section-hijackthis.html
Je conseille de renomer Hijackthis, pour contrer une éventuelle infection de Vundo.
ex:Renomme le fichier HijackThis.exe en eden.exe pour cela, fais un clic droit sur le fichier HijackThis.exe et choisis renommer dans la liste
Ensuite avec Explorer créer un dossier c:\hijackthis
Décompresser Hijackthis dans ce dossier.
C'est important pour les sauvegardes."
pour creer un dossier tu appuie avec le bouton droit de la souris sur ton bureau puis tu choisi nouveau puis dossier
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
manuel :
http://pagesperso-orange.fr/rginformatique/section%20virus/demohijack.htm
voici le résultat de l'analyse avec Virustotal:
3 (CET)
Situation actuelle: terminé
Résultat: 0/32 (0.00%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.22.0 2008.04.22 -
AntiVir 7.8.0.8 2008.04.22 -
Authentium 4.93.8 2008.04.22 -
Avast 4.8.1169.0 2008.04.21 -
AVG 7.5.0.516 2008.04.21 -
BitDefender 7.2 2008.04.22 -
CAT-QuickHeal 9.50 2008.04.21 -
ClamAV 0.92.1 2008.04.22 -
DrWeb 4.44.0.09170 2008.04.22 -
eSafe 7.0.15.0 2008.04.21 -
eTrust-Vet 31.3.5723 2008.04.22 -
Ewido 4.0 2008.04.22 -
F-Prot 4.4.2.54 2008.04.21 -
F-Secure 6.70.13260.0 2008.04.22 -
FileAdvisor 1 2008.04.22 -
Fortinet 3.14.0.0 2008.04.22 -
Ikarus T3.1.1.26 2008.04.22 -
Kaspersky 7.0.0.125 2008.04.22 -
McAfee 5278 2008.04.21 -
Microsoft 1.3408 2008.04.22 -
NOD32v2 3046 2008.04.22 -
Norman 5.80.02 2008.04.21 -
Panda 9.0.0.4 2008.04.21 -
Prevx1 V2 2008.04.22 -
Rising 20.41.12.00 2008.04.22 -
Sophos 4.28.0 2008.04.22 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.22 -
TheHacker 6.2.92.286 2008.04.21 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.21 -
Webwasher-Gateway 6.6.2 2008.04.22 -
Information additionnelle
File size: 2738836 bytes
MD5...: 9306018837434671a8435dd1ffb560ec
SHA1..: 4b7d4e3820f691f4c46857dfcdd00170f5f19099
SHA256: 4e80a1dd28e1fab84277863489ddde0052da243c9b18ad5cbb889cd5a6d28a76
SHA512: 6462dff82492ebd25baadb8ee583393621884589e3fb5945b8ce686d005a1bfb
3d40fbd6e79a49d99e137b4b735a14f389ca6ba853638936a1987f51a6ad1f53
PEiD..: -
PEInfo: -
packers: CAB
par rapport au résultat, je ne dois pas supprimer Chipset.zip.
Maintenant, je suis entrain de scanner avec Malwarebytes, je t'envoie le rapport après.
Merci, beaucoup pour ton aide en tout cas......
3 (CET)
Situation actuelle: terminé
Résultat: 0/32 (0.00%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.4.22.0 2008.04.22 -
AntiVir 7.8.0.8 2008.04.22 -
Authentium 4.93.8 2008.04.22 -
Avast 4.8.1169.0 2008.04.21 -
AVG 7.5.0.516 2008.04.21 -
BitDefender 7.2 2008.04.22 -
CAT-QuickHeal 9.50 2008.04.21 -
ClamAV 0.92.1 2008.04.22 -
DrWeb 4.44.0.09170 2008.04.22 -
eSafe 7.0.15.0 2008.04.21 -
eTrust-Vet 31.3.5723 2008.04.22 -
Ewido 4.0 2008.04.22 -
F-Prot 4.4.2.54 2008.04.21 -
F-Secure 6.70.13260.0 2008.04.22 -
FileAdvisor 1 2008.04.22 -
Fortinet 3.14.0.0 2008.04.22 -
Ikarus T3.1.1.26 2008.04.22 -
Kaspersky 7.0.0.125 2008.04.22 -
McAfee 5278 2008.04.21 -
Microsoft 1.3408 2008.04.22 -
NOD32v2 3046 2008.04.22 -
Norman 5.80.02 2008.04.21 -
Panda 9.0.0.4 2008.04.21 -
Prevx1 V2 2008.04.22 -
Rising 20.41.12.00 2008.04.22 -
Sophos 4.28.0 2008.04.22 -
Sunbelt 3.0.1056.0 2008.04.17 -
Symantec 10 2008.04.22 -
TheHacker 6.2.92.286 2008.04.21 -
VBA32 3.12.6.4 2008.04.16 -
VirusBuster 4.3.26:9 2008.04.21 -
Webwasher-Gateway 6.6.2 2008.04.22 -
Information additionnelle
File size: 2738836 bytes
MD5...: 9306018837434671a8435dd1ffb560ec
SHA1..: 4b7d4e3820f691f4c46857dfcdd00170f5f19099
SHA256: 4e80a1dd28e1fab84277863489ddde0052da243c9b18ad5cbb889cd5a6d28a76
SHA512: 6462dff82492ebd25baadb8ee583393621884589e3fb5945b8ce686d005a1bfb
3d40fbd6e79a49d99e137b4b735a14f389ca6ba853638936a1987f51a6ad1f53
PEiD..: -
PEInfo: -
packers: CAB
par rapport au résultat, je ne dois pas supprimer Chipset.zip.
Maintenant, je suis entrain de scanner avec Malwarebytes, je t'envoie le rapport après.
Merci, beaucoup pour ton aide en tout cas......
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
voici le rapport avec Malwarebytes et j'ai tout supprimé.
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 669
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 115369
Temps écoulé: 53 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 29
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Starware354 (Adware.Starware) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Starware354 (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\active (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\active (Adware.Starware) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\error.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Related.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Travel.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\finditxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\findithotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindIt.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlightxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\Highlight.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager\ManagerOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager\ManagerOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator\Configurator.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator\Configurator.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar\TBProductsOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\GamesOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\GamesOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\active\Games0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\MoviesOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\MoviesOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts\ToolbarLayout.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> No action taken.
Malwarebytes' Anti-Malware 1.11
Version de la base de données: 669
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 115369
Temps écoulé: 53 minute(s), 31 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 29
Fichier(s) infecté(s): 55
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\Starware354 (Adware.Starware) -> No action taken.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Starware354 (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354 (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\active (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\active (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\default (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\active (Adware.Starware) -> No action taken.
Fichier(s) infecté(s):
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\error.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Related.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\contexts\Travel.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\starware_toolbar_icon.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\finditxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\findithotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindIt.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\FindItHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlightxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\highlighthotxp.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\Highlight.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\HighlightHot.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.png (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\buttons\recipes_foreign_feed.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\SimpleUpdateConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\TimerManagerConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\All Users\Application Data\Starware354\SimpleUpdate\ProductMessagingConfig.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager\ManagerOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Manager\ManagerOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator\Configurator.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Configurator\Configurator.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar\TBProductsOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\RecipeSearch_Foreign\RecipeSearch_ForeignOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Recipes_Foreign\Recipes_ForeignOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\GamesOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\GamesOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Games\images\active\Games0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\ScreensaversMarketingSitePager\images\active\ScreensaversMarketingSitePager0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\MoviesOptions.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\MoviesOptions.xml.backup (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Movies\images\active\Movies0.bmp (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts\ToolbarLayout.xml (Adware.Starware) -> No action taken.
C:\Documents and Settings\Robic\Application Data\Starware354\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> No action taken.
voilà le rapport avec hijackThis.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:38, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Office keyboard utility\1.1\nhksrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
C:\Program Files\Office keyboard utility\1.1\OFFICEKB.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Office keyboard utility\1.1\MMKEYB.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Office keyboard utility\1.1\TrayMon.exe
C:\Program Files\Office keyboard utility\1.1\osd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
O4 - HKLM\..\Run: [FLMOFFICEKEYBOARD] C:\Program Files\Office keyboard utility\1.1\OFFICEKB.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - https://www.zonealarm.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE3B8113-BADF-49C5-B43B-6FD0603FF29D}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: bw+0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Office keyboard utility\1.1\nhksrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///D:/dossier%20carte%20d%27Oc%C3%A9ane/un%20blog%20sur%20tokio%20hotel%20que%20tokio%20hotel%21%21%5E%5E%20Blog%20Tranche%20de%20Vie_fichiers/articleimage_004.jpg
O24 - Desktop Component 1: (no name) - http://illiweb.com/fa/subsilver/icon_quote.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:38, on 22/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Office keyboard utility\1.1\nhksrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe
C:\Program Files\Office keyboard utility\1.1\OFFICEKB.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\Program Files\Office keyboard utility\1.1\MMKEYB.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Office keyboard utility\1.1\TrayMon.exe
C:\Program Files\Office keyboard utility\1.1\osd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.3558\swg.dll
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852"
O4 - HKLM\..\Run: [FLMOFFICEKEYBOARD] C:\Program Files\Office keyboard utility\1.1\OFFICEKB.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - https://www.zonealarm.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B79A53C0-1DAC-4636-BACE-FD086A7A79BF} (AdSignerLCContrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSignerADP.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE3B8113-BADF-49C5-B43B-6FD0603FF29D}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: bw+0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {79182AE2-8467-48BA-8750-37BA2FF6B763} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LXCGCustomerConnect - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCGserv.exe
O23 - Service: lxcg_device - Unknown owner - C:\WINDOWS\system32\lxcgcoms.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Office keyboard utility\1.1\nhksrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///D:/dossier%20carte%20d%27Oc%C3%A9ane/un%20blog%20sur%20tokio%20hotel%20que%20tokio%20hotel%21%21%5E%5E%20Blog%20Tranche%20de%20Vie_fichiers/articleimage_004.jpg
O24 - Desktop Component 1: (no name) - http://illiweb.com/fa/subsilver/icon_quote.gif
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
_________
si ton fond d'ecran n'est pas bon fix aussi ceci:
O24 - Desktop Component 0: (no name) - file:///D:/dossier%20carte%20d%27Oc%C3%A9ane/un%20blog%20sur%20tokio%20hotel%20que%20tokio%20hotel%21%21%5E%5E%20Blog%20Tranche%20de%20Vie_fichiers/articleimage_004.jpg
O24 - Desktop Component 1: (no name) - http://illiweb.com/fa/subsilver/icon_quote.gif
_________
pour voir si il reste rien
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
_________
si ton fond d'ecran n'est pas bon fix aussi ceci:
O24 - Desktop Component 0: (no name) - file:///D:/dossier%20carte%20d%27Oc%C3%A9ane/un%20blog%20sur%20tokio%20hotel%20que%20tokio%20hotel%21%21%5E%5E%20Blog%20Tranche%20de%20Vie_fichiers/articleimage_004.jpg
O24 - Desktop Component 1: (no name) - http://illiweb.com/fa/subsilver/icon_quote.gif
_________
pour voir si il reste rien
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
Kaspersky en ligne
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
voilà, je viens de finir de scanner en ligne mon pc avec bitdefender, voici le résultat:
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Wed, Apr 23, 2008 - 10:54:27
Info d'analyse
Fichiers scannés
82828
Infectés Fichiers
0
Virus Détectés
Aucun virus trouvé.
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
BitDefender Online Scanner - Rapport virus en temps réel
Généré à: Wed, Apr 23, 2008 - 10:54:27
Info d'analyse
Fichiers scannés
82828
Infectés Fichiers
0
Virus Détectés
Aucun virus trouvé.
Ce sommaire du processus d'analyse sera utilisé par les laboratoires Antivirus BitDefender pour créer des statistiques agréguées sur l'activité des virus dans le monde.
je suis désolée mais je n'arrive pas à trouver le fichier C:\chipset.zip. Je trouve sur C que le fichier chipset et quand je vais sur virustotal pour l'analyse, je n'arrive pas.