Popups - virux expolorer / svchost ...?

Résolu
remileg -  
 remileg -
Bonjour,
J'ai un petit souci d'ouvertures de fenêtres intempestives ainsi qu'un .exe "explorer.exe" qui demande sans arrêt de se connecter via ZA.

Voici le diagnostic Navilog1 (suite à la méthode exposée ici http://www.commentcamarche.net/faq/sujet 2490 popups ouverture de fenetres internet publicitaires pop up)

Merci par avance de votre aide.

***********
Search Navipromo version 3.5.7 commencé le 19/05/2008 à 16:00:07,45

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Rémi"

Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Rémi\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\Rémi\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\vwFLnUvw.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

*** Analyse terminée le 19/05/2008 à 16:05:12,59 ***Search Navipromo version 3.5.7 commencé le 19/05/2008 à 16:00:07,45

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Rémi"

Mise à jour le 11.05.2008 à 18h00 par IL-MAFIOSO

Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Recherche executé en mode normal

*** Recherche Programmes installés ***

*** Recherche dossiers dans "C:\WINDOWS" ***

*** Recherche dossiers dans "C:\Program Files" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***

*** Recherche dossiers dans "c:\docume~1\alluse~1\menudm~1\progra~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\locals~1\applic~1" ***

*** Recherche dossiers dans "C:\Documents and Settings\Rémi\menudm~1\progra~1" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé

*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

* Recherche dans "C:\Documents and Settings\Rémi\locals~1\applic~1" *

*** Recherche fichiers ***

*** Recherche clés spécifiques dans le Registre ***

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :

2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :

* Dans "C:\Documents and Settings\Rémi\locals~1\applic~1" :

3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :

C:\WINDOWS\system32\vwFLnUvw.ini2 trouvé ! infection Vundo possible non traitée par cet outil !

*** Analyse terminée le 19/05/2008 à 16:05:12,59 ***
Configuration: Windows XP
Internet Explorer 6.0

47 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Le sujet décrit des ouvertures de fenêtres intempestives et un processus explorer.exe qui cherche à se connecter via ZoneAlarm, indiquant une suspicion d’infection ou de comportement malveillant sur Windows XP. Les analyses proposées incluent Navilog/Navilog1 et un rapport montrant des éléments potentiellement légitimes mais suggérant une vérification avant suppression, avec des outils tels que OTMoveIt2 et HijackThis. Des solutions proposées privilégient le déplacement ou la suppression de fichiers suspects via OTMoveIt2, puis l’analyse détaillée avec HijackThis et le redémarrage éventuel pour restaurer le fonctionnement de bureau. En parallèle, l’analyse signale une possible infection Vundo et invite à vérifier les certificats et les modules réseau, sans conclure sur l’état du diagnostic ni sur une désinfection immédiate.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. Utilisateur anonyme
     
    Remileg , fait ceci :

    *************************

    /!\ Manip crée spécialement pour cet utilisateur , ne pas reproduire chez soi ... /!\

    1)Télécharge OTMoveIt2 ( de Old Timer )

    2)Une fois téléchargé double-clique sur OTMoveIt2.exe pour le lancer.

    Assure toi que la case Unregister Dll's and Ocx's soit bien cochée

    3)puis copie les lignes en gras qui se trouvent en dessous :

    C:\WINDOWS\system32\vwFLnUvw.ini2

    et colle-les dans le cadre de gauche de OTMoveIt : "Paste List Of Files/Folders to Move."
    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre Results.
    clique sur Exit pour fermer.
    4) Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    5) Il te sera peut-être demander de redémarrer le pc pour achever la suppression -> Accepte ( si il ne fait pas automatiquement , fait-le toi même )

    /!\ Note : Au démarrage ton bureau RISQUE de ne plus apparaître , dans ce cas fait --> CTRL+ALT+SUPP pour ouvrir le Gestionnaire des tâches.
    Puis rends toi à l'onglet "Processus". Clique en haut à gauche sur Fichiers et choisis "Exécuter"

    Tape explorer.exe et valide. Cela fera re-apparaître le Bureau.

    *****************************

    → Télécharge TrendMicro™ HijackThis™

    Place le dans ' C:\programmes\ ' Une fois cela fait , merci de renommer l'icône ( clique droit > renommer )' Hijackthis.exe 'située dans le dossier dans C:\ , en ' HJT.exe ' <<<<<<<<< Important !!! <<<<<<<

    Le chemin d'accés du programme doit être ressemblant à celui-ci : C:\Programme\Trend Micro\Hijackthis\HJT.exe

    Ne pas renommer l'icône du raccourci sur le bureau bien entendu ...

    /!\ Ferme toute les fenêtres encore ouvertes , et déconnecte toi du web /!\

    → Puis lance-le et choisi l'option '' do a system scan and save a logfile '' et poste moi le rapport ( qui apparait sur le bloc-note )

    (CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )

    Tuto si tu n'y arrive pas : http://pageperso.aol.fr/balltrap34/demohijack.htm

    Bonne chance
    a+
    1
  2. Utilisateur anonyme
     
    salut

    d'après le rapport tu a peut être une infection vundo

    fais ça :

    pour supprimer vundo télécharge vundofix ici:

    http://www.atribune.org/ccount/click.php?id=4

    mettez-le sur votre bureau
    Après le téléchargement. Cliquez sur VundoFix.exe
    L'outil va s'ouvrir. Cliquez sur Scan for Vundo
    Si une infection est détecté. Cliquez sur Remove Vundo cela va éliminer les fichiers infectés trouvés par l’outil, confirmez la suppression des fichiers.
    Dans certains cas un redémarrage est requis donc acceptez-le.
    Après l'utilisation de VundoFix, un rapport est automatiquement généré. Son emplacement se situe dans la racine de votre Windows C:/ vundofix backups/vundofix
    Ouvrez le fichier texte VundoFix puis copier/coller le rapport sur le forum
    Supprimez le dossier de sauvgarde VundoFix Backups
    0
  3. remileg
     
    VundoFix V7.0.3

    Scan started at 16:56:10 19/05/2008

    Listing files found while scanning....

    No infected files were found.

    ****
    hum....
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. Utilisateur anonyme
     
    telecharge hijackthis fais un scan et colle moi le log ici
    0
  6. Utilisateur anonyme
     
    Faudrait peut-être donner un lien ........
    0
  7. remileg
     
    Hijackthis report:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:21:06, on 19/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
    C:\Program Files\MSN Apps\Updater\01.05.0000.1009\fr\msnappau.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\ChessBase\ChessProgram10\Chess10.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [WindowsServicesStartup] C:\DOCUME~1\RMI~1\LOCALS~1\Temp\svchost.exe 1
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [dcee0a91] rundll32.exe "C:\WINDOWS\system32\sctiobxn.dll",b
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BMdfdd390d] Rundll32.exe "C:\WINDOWS\system32\lkjblcno.dll",s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Rémi\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: DataKeeper.lnk = C:\Program Files\PowerQuest\DataKeeper 5.0\DataKeeper.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: SATARAID5.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O18 - Protocol: bw+0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: DirectX Service (Vefem) - Unknown owner - C:\WINDOWS\System32\directx.exe (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  8. Utilisateur anonyme
     
    je passe la main a cyrildu17
    0
  9. remileg
     
    C:\WINDOWS\system32\vwFLnUvw.ini2 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05192008_175735
    *******

    Je n'avais pas vu ton post précédent, je relance Hijackthis correctement.
    0
  10. remileg
     
    C:\WINDOWS\system32\vwFLnUvw.ini2 moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05192008_175735
    ********

    Oui je n'avais pas vu ton post. Je refais un rapport HJK correct. (Merci de ton aide)
    0
  11. remileg
     
    Voici le rapport HJT apres tes instructions:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:10:44, on 19/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
    C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Apps\Updater\01.05.0000.1009\fr\msnappau.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HJT.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: {1435b927-a7b0-67c9-ca74-79f1c27dc4b2} - {2b4cd72c-1f97-47ac-9c76-0b7a729b5341} - C:\WINDOWS\system32\wpnblueg.dll
    O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\awtqrqqo.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O2 - BHO: (no name) - {CE63760A-E79F-4BFB-ABDE-CE7C44278ED0} - C:\WINDOWS\system32\wvUnLFwv.dll
    O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [WindowsServicesStartup] C:\DOCUME~1\RMI~1\LOCALS~1\Temp\svchost.exe 1
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [dcee0a91] rundll32.exe "C:\WINDOWS\system32\sctiobxn.dll",b
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BMdfdd390d] Rundll32.exe "C:\WINDOWS\system32\lkjblcno.dll",s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Rémi\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: DataKeeper.lnk = C:\Program Files\PowerQuest\DataKeeper 5.0\DataKeeper.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: SATARAID5.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O18 - Protocol: bw+0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: awtqrqqo - C:\WINDOWS\SYSTEM32\awtqrqqo.dll
    O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: DirectX Service (Vefem) - Unknown owner - C:\WINDOWS\System32\directx.exe (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  12. remileg
     
    HJT rapport selon tes instructions:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:26:00, on 19/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\WINDOWS\System32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    c:\program files\mcafee\msc\mcuimgr.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\MSN Apps\Updater\01.05.0000.1009\fr\msnappau.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Trend Micro\HijackThis\HJT.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: {1435b927-a7b0-67c9-ca74-79f1c27dc4b2} - {2b4cd72c-1f97-47ac-9c76-0b7a729b5341} - C:\WINDOWS\system32\wpnblueg.dll
    O2 - BHO: (no name) - {444FC7D1-8F08-4377-B39B-4D75AE0E9F70} - C:\WINDOWS\system32\awtqrqqo.dll
    O2 - BHO: (no name) - {5FBDAA42-0A4C-4993-B0F3-66209BE07AC3} - C:\WINDOWS\system32\wvUnLFwv.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing)
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\\nTune.exe" clear
    O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [WindowsServicesStartup] C:\DOCUME~1\RMI~1\LOCALS~1\Temp\svchost.exe 1
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [dcee0a91] rundll32.exe "C:\WINDOWS\system32\sctiobxn.dll",b
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [BMdfdd390d] Rundll32.exe "C:\WINDOWS\system32\lkjblcno.dll",s
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [Octoshape Streaming Services] "C:\Program Files\Octoshape Streaming Services\Rémi\OctoshapeClient.exe" -inv:bootrun
    O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: DataKeeper.lnk = C:\Program Files\PowerQuest\DataKeeper 5.0\DataKeeper.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: SATARAID5.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - https://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - https://www.fileplanet.com/
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
    O18 - Protocol: bw+0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {D860025D-B40E-4DC0-A516-9FA5C3897D13} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: awtqrqqo - C:\WINDOWS\SYSTEM32\awtqrqqo.dll
    O23 - Service: app_filter - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
    O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
    O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: DirectX Service (Vefem) - Unknown owner - C:\WINDOWS\System32\directx.exe (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    0
  13. Utilisateur anonyme
     
    Re ,

    Fait ceci :

    Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    → Télécharge Malwarebytes' Anti-Malware (MBAM) et enregistre le sur ton Bureau.

    → A la fin du téléchargement, ferme toutes les fenêtres et programmes, y compris celui-ci.

    → Double-clique sur l'icône Download_mbam-setup.exe sur ton bureau pour démarrer le programme d'installation.

    → Pendant l'installation, suis les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet). N'apporte aucune modification aux réglages par défaut et, en fin d'installation, vérifie que les options Update Malwarebytes' Anti-Malware et Launch Malwarebytes' Anti-Malware sont cochées.

    → MBAM démarrera automatiquement et enverra un message demandant à mettre à jour le programme avant de lancer une analyse. Comme MBAM se met automatiquement à jour en fin d'installation, clique sur OK pour fermer la boîte de dialogue. La fenêtre principale de MBAM s'affiche :

    → Dans l'onglet analyse, vérifie que "Exécuter un examen complet" est coché et clique sur le bouton Rechercher pour démarrer l'analyse.

    → MBAM analyse ton ordinateur. L'analyse peut prendre un certain temps. Il suffit de vérifier de temps en temps son avancement.

    → A la fin de l'analyse, un message s'affiche indiquant la fin de l'analyse. Clique sur OK pour poursuivre.

    → Si des malwares ont été détectés, leur liste s'affiche.
    En cliquant sur Suppression (?) , MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

    → MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Ferme le Bloc-notes. (Le rapport peut être retrouvé sous l'onglet Rapports/logs)

    → Ferme MBAM en cliquant sur Quitter.

    → Poste le rapport dans ta réponse

    a+
    0
  14. remileg
     
    voici le rapport avant la suppression (celui enregistré apres la suppression que je ne trouve pas :/ )

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 768

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 119726
    Temps écoulé: 25 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 8

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\sctiobxn.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\wvUnLFwv.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\awtqrqqo.dll (Trojan.Vundo) -> No action taken.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fbdaa42-0a4c-4993-b0f3-66209be07ac3} (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{5fbdaa42-0a4c-4993-b0f3-66209be07ac3} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqrqqo (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dcee0a91 (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMdfdd390d (Trojan.Agent) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvunlfwv -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvunlfwv -> No action taken.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\sctiobxn.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\nxboitcs.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\wvUnLFwv.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\vwFLnUvw.ini (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\vwFLnUvw.ini2 (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\lkjblcno.dll (Trojan.Agent) -> No action taken.
    C:\WINDOWS\system32\ddcAsron.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\awtqrqqo.dll (Trojan.Vundo) -> No action taken.
    0
  15. Utilisateur anonyme
     
    Re ,
    Le rapport ce trouve sous l'onglet Rapports/logs.

    Sinon ,
    Refais un scan et poste le rapport histoire de vérifier.

    ++

    0
  16. remileg
     
    rapport apres suppression retrouvé (je ne sais pas lire en fait :p)

    Malwarebytes' Anti-Malware 1.12
    Version de la base de données: 768

    Type de recherche: Examen complet (C:\|D:\|E:\|)
    Eléments examinés: 119726
    Temps écoulé: 25 minute(s), 59 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 8

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\sctiobxn.dll (Trojan.Vundo) -> Unloaded module successfully.
    C:\WINDOWS\system32\wvUnLFwv.dll (Trojan.Vundo) -> Unloaded module successfully.
    C:\WINDOWS\system32\awtqrqqo.dll (Trojan.Vundo) -> Unloaded module successfully.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5fbdaa42-0a4c-4993-b0f3-66209be07ac3} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{5fbdaa42-0a4c-4993-b0f3-66209be07ac3} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtqrqqo (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dcee0a91 (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMdfdd390d (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{444fc7d1-8f08-4377-b39b-4d75ae0e9f70} (Trojan.Vundo) -> Delete on reboot.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvunlfwv -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\wvunlfwv -> Delete on reboot.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\sctiobxn.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\nxboitcs.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wvUnLFwv.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\vwFLnUvw.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\vwFLnUvw.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\lkjblcno.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\ddcAsron.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\awtqrqqo.dll (Trojan.Vundo) -> Delete on reboot.
    0
  17. Utilisateur anonyme
     
    Ok , t'a redémarré depuis ?

    Si oui tant mieux sinon fait-le.

    Refais un scan Combofix avec toute les précautions d'usage et poste le rapport.

    +++
    0
  • 1
  • 2
  • 3