Problème avec Advanced XP Defender

Boule -  
jlpjlp Messages postés 52399 Statut Contributeur sécurité -
Bonjour,

Advanced XP Defender s'est installé sur mon ordinateur et je n'arrive pas à m'en débarasser malgrè tout ce que j'ai pu lire sur les forums et l'utilisation d'anti spyware...
Voici le rapport hijackthis...
Est il possible de m'aider à résoudre ce problème ?
Merci d'avance

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:58:16, on 27/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\AXPDefender\AXPDefender.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
C:\Program Files\palmOne\Hotsync.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.veosearch.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
O4 - HKLM\..\Run: [AXPDefender] C:\Program Files\AXPDefender\AXPDefender.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
O15 - Trusted Zone: *.canalplay.com
O15 - Trusted Zone: *.canalplusactive.com
O15 - Trusted Zone: *.canalplay.com (HKLM)
O15 - Trusted Zone: *.canalplusactive.com (HKLM)
O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe

--
End of file - 27216 bytes
Configuration: Windows XP
Internet Explorer 7.0

12 réponses

  1. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    slt
    lance rogue remover et vire tout et colle le rapport

    https://www.01net.com/telecharger/

    _______________

    scan avec
    MalwareByte's Anti-Malware et vire ce qui est trouvé puis colle le rapport

    https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

    ______________

    colle un rapport hijackthis et dis tes soucis
    0
    1. Boule
       
      Côté Rogue Remover, rien a été détecté (est ce normal ?)
      Malwarebytes Anti Maleware est en cours d'analyse...
      0
  2. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok
    0
    1. Boule
       
      Voici le rapport Malwarebyte's... Je redémarre mon pc comme demandé par le logiciel.

      Malwarebytes' Anti-Malware 1.08
      Version de la base de données: 471

      Type de recherche: Examen complet (C:\|)
      Eléments examinés: 159218
      Temps écoulé: 1 hour(s), 11 minute(s), 46 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 1
      Clé(s) du Registre infectée(s): 1
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 2

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      C:\WINDOWS\system32\basedqkx32.dll (Trojan.Downloader) -> Unloaded module successfully.

      Clé(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      C:\WINDOWS\system32\~.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\basedqkx32.dll (Trojan.Downloader) -> Delete on reboot.
      0
    2. Boule
       
      Le rapport hijackthis..
      Par contre, AXP Defender est toujours présent.. Par ailleurs, certaines pages internet ne s'affichent plus (la page d'accueil de comment ça marche)..
      Que faire ?

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 16:39:32, on 27/05/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.6000.16640)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
      C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Analog Devices\Core\smax4pnp.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
      C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
      C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
      C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
      C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
      C:\Program Files\AXPDefender\AXPDefender.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
      C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
      C:\Program Files\palmOne\Hotsync.exe
      C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
      O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
      O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
      O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
      O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
      O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
      O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
      O4 - HKLM\..\Run: [AXPDefender] C:\Program Files\AXPDefender\AXPDefender.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: BTTray.lnk = ?
      O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
      O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
      O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
      0
    3. Boule
       
      L'infection se poursuit, je viens d'avoir des cafards sur mon écran de veille..
      Misère..
      0
      1. Boule > Boule
         
        Je crois m'être débarassé du problème mais je ne suis pas sûr...
        J'ai supprimé les fichiers infectés avec Malwarebytes.
        J'ai ensuite démarré mon PC en mode sans échec et supprimé tous les fichiers concernant AXP Defender.
        J'ai enfin réalisé un nouveau Scan avec Norton et réussit à supprimer le fichier AXPDefender.exe (que je ne pouvait pas suppriimer auparavant).
        Plus de faux messages d'alerte et plus de cafards..

        Reste que certaines pages web ne s'affiches pas...

        Voici le rapport Hijackthis après toute ces manipulations... Uncapable de l'analyser, quelqu'un peut il me dire si je suis complètement débarassé d'AXP Défender ?

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 12:42:43, on 28/05/2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v7.00 (7.00.6000.16640)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
        C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
        C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
        C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
        C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        C:\Program Files\Norton AntiVirus\navapsvc.exe
        C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
        C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
        C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        C:\WINDOWS\system32\rundll32.exe
        C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
        C:\WINDOWS\system32\hkcmd.exe
        C:\WINDOWS\system32\igfxpers.exe
        C:\Program Files\Analog Devices\Core\smax4pnp.exe
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\WINDOWS\AGRSMMSG.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
        C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
        C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
        C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
        C:\WINDOWS\system32\igfxsrvc.exe
        C:\WINDOWS\system32\igfxext.exe
        C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
        C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
        C:\Program Files\QuickTime\qttask.exe
        C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
        C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
        C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
        C:\Program Files\Logitech\QuickCam\Quickcam.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
        C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
        C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
        C:\Program Files\palmOne\Hotsync.exe
        C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
        C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
        C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
        C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
        C:\Program Files\Windows Live\Messenger\usnsvc.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
        C:\Program Files\Symantec\LiveUpdate\AUpdate.exe
        C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
        C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
        C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
        C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
        C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
        O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
        O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
        O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
        O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
        O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
        O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
        O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
        O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
        O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
        O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
        O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
        O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
        O4 - HKLM\..\Run: [AVStation Premium 3.75] C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
        O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
        O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
        O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
        O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
        O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
        O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
        O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
        O4 - HKLM\..\Run: [AXPDefender] C:\Program Files\AXPDefender\AXPDefender.exe
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
        O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
        O4 - Global Startup: BTTray.lnk = ?
        O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
        O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
        O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
        O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
        O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
        O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
        O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
        O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
        O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
        O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
        O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
        O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
        O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
        O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
        O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
        O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
        O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
        O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
        O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
        O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
        O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
        O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
        O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
        0
  3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    il reste dans hijakchits:

    relance hijakchits, fais do a system scan only et fais FIX CHEKED:

    O4 - HKLM\..\Run: [AXPDefender] C:\Program Files\AXPDefender\AXPDefender.exe

    ________________________
    telecharge smitfraudfix puis lance l'option 1 et colle le rapport

    http://siri.urz.free.fr/Fix/SmitfraudFix.php

    _________________

    Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : https://forum.pcastuces.com/sujet.asp?f=25&s=37315

    http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    Sauvegarde le sur ton bureau et pas ailleurs !

    Aide à l’utilisation de combofix ici: https://bibou0007.forumpro.fr/login?redirect=%2Ft121-topic

    Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
    Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
    0
    1. Boule
       
      J'ai fixé la ligne avec HijackThis..
      Voici le rapport Smitfraud Fix..
      Par contre, impossible d'aller sur la page pour télécharger combofix.. J'essai depuis un autre PC

      SmitFraudFix v2.323

      Rapport fait à 15:52:55,29, 28/05/2008
      Executé à partir de C:\Documents and Settings\Sven\Bureau\SmitfraudFix
      OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
      Le type du système de fichiers est NTFS
      Fix executé en mode normal

      »»»»»»»»»»»»»»»»»»»»»»»» Process

      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
      C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Analog Devices\Core\smax4pnp.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
      C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe
      C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
      C:\WINDOWS\system32\igfxext.exe
      C:\WINDOWS\system32\igfxsrvc.exe
      C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
      C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
      C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
      C:\Program Files\palmOne\Hotsync.exe
      C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Documents and Settings\Sven\Bureau\SmitfraudFix\Policies.exe
      C:\WINDOWS\system32\cmd.exe

      »»»»»»»»»»»»»»»»»»»»»»»» hosts

      Fichier hosts corrompu !

      127.0.0.1 www.legal-at-spybot.info
      127.0.0.1 legal-at-spybot.info

      »»»»»»»»»»»»»»»»»»»»»»»» C:\


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


      »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Sven


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Sven\Application Data


      »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


      »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Sven\Favoris


      »»»»»»»»»»»»»»»»»»»»»»»» Bureau


      »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


      »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


      »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
      "Source"="About:Home"
      "SubscribedURL"="About:Home"
      "FriendlyName"="Ma page d'accueil"


      »»»»»»»»»»»»»»»»»»»»»»»» IEDFix
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      IEDFix
      Credits: Malware Analysis & Diagnostic
      Code: S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» VACFix
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      VACFix
      Credits: Malware Analysis & Diagnostic
      Code: S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» 404Fix
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      404Fix
      Credits: Malware Analysis & Diagnostic
      Code: S!Ri


      »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      SrchSTS.exe by S!Ri
      Search SharedTaskScheduler's .dll


      »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "AppInit_DLLs"=""


      »»»»»»»»»»»»»»»»»»»»»»»» Winlogon
      !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
      "Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
      "System"=""


      »»»»»»»»»»»»»»»»»»»»»»»» Rustock



      »»»»»»»»»»»»»»»»»»»»»»»» DNS

      Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
      DNS Server Search Order: 212.27.54.252
      DNS Server Search Order: 212.27.53.252

      HKLM\SYSTEM\CCS\Services\Tcpip\..\{0943B140-72C0-425B-95A8-5FDEC7DE27FE}: DhcpNameServer=212.27.54.252 212.27.53.252
      HKLM\SYSTEM\CS1\Services\Tcpip\..\{0943B140-72C0-425B-95A8-5FDEC7DE27FE}: DhcpNameServer=212.27.54.252 212.27.53.252
      HKLM\SYSTEM\CS3\Services\Tcpip\..\{0943B140-72C0-425B-95A8-5FDEC7DE27FE}: DhcpNameServer=212.27.54.252 212.27.53.252
      HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
      HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252
      HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252


      »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


      »»»»»»»»»»»»»»»»»»»»»»»» Fin
      0
  4. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    désactive tes protections le temps de telecharger et lancer combofix
    0
    1. Boule
       
      Voici le rapport combofix..
      En espérant que ce soit bon.

      ComboFix 08-05-27.4 - Sven 2008-05-28 20:17:40.3 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.533 [GMT 2:00]
      Endroit: C:\Documents and Settings\Sven\Bureau\KillBagle.exe

      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
      .

      (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      ---- Previous Run -------
      .
      C:\WINDOWS\Downloaded Program Files\setup.inf
      C:\WINDOWS\system32\clbdll.dll
      C:\WINDOWS\system32\clbinit.dll
      C:\WINDOWS\system32\drivers\clbdriver.sys

      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Legacy_CLBDRIVER


      ((((((((((((((((((((((((((((( Fichiers créés 2008-04-28 to 2008-05-28 ))))))))))))))))))))))))))))))))))))
      .

      2008-05-28 15:53 . 2008-05-28 15:53 5,512 --a------ C:\WINDOWS\system32\tmp.reg
      2008-05-28 15:44 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
      2008-05-28 15:44 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
      2008-05-28 15:44 . 2008-05-27 13:54 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
      2008-05-28 15:44 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
      2008-05-28 15:44 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
      2008-05-28 15:44 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
      2008-05-28 14:20 . 2008-05-28 14:20 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
      2008-05-28 00:39 . 2008-05-28 00:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
      2008-05-28 00:36 . 2005-11-08 07:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
      2008-05-28 00:36 . 2006-08-25 16:03 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
      2008-05-28 00:36 . 2006-05-17 15:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
      2008-05-28 00:36 . 2008-05-28 00:36 <REP> d-------- C:\Documents and Settings\Administrateur
      2008-05-27 15:57 . 2008-05-27 16:07 <REP> d-------- C:\Program Files\RogueRemover FREE
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Malwarebytes
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-05-27 13:55 . 2008-05-27 13:55 <REP> d-------- C:\Program Files\Trend Micro
      2008-05-27 11:33 . 2008-05-27 12:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-05-27 11:33 . 2008-05-27 12:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-05-27 10:12 . 2008-05-27 10:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
      2008-05-27 10:01 . 2008-05-27 12:56 <REP> d-------- C:\Program Files\a-squared Anti-Malware
      2008-05-27 01:36 . 2008-05-27 01:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-05-27 01:27 . 2008-05-27 01:27 <REP> d-------- C:\Program Files\Enigma Software Group
      2008-05-27 00:07 . 2008-05-27 00:07 <REP> d-------- C:\Documents and Settings\Sven\Application Data\AXPDefender
      2008-05-27 00:05 . 2008-05-27 00:05 160,256 --a------ C:\WINDOWS\system32\blackster.scr
      2008-05-27 00:05 . 2004-08-05 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
      2008-05-26 23:59 . 2008-05-26 23:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-05-26 23:59 . 2008-05-26 23:59 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-05-26 10:09 . 2008-05-26 10:09 244 --ah----- C:\sqmnoopt03.sqm
      2008-05-26 10:09 . 2008-05-26 10:09 232 --ah----- C:\sqmdata03.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 244 --ah----- C:\sqmnoopt02.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 232 --ah----- C:\sqmdata02.sqm
      2008-05-10 15:43 . 2008-05-10 15:43 <REP> d-------- C:\Program Files\directx
      2008-05-10 15:42 . 2008-05-10 15:42 <REP> d-------- C:\Program Files\Rockstar Games
      2008-05-06 18:24 . 2008-05-27 13:00 <REP> d-------- C:\Program Files\FAR Colony
      2008-04-29 19:28 . 2008-04-29 19:29 <REP> d-------- C:\Program Files\Lecteur CANALPLAY

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-05-28 12:25 --------- d-----w C:\Program Files\Objective Tarot
      2008-05-28 12:24 --------- d-----w C:\Program Files\Nvu
      2008-05-28 12:24 --------- d-----w C:\Program Files\3DBELOTE
      2008-05-28 12:23 --------- d-----w C:\Program Files\Evrsoft First Page 2006
      2008-05-27 15:01 --------- d-----w C:\Documents and Settings\Sven\Application Data\AdobeUM
      2008-05-27 11:23 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
      2008-05-25 18:27 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
      2008-05-10 13:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-05-10 12:59 --------- d-----w C:\Documents and Settings\Sven\Application Data\Skype
      2008-05-10 12:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\skypePM
      2008-05-06 15:49 --------- d-----w C:\Program Files\Risk
      2008-04-28 23:34 --------- d-----w C:\Program Files\e-anim
      2008-04-26 08:47 --------- d-----w C:\Program Files\MSXML 6.0
      2008-04-25 15:33 --------- d-----w C:\Program Files\Fichiers communs\Eltima Shared
      2008-04-25 15:33 --------- d-----w C:\Program Files\Eltima Software
      2008-04-25 15:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\Eltima Software
      2008-04-25 10:48 --------- d-----w C:\Program Files\Magic Swf2Gif
      2008-04-25 10:30 --------- d-----w C:\Documents and Settings\Sven\Application Data\zvprt40
      2008-04-25 10:29 --------- d-----w C:\Program Files\zvprt40
      2008-04-25 10:25 --------- d-----w C:\Program Files\MSBuild
      2008-04-25 10:18 --------- d-----w C:\Program Files\Reference Assemblies
      2008-04-25 09:49 --------- d-----w C:\Program Files\Tukanas Files Converter
      2008-04-24 07:15 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
      2008-04-22 21:24 --------- d-----w C:\Program Files\Windows Live
      2008-04-22 21:23 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
      2008-04-22 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
      2008-04-14 09:34 --------- d-----w C:\Program Files\Java
      2008-04-06 12:21 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
      2008-04-06 12:17 --------- d-----w C:\Program Files\Skype
      2008-04-06 12:17 --------- d-----w C:\Program Files\Fichiers communs\Skype
      2008-04-06 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
      2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
      2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
      2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
      2006-12-10 15:33 81,920 ----a-w C:\Documents and Settings\Sven\Application Data\ezpinst.exe
      2006-12-10 15:33 47,360 ----a-w C:\Documents and Settings\Sven\Application Data\pcouffin.sys
      2004-08-05 12:00 4,096 --sha-w C:\WINDOWS\system32\loadsftpf.dat
      .

      ((((((((((((((((((((((((((((( snapshot@2008-05-28_16.22.19.75 )))))))))))))))))))))))))))))))))))))))))
      .
      - 2008-05-28 14:13:31 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      + 2008-05-28 17:08:54 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      - 2006-09-18 14:15:51 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
      + 2006-12-19 18:09:33 852,480 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
      "PowerBar"="" []
      "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-07 17:54 32768]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
      "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
      "Starter"="C:\WINDOWS\System32\Starter.exe" [ ]
      "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-15 02:30 98304]
      "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-15 02:27 77824]
      "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-15 02:31 118784]
      "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
      "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 17:11 925696]
      "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 21:12 102492]
      "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 21:11 692316]
      "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 23:50 88204 C:\WINDOWS\AGRSMMSG.exe]
      "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-12 13:39 58992]
      "farstone"="" []
      "RestoreIT!"="C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.exe" [2004-09-23 19:27 114688]
      "MagicKeyboard"="C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe" [2005-04-11 13:01 151552]
      "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
      "BatteryManager"="C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2006-04-25 14:05 2764800]
      "AVStation Premium 3.75"="C:\Program Files\Samsung\AVStation Premium 3.75\AVSAgent.exe" [2006-04-27 13:56 155648]
      "DisplayManager"="C:\Program Files\Samsung\DisplayManager\DMLoader.exe" [2005-11-16 11:13 356352]
      "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-10-01 11:12 100056]
      "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2004-05-17 07:34 360448]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-15 20:41 282624]
      "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-25 16:15 185896]
      "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [ ]
      "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
      "CanalPlayerHelper"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe" [ ]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

      C:\Documents and Settings\Sven\Menu D‚marrer\Programmes\D‚marrage\
      palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [2005-02-11 13:44:58 2301952]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-05 11:58:42 113664]
      BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-09-19 16:02:54 581693]
      DataViz Inc Messenger.lnk - C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe [2006-10-18 08:00:13 28672]
      HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe [2004-06-09 14:16:08 471040]
      Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-07 17:54:54 450560]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "vidc.mpng"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.mjpg"= C:\Program Files\t@b\[u]0[/u].956\686\tabdec.dll
      "vidc.mvjp"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.444p"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusDisableNotify"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
      "C:\\Program Files\\palmOne\\Hotsync.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"=
      "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

      R0 RITCPT;RITCPT;C:\WINDOWS\system32\drivers\RITCPT.sys [2004-05-18 23:43]
      R0 VVBackd5;VVBackd5;C:\WINDOWS\system32\drivers\VVBackd5.sys [2005-08-08 01:09]
      R2 DOSMEMIO;MEMIO;C:\WINDOWS\system32\MEMIO.SYS [2000-08-23 18:19]
      R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-05-18 23:43]
      R2 SNM WLAN Service;SNM WLAN Service;"C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe" [2005-05-28 08:35]
      R2 SRS_PostInstaller;SRS PostInstaller Service;"C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe" [2005-11-28 12:06]
      R3 wowfilter;WOW XT Filter Driver;C:\WINDOWS\system32\drivers\wowfilter.sys [2005-11-28 12:06]
      S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16:37]
      S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-11-29 12:27]
      S3 SUEPD;SUE NDIS Protocol Driver;C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2005-05-24 15:26]
      S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
      S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
      S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]
      S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]
      S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0eb1a002-4679-11dc-b74e-0016cef4a59f}]
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
      \Shell\Open(&0)\command - Recycled\ctfmon.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ab6d684-6a13-11dc-b77f-001302d435f6}]
      \Shell\AutoRun\command - cayfq2.cmd
      \Shell\explore\Command - cayfq2.cmd
      \Shell\open\Command - cayfq2.cmd

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de8676ea-8553-11dc-b795-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df119f4e-9ae3-11dc-b7a9-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe -a

      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-05-16 19:10:22 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Sven.job"
      - C:\PROGRA~1\NORTON~1\Navw32.exe
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-05-28 20:35:43
      Windows 5.1.2600 Service Pack 2 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-05-28 20:45:48
      ComboFix-quarantined-files.txt 2008-05-28 18:45:02

      Pre-Run: 46,675,996,672 octets libres
      Post-Run: 46,659,887,104 octets libres

      230 --- E O F --- 2008-05-28 14:32:42
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok c'est ça . Je n'ai accès au web que depuis mon tel . Des que je peux je finis ton post . Pour avancer colle moi un rapport hijackthis et dis moi tes soucis actuels
    0
    1. Boule
       
      A priori, plus de problèmes... Internet fonctionne normalement (j'ai opté pour FireFox, plus de cafards et de faux messages d'alerte, plus de virus détectés par Norton..
      Donc, si le rapportHijackThis est bon, cela veut il dire que c'est fini ?
      En tout cas, d'avance, un grand merci pour la rapidité et la simplicité (bonnes explications) d'intervention !!
      Une dernier conseil, quel anti spyware utiliser parlementairement à l'anti virus ?

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 12:33:54, on 29/05/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
      C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      C:\WINDOWS\system32\rundll32.exe
      C:\WINDOWS\system32\hkcmd.exe
      C:\WINDOWS\system32\igfxpers.exe
      C:\Program Files\Analog Devices\Core\smax4pnp.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
      C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
      C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
      C:\WINDOWS\system32\igfxsrvc.exe
      C:\WINDOWS\system32\igfxext.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
      C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
      C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
      C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
      C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
      C:\Program Files\Logitech\QuickCam\Quickcam.exe
      C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
      C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
      C:\Program Files\palmOne\Hotsync.exe
      C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
      C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
      C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
      C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
      C:\Program Files\Windows Live\Messenger\usnsvc.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
      C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.veosearch.com/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
      O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
      O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
      O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
      O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
      O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
      O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
      O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
      O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
      O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
      O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
      O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
      O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
      O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
      O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
      O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
      O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
      O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: BTTray.lnk = ?
      O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
      O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
      O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
      O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
      O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
      O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
      O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
      O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
      O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
      O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
      O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
      O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
      O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
      0
  7. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)

    Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

    File::
    C:\Documents and Settings\Sven\Application Data\AXPDefender
    C:\WINDOWS\system32\blackster.scr

    Enregistre ce fichier sous le nom CFscript

    Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

    Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

    Remets aussi un rapport Hijackthis et dis tes soucis actuels

    Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
    0
    1. Boule
       
      Voici le rapport Combofix :

      ComboFix 08-05-27.4 - Sven 2008-05-29 23:17:00.4 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.480 [GMT 2:00]
      Endroit: C:\Documents and Settings\Sven\Bureau\KillBagle.exe
      Command switches used :: C:\Documents and Settings\Sven\Bureau\CFscript.txt
      * Création d'un nouveau point de restauration

      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
      .

      ((((((((((((((((((((((((((((( Fichiers créés 2008-04-28 to 2008-05-29 ))))))))))))))))))))))))))))))))))))
      .

      2008-05-29 10:11 . 2008-05-29 10:11 <REP> d-------- C:\WINDOWS\LastGood
      2008-05-28 23:34 . 2008-05-28 23:34 <REP> d-------- C:\Documents and Settings\Sven\Application Data\MSNInstaller
      2008-05-28 22:40 . 2008-05-28 22:40 0 --a------ C:\WINDOWS\nsreg.dat
      2008-05-28 15:53 . 2008-05-28 15:53 5,512 --a------ C:\WINDOWS\system32\tmp.reg
      2008-05-28 15:44 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
      2008-05-28 15:44 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
      2008-05-28 15:44 . 2008-05-27 13:54 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
      2008-05-28 15:44 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
      2008-05-28 15:44 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
      2008-05-28 15:44 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
      2008-05-28 14:20 . 2008-05-28 14:20 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
      2008-05-28 00:39 . 2008-05-28 00:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
      2008-05-28 00:36 . 2005-11-08 07:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
      2008-05-28 00:36 . 2006-08-25 16:03 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
      2008-05-28 00:36 . 2006-05-17 15:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
      2008-05-28 00:36 . 2008-05-28 00:36 <REP> d-------- C:\Documents and Settings\Administrateur
      2008-05-27 15:57 . 2008-05-27 16:07 <REP> d-------- C:\Program Files\RogueRemover FREE
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Malwarebytes
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-05-27 13:55 . 2008-05-27 13:55 <REP> d-------- C:\Program Files\Trend Micro
      2008-05-27 11:33 . 2008-05-27 12:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-05-27 11:33 . 2008-05-27 12:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-05-27 10:12 . 2008-05-27 10:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
      2008-05-27 10:01 . 2008-05-27 12:56 <REP> d-------- C:\Program Files\a-squared Anti-Malware
      2008-05-27 01:36 . 2008-05-27 01:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-05-27 01:27 . 2008-05-27 01:27 <REP> d-------- C:\Program Files\Enigma Software Group
      2008-05-27 00:07 . 2008-05-27 00:07 <REP> d-------- C:\Documents and Settings\Sven\Application Data\AXPDefender
      2008-05-27 00:05 . 2008-05-27 00:05 160,256 --a------ C:\WINDOWS\system32\blackster.scr
      2008-05-27 00:05 . 2004-08-05 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
      2008-05-26 23:59 . 2008-05-26 23:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-05-26 23:59 . 2008-05-26 23:59 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-05-26 10:09 . 2008-05-26 10:09 244 --ah----- C:\sqmnoopt03.sqm
      2008-05-26 10:09 . 2008-05-26 10:09 232 --ah----- C:\sqmdata03.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 244 --ah----- C:\sqmnoopt02.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 232 --ah----- C:\sqmdata02.sqm
      2008-05-10 15:43 . 2008-05-10 15:43 <REP> d-------- C:\Program Files\directx
      2008-05-10 15:42 . 2008-05-10 15:42 <REP> d-------- C:\Program Files\Rockstar Games
      2008-05-06 18:24 . 2008-05-27 13:00 <REP> d-------- C:\Program Files\FAR Colony
      2008-04-29 19:28 . 2008-04-29 19:29 <REP> d-------- C:\Program Files\Lecteur CANALPLAY

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-05-28 21:42 --------- d-----w C:\Program Files\Samsung
      2008-05-28 21:39 --------- d-----w C:\Documents and Settings\Sven\Application Data\My Games
      2008-05-28 21:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-05-28 21:29 --------- d-----w C:\Program Files\Java
      2008-05-28 20:39 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
      2008-05-28 12:25 --------- d-----w C:\Program Files\Objective Tarot
      2008-05-28 12:24 --------- d-----w C:\Program Files\Nvu
      2008-05-28 12:24 --------- d-----w C:\Program Files\3DBELOTE
      2008-05-28 12:23 --------- d-----w C:\Program Files\Evrsoft First Page 2006
      2008-05-27 15:01 --------- d-----w C:\Documents and Settings\Sven\Application Data\AdobeUM
      2008-05-27 11:23 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
      2008-05-10 12:59 --------- d-----w C:\Documents and Settings\Sven\Application Data\Skype
      2008-05-10 12:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\skypePM
      2008-05-06 15:49 --------- d-----w C:\Program Files\Risk
      2008-04-28 23:34 --------- d-----w C:\Program Files\e-anim
      2008-04-26 08:47 --------- d-----w C:\Program Files\MSXML 6.0
      2008-04-25 15:33 --------- d-----w C:\Program Files\Fichiers communs\Eltima Shared
      2008-04-25 15:33 --------- d-----w C:\Program Files\Eltima Software
      2008-04-25 15:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\Eltima Software
      2008-04-25 10:48 --------- d-----w C:\Program Files\Magic Swf2Gif
      2008-04-25 10:25 --------- d-----w C:\Program Files\MSBuild
      2008-04-25 10:18 --------- d-----w C:\Program Files\Reference Assemblies
      2008-04-25 09:49 --------- d-----w C:\Program Files\Tukanas Files Converter
      2008-04-24 07:15 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
      2008-04-22 21:24 --------- d-----w C:\Program Files\Windows Live
      2008-04-22 21:23 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
      2008-04-22 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
      2008-04-06 12:21 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
      2008-04-06 12:17 --------- d-----w C:\Program Files\Skype
      2008-04-06 12:17 --------- d-----w C:\Program Files\Fichiers communs\Skype
      2008-04-06 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
      2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
      2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
      2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
      2006-12-10 15:33 81,920 ----a-w C:\Documents and Settings\Sven\Application Data\ezpinst.exe
      2006-12-10 15:33 47,360 ----a-w C:\Documents and Settings\Sven\Application Data\pcouffin.sys
      2004-08-05 12:00 4,096 --sha-w C:\WINDOWS\system32\loadsftpf.dat
      .

      ((((((((((((((((((((((((((((( snapshot@2008-05-28_16.22.19.75 )))))))))))))))))))))))))))))))))))))))))
      .
      - 2008-05-28 14:13:31 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      + 2008-05-29 08:06:52 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      - 2006-09-18 14:15:51 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
      + 2006-12-19 18:09:33 852,480 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
      + 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
      + 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
      + 2008-05-28 20:54:13 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
      "PowerBar"="" []
      "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-07 17:54 32768]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
      "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
      "Starter"="C:\WINDOWS\System32\Starter.exe" [ ]
      "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-15 02:30 98304]
      "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-15 02:27 77824]
      "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-15 02:31 118784]
      "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
      "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 17:11 925696]
      "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 21:12 102492]
      "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 21:11 692316]
      "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 23:50 88204 C:\WINDOWS\AGRSMMSG.exe]
      "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-12 13:39 58992]
      "farstone"="" []
      "RestoreIT!"="C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.exe" [2004-09-23 19:27 114688]
      "MagicKeyboard"="C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe" [2005-04-11 13:01 151552]
      "BatteryManager"="C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2006-04-25 14:05 2764800]
      "DisplayManager"="C:\Program Files\Samsung\DisplayManager\DMLoader.exe" [2005-11-16 11:13 356352]
      "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-10-01 11:12 100056]
      "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2004-05-17 07:34 360448]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-15 20:41 282624]
      "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-25 16:15 185896]
      "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [ ]
      "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
      "CanalPlayerHelper"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe" [ ]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

      C:\Documents and Settings\Sven\Menu D‚marrer\Programmes\D‚marrage\
      palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [2005-02-11 13:44:58 2301952]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-05 11:58:42 113664]
      BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-09-19 16:02:54 581693]
      DataViz Inc Messenger.lnk - C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe [2006-10-18 08:00:13 28672]
      HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe [2004-06-09 14:16:08 471040]
      Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-07 17:54:54 450560]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "vidc.mpng"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.mjpg"= C:\Program Files\t@b\[u]0[/u].956\686\tabdec.dll
      "vidc.mvjp"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.444p"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusDisableNotify"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
      "C:\\Program Files\\palmOne\\Hotsync.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"=
      "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

      R0 RITCPT;RITCPT;C:\WINDOWS\system32\drivers\RITCPT.sys [2004-05-18 23:43]
      R0 VVBackd5;VVBackd5;C:\WINDOWS\system32\drivers\VVBackd5.sys [2005-08-08 01:09]
      R2 DOSMEMIO;MEMIO;C:\WINDOWS\system32\MEMIO.SYS [2000-08-23 18:19]
      R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-05-18 23:43]
      R2 SNM WLAN Service;SNM WLAN Service;"C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe" [2005-05-28 08:35]
      R2 SRS_PostInstaller;SRS PostInstaller Service;"C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe" [2005-11-28 12:06]
      R3 wowfilter;WOW XT Filter Driver;C:\WINDOWS\system32\drivers\wowfilter.sys [2005-11-28 12:06]
      S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16:37]
      S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-11-29 12:27]
      S3 SUEPD;SUE NDIS Protocol Driver;C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2005-05-24 15:26]
      S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
      S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
      S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]
      S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]
      S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0eb1a002-4679-11dc-b74e-0016cef4a59f}]
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
      \Shell\Open(&0)\command - Recycled\ctfmon.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ab6d684-6a13-11dc-b77f-001302d435f6}]
      \Shell\AutoRun\command - cayfq2.cmd
      \Shell\explore\Command - cayfq2.cmd
      \Shell\open\Command - cayfq2.cmd

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de8676ea-8553-11dc-b795-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df119f4e-9ae3-11dc-b7a9-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe -a

      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-05-16 19:10:22 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Sven.job"
      - C:\PROGRA~1\NORTON~1\Navw32.exe
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-05-29 23:21:49
      Windows 5.1.2600 Service Pack 2 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-05-29 23:24:23
      ComboFix-quarantined-files.txt 2008-05-29 21:23:56
      ComboFix2.txt 2008-05-28 18:45:59

      Pre-Run: 49,405,763,584 octets libres
      Post-Run: 49,393,844,224 octets libres

      224 --- E O F --- 2008-05-28 14:32:42
      0
      1. Boule > Boule
         
        Et le rapport Hijackthis

        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 23:25:53, on 29/05/2008
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
        C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
        C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
        C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
        C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        C:\Program Files\Norton AntiVirus\navapsvc.exe
        C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
        C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
        C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        C:\WINDOWS\system32\rundll32.exe
        C:\WINDOWS\system32\hkcmd.exe
        C:\WINDOWS\system32\igfxpers.exe
        C:\Program Files\Analog Devices\Core\smax4pnp.exe
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\WINDOWS\AGRSMMSG.exe
        C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
        C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
        C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
        C:\WINDOWS\system32\igfxsrvc.exe
        C:\WINDOWS\system32\igfxext.exe
        C:\Program Files\QuickTime\qttask.exe
        C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
        C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
        C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
        C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
        C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
        C:\Program Files\Logitech\QuickCam\Quickcam.exe
        C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
        C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
        C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
        C:\Program Files\palmOne\Hotsync.exe
        C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
        C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
        C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
        C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
        C:\Program Files\Windows Live\Messenger\usnsvc.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
        C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
        C:\WINDOWS\explorer.exe
        C:\WINDOWS\system32\notepad.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.veosearch.com/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
        O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
        O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
        O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
        O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
        O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
        O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
        O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
        O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
        O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
        O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
        O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
        O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
        O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
        O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
        O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
        O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
        O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
        O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
        O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
        O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
        O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
        O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
        O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
        O4 - Global Startup: BTTray.lnk = ?
        O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
        O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
        O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
        O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
        O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
        O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
        O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
        O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
        O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
        O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
        O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
        O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
        O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
        O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
        O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
        O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
        O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
        O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
        O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
        O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
        O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
        O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
        O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
        O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
        O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
        O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
        O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
        O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
        O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
        O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
        0
      2. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041 > Boule
         
        tu as mal fais le message précédent . Recommence et donne le bon nom au script . Et renomme killbagle en combofix
        0
      3. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041 > Boule
         
        tu as mal fais le message précédent . Recommence et donne le bon nom au script . Et renomme killbagle en combofix
        0
      4. boule > jlpjlp Messages postés 52399 Statut Contributeur sécurité
         
        En espérant ne pas avoir fait d'erreurs de manipulation..
        Voici le rapport Combofix :

        ComboFix 08-05-27.4 - Sven 2008-05-31 17:10:31.5 - NTFSx86
        Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.534 [GMT 2:00]
        Endroit: C:\Documents and Settings\Sven\Bureau\ComboFix.exe
        Command switches used :: C:\Documents and Settings\Sven\Bureau\CFScript.txt
        * Création d'un nouveau point de restauration

        [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

        FILE ::
        C:\Documents and Settings\Sven\Application Data\AXPDefender
        C:\WINDOWS\system32\blackster.scr
        .

        (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
        .

        C:\WINDOWS\system32\blackster.scr

        .
        ((((((((((((((((((((((((((((( Fichiers créés 2008-04-28 to 2008-05-31 ))))))))))))))))))))))))))))))))))))
        .

        2008-05-28 23:34 . 2008-05-28 23:34 <REP> d-------- C:\Documents and Settings\Sven\Application Data\MSNInstaller
        2008-05-28 22:40 . 2008-05-28 22:40 0 --a------ C:\WINDOWS\nsreg.dat
        2008-05-28 15:53 . 2008-05-28 15:53 5,512 --a------ C:\WINDOWS\system32\tmp.reg
        2008-05-28 15:44 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
        2008-05-28 15:44 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
        2008-05-28 15:44 . 2008-05-27 13:54 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
        2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
        2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
        2008-05-28 15:44 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
        2008-05-28 15:44 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
        2008-05-28 15:44 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
        2008-05-28 14:20 . 2008-05-28 14:20 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
        2008-05-28 00:39 . 2008-05-28 00:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
        2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
        2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
        2008-05-28 00:36 . 2005-11-08 07:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
        2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
        2008-05-28 00:36 . 2005-11-08 08:03 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
        2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
        2008-05-28 00:36 . 2006-08-25 16:03 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
        2008-05-28 00:36 . 2006-05-17 15:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
        2008-05-28 00:36 . 2008-05-28 00:36 <REP> d-------- C:\Documents and Settings\Administrateur
        2008-05-27 15:57 . 2008-05-27 16:07 <REP> d-------- C:\Program Files\RogueRemover FREE
        2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
        2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Malwarebytes
        2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
        2008-05-27 13:55 . 2008-05-27 13:55 <REP> d-------- C:\Program Files\Trend Micro
        2008-05-27 11:33 . 2008-05-27 12:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
        2008-05-27 11:33 . 2008-05-27 12:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
        2008-05-27 10:12 . 2008-05-27 10:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
        2008-05-27 10:01 . 2008-05-27 12:56 <REP> d-------- C:\Program Files\a-squared Anti-Malware
        2008-05-27 01:36 . 2008-05-27 01:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
        2008-05-27 01:27 . 2008-05-27 01:27 <REP> d-------- C:\Program Files\Enigma Software Group
        2008-05-27 00:07 . 2008-05-27 00:07 <REP> d-------- C:\Documents and Settings\Sven\Application Data\AXPDefender
        2008-05-27 00:05 . 2004-08-05 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
        2008-05-26 23:59 . 2008-05-26 23:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
        2008-05-26 23:59 . 2008-05-26 23:59 1,409 --a------ C:\WINDOWS\QTFont.for
        2008-05-26 10:09 . 2008-05-26 10:09 244 --ah----- C:\sqmnoopt03.sqm
        2008-05-26 10:09 . 2008-05-26 10:09 232 --ah----- C:\sqmdata03.sqm
        2008-05-20 12:43 . 2008-05-20 12:43 244 --ah----- C:\sqmnoopt02.sqm
        2008-05-20 12:43 . 2008-05-20 12:43 232 --ah----- C:\sqmdata02.sqm
        2008-05-10 15:43 . 2008-05-10 15:43 <REP> d-------- C:\Program Files\directx
        2008-05-10 15:42 . 2008-05-10 15:42 <REP> d-------- C:\Program Files\Rockstar Games
        2008-05-06 18:24 . 2008-05-27 13:00 <REP> d-------- C:\Program Files\FAR Colony
        2008-04-29 19:28 . 2008-04-29 19:29 <REP> d-------- C:\Program Files\Lecteur CANALPLAY
        2008-04-26 10:47 . 2008-04-26 10:47 <REP> d-------- C:\Program Files\MSXML 6.0
        2008-04-25 17:33 . 2008-04-25 17:33 <REP> d-------- C:\Program Files\Fichiers communs\Eltima Shared
        2008-04-25 17:33 . 2008-04-25 17:33 <REP> d-------- C:\Program Files\Eltima Software
        2008-04-25 17:33 . 2008-04-25 17:33 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Eltima Software
        2008-04-25 17:33 . 2008-05-27 13:23 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
        2008-04-25 17:33 . 2007-12-02 15:14 3,345,408 --a------ C:\WINDOWS\system32\avcodec-51.dll
        2008-04-25 17:33 . 2007-12-02 15:14 448,512 --a------ C:\WINDOWS\system32\avformat-50.dll
        2008-04-25 17:33 . 2007-12-02 15:13 40,960 --a------ C:\WINDOWS\wavdest.ax
        2008-04-25 17:33 . 2007-12-02 15:14 19,968 --a------ C:\WINDOWS\system32\avutil-49.dll
        2008-04-25 12:48 . 2008-04-25 12:48 <REP> d-------- C:\Program Files\Magic Swf2Gif
        2008-04-25 12:34 . 2008-04-25 12:34 66,632 --a------ C:\image (1).jpg
        2008-04-25 12:34 . 2008-04-25 12:59 9,380 --a------ C:\image1.gif
        2008-04-25 12:32 . 2008-04-25 12:32 68 --ahs---- C:\WINDOWS\system32\windzfa0.sys
        2008-04-25 12:25 . 2008-04-25 12:25 <REP> d-------- C:\Program Files\MSBuild
        2008-04-25 12:19 . 2008-04-25 12:26 <REP> d-------- C:\WINDOWS\system32\XPSViewer
        2008-04-25 12:18 . 2008-04-25 12:18 <REP> d-------- C:\Program Files\Reference Assemblies
        2008-04-25 12:17 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
        2008-04-25 11:49 . 2008-04-25 11:49 <REP> d-------- C:\Program Files\Tukanas Files Converter
        2008-04-24 20:02 . 2008-04-29 01:34 <REP> d-------- C:\Program Files\e-anim
        2008-04-24 09:15 . 2008-04-24 09:15 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
        2008-04-23 10:23 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
        2008-04-23 10:23 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
        2008-04-23 10:23 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
        2008-04-22 23:23 . 2008-04-22 23:23 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
        2008-04-22 23:22 . 2008-04-22 23:24 <REP> d-------- C:\Program Files\Windows Live
        2008-04-22 23:22 . 2008-04-22 23:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
        2008-04-20 22:56 . 2008-04-21 18:49 <REP> d-------- C:\WINDOWS\system32\Adobe
        2008-04-06 14:21 . 2008-05-10 14:33 <REP> d-------- C:\Documents and Settings\Sven\Application Data\skypePM
        2008-04-06 14:21 . 2008-04-06 14:21 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
        2008-04-06 14:18 . 2008-05-10 14:59 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Skype
        2008-04-06 14:17 . 2008-04-06 14:17 <REP> d-------- C:\Program Files\Fichiers communs\Skype
        2008-04-06 14:17 . 2008-04-06 14:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
        2008-04-01 12:23 . 2001-08-17 21:56 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
        2008-04-01 12:23 . 2001-08-17 21:56 7,552 --a--c--- C:\WINDOWS\system32\dllcache\sonypvu1.sys

        .
        (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
        .
        2008-05-31 15:04 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
        2008-05-28 21:42 --------- d-----w C:\Program Files\Samsung
        2008-05-28 21:39 --------- d-----w C:\Documents and Settings\Sven\Application Data\My Games
        2008-05-28 21:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
        2008-05-28 21:29 --------- d-----w C:\Program Files\Java
        2008-05-28 12:25 --------- d-----w C:\Program Files\Objective Tarot
        2008-05-28 12:24 --------- d-----w C:\Program Files\Nvu
        2008-05-28 12:24 --------- d-----w C:\Program Files\3DBELOTE
        2008-05-28 12:23 --------- d-----w C:\Program Files\Evrsoft First Page 2006
        2008-05-27 15:01 --------- d-----w C:\Documents and Settings\Sven\Application Data\AdobeUM
        2008-05-06 15:49 --------- d-----w C:\Program Files\Risk
        2008-04-06 12:17 --------- d-----w C:\Program Files\Skype
        2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
        2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
        2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
        2008-02-26 12:00 294,912 ----a-w C:\WINDOWS\system32\msctf.dll
        2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
        2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
        2008-02-16 09:32 670,208 ----a-w C:\WINDOWS\system32\wininet.dll
        2006-12-10 15:33 81,920 ----a-w C:\Documents and Settings\Sven\Application Data\ezpinst.exe
        2006-12-10 15:33 47,360 ----a-w C:\Documents and Settings\Sven\Application Data\pcouffin.sys
        2004-08-05 12:00 4,096 --sha-w C:\WINDOWS\system32\loadsftpf.dat
        .

        ((((((((((((((((((((((((((((( snapshot@2008-05-28_16.22.19.75 )))))))))))))))))))))))))))))))))))))))))
        .
        + 2007-06-26 14:46:09 851,968 ----a-w C:\WINDOWS\$hf_mig$\KB938127\SP2QFE\vgx.dll
        + 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spmsg.dll
        + 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB938127\spuninst.exe
        + 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\spcustom.dll
        + 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\update.exe
        + 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB938127\update\updspapi.dll
        + 2007-12-18 14:32:57 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\jscript.dll
        + 2007-12-18 14:32:57 417,792 ----a-w C:\WINDOWS\$hf_mig$\KB944338\SP2QFE\vbscript.dll
        + 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spmsg.dll
        + 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944338\spuninst.exe
        + 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\spcustom.dll
        + 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\update.exe
        + 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944338\update\updspapi.dll
        - 2008-05-28 14:13:31 2,048 --s-a-w C:\WINDOWS\bootstat.dat
        + 2008-05-30 18:20:03 2,048 --s-a-w C:\WINDOWS\bootstat.dat
        - 2006-10-23 15:34:35 1,022,976 ----a-w C:\WINDOWS\system32\browseui.dll
        + 2008-02-16 09:31:57 1,024,512 ----a-w C:\WINDOWS\system32\browseui.dll
        - 2006-10-23 15:34:35 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
        + 2008-02-16 09:31:57 152,064 ----a-w C:\WINDOWS\system32\cdfview.dll
        - 2006-10-23 15:34:36 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
        + 2008-02-16 09:31:58 1,056,768 ----a-w C:\WINDOWS\system32\danim.dll
        - 2006-10-23 15:34:35 1,022,976 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
        + 2008-02-16 09:31:57 1,024,512 -c--a-w C:\WINDOWS\system32\dllcache\browseui.dll
        - 2006-10-23 15:34:35 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
        + 2008-02-16 09:31:57 152,064 -c--a-w C:\WINDOWS\system32\dllcache\cdfview.dll
        - 2006-10-23 15:34:36 1,056,768 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
        + 2008-02-16 09:31:58 1,056,768 -c--a-w C:\WINDOWS\system32\dllcache\danim.dll
        - 2006-10-23 15:34:36 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
        + 2008-02-16 09:31:58 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
        - 2006-10-23 15:34:36 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
        + 2008-02-16 09:31:58 205,312 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
        - 2006-10-23 15:34:36 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
        + 2008-02-16 09:31:58 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
        - 2006-10-23 11:02:37 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
        + 2008-02-15 09:07:53 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
        - 2006-10-23 15:34:36 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
        + 2008-02-16 09:31:58 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
        - 2006-10-23 15:34:36 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
        + 2008-02-16 09:31:58 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
        - 2006-05-18 05:31:21 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
        + 2007-12-18 14:41:58 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
        - 2006-10-23 15:34:36 15,872 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
        + 2008-02-16 09:31:58 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
        - 2006-10-23 15:34:38 3,082,240 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
        + 2008-02-16 09:31:59 3,087,872 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
        - 2006-10-23 15:34:37 448,512 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
        + 2008-02-16 09:31:59 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
        - 2006-10-23 15:34:37 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
        + 2008-02-16 09:31:59 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
        - 2006-10-23 15:34:37 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
        + 2008-02-16 09:31:59 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
        - 2006-10-23 15:34:37 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
        + 2008-02-16 09:31:59 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
        - 2006-10-23 15:34:38 1,497,600 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
        + 2008-02-16 09:32:00 1,499,648 -c--a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
        - 2006-10-23 15:34:38 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
        + 2008-02-16 09:32:00 474,624 -c--a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
        - 2006-10-23 15:34:38 617,984 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
        + 2008-02-16 09:32:00 620,544 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
        - 2004-08-05 12:00:00 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
        + 2007-12-18 14:41:59 417,792 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
        - 2006-09-18 14:15:51 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
        + 2007-06-26 13:56:54 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
        - 2006-10-23 15:34:38 668,672 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
        + 2008-02-16 09:32:00 670,208 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
        - 2006-10-23 15:34:36 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
        + 2008-02-16 09:31:58 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
        - 2006-10-23 15:34:36 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
        + 2008-02-16 09:31:58 205,312 ----a-w C:\WINDOWS\system32\dxtrans.dll
        - 2006-10-23 15:34:36 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
        + 2008-02-16 09:31:58 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
        - 2006-10-23 15:34:36 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
        + 2008-02-16 09:31:58 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
        - 2006-10-23 15:34:36 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
        + 2008-02-16 09:31:58 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
        - 2006-05-18 05:31:21 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
        + 2007-12-18 14:41:58 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
        - 2006-10-23 15:34:36 15,872 ----a-w C:\WINDOWS\system32\jsproxy.dll
        + 2008-02-16 09:31:58 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
        + 2008-03-25 03:21:18 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
        + 2008-03-25 03:21:20 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
        + 2008-05-28 20:54:13 70,264 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
        - 2006-10-23 15:34:38 3,082,240 ----a-w C:\WINDOWS\system32\mshtml.dll
        + 2008-02-16 09:31:59 3,087,872 ----a-w C:\WINDOWS\system32\mshtml.dll
        - 2006-10-23 15:34:37 448,512 ----a-w C:\WINDOWS\system32\mshtmled.dll
        + 2008-02-16 09:31:59 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
        - 2006-10-23 15:34:37 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
        + 2008-02-16 09:31:59 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
        - 2006-10-23 15:34:37 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
        + 2008-02-16 09:31:59 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
        - 2006-10-23 15:34:37 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
        + 2008-02-16 09:31:59 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
        - 2006-10-23 15:34:38 1,497,600 ----a-w C:\WINDOWS\system32\shdocvw.dll
        + 2008-02-16 09:32:00 1,499,648 ----a-w C:\WINDOWS\system32\shdocvw.dll
        - 2006-10-23 15:34:38 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
        + 2008-02-16 09:32:00 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
        - 2006-10-23 15:34:38 617,984 ----a-w C:\WINDOWS\system32\urlmon.dll
        + 2008-02-16 09:32:00 620,544 ----a-w C:\WINDOWS\system32\urlmon.dll
        - 2004-08-05 12:00:00 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
        + 2007-12-18 14:41:59 417,792 ----a-w C:\WINDOWS\system32\vbscript.dll
        - 2007-10-29 15:07:16 369,152 ----a-w C:\WINDOWS\system32\xpsp3res.dll
        + 2008-02-15 23:03:14 370,176 ----a-w C:\WINDOWS\system32\xpsp3res.dll
        .
        -- Snapshot reset to current date --
        .
        ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
        .
        .
        REGEDIT4
        *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

        [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
        "PowerBar"="" []
        "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-07 17:54 32768]
        "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
        "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
        "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
        "Starter"="C:\WINDOWS\System32\Starter.exe" [ ]
        "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-15 02:30 98304]
        "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-15 02:27 77824]
        "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-15 02:31 118784]
        "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
        "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 17:11 925696]
        "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 21:12 102492]
        "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 21:11 692316]
        "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 23:50 88204 C:\WINDOWS\AGRSMMSG.exe]
        "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-12 13:39 58992]
        "farstone"="" []
        "RestoreIT!"="C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.exe" [2004-09-23 19:27 114688]
        "MagicKeyboard"="C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe" [2005-04-11 13:01 151552]
        "BatteryManager"="C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2006-04-25 14:05 2764800]
        "DisplayManager"="C:\Program Files\Samsung\DisplayManager\DMLoader.exe" [2005-11-16 11:13 356352]
        "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-10-01 11:12 100056]
        "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2004-05-17 07:34 360448]
        "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-15 20:41 282624]
        "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-25 16:15 185896]
        "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [ ]
        "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
        "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
        "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
        "CanalPlayerHelper"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe" [ ]
        "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

        [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
        "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

        C:\Documents and Settings\Sven\Menu D‚marrer\Programmes\D‚marrage\
        palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [2005-02-11 13:44:58 2301952]

        C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
        Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-05 11:58:42 113664]
        BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-09-19 16:02:54 581693]
        DataViz Inc Messenger.lnk - C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe [2006-10-18 08:00:13 28672]
        HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe [2004-06-09 14:16:08 471040]
        Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
        Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-07 17:54:54 450560]

        [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
        "vidc.mpng"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
        "vidc.mjpg"= C:\Program Files\t@b\[u]0[/u].956\686\tabdec.dll
        "vidc.mvjp"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
        "vidc.444p"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll

        [HKEY_LOCAL_MACHINE\software\microsoft\security center]
        "AntiVirusDisableNotify"=dword:00000001

        [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
        "DisableMonitoring"=dword:00000001

        [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
        "DisableMonitoring"=dword:00000001

        [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
        "%windir%\\system32\\sessmgr.exe"=
        "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
        "C:\\Program Files\\palmOne\\Hotsync.exe"=
        "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
        "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
        "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
        "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
        "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"=
        "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

        R0 RITCPT;RITCPT;C:\WINDOWS\system32\drivers\RITCPT.sys [2004-05-18 23:43]
        R0 VVBackd5;VVBackd5;C:\WINDOWS\system32\drivers\VVBackd5.sys [2005-08-08 01:09]
        R2 DOSMEMIO;MEMIO;C:\WINDOWS\system32\MEMIO.SYS [2000-08-23 18:19]
        R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-05-18 23:43]
        R3 wowfilter;WOW XT Filter Driver;C:\WINDOWS\system32\drivers\wowfilter.sys [2005-11-28 12:06]
        S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16:37]
        S3 SUEPD;SUE NDIS Protocol Driver;C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2005-05-24 15:26]
        S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
        S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
        S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]
        S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]
        S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0eb1a002-4679-11dc-b74e-0016cef4a59f}]
        \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
        \Shell\Open(&0)\command - Recycled\ctfmon.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ab6d684-6a13-11dc-b77f-001302d435f6}]
        \Shell\AutoRun\command - cayfq2.cmd
        \Shell\explore\Command - cayfq2.cmd
        \Shell\open\Command - cayfq2.cmd

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de8676ea-8553-11dc-b795-001302d435f6}]
        \Shell\AutoRun\command - E:\LaunchU3.exe

        [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df119f4e-9ae3-11dc-b7a9-001302d435f6}]
        \Shell\AutoRun\command - E:\LaunchU3.exe -a

        .
        Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
        "2008-05-30 18:06:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Sven.job"
        - C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
        .
        **************************************************************************

        catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
        Rootkit scan 2008-05-31 17:14:56
        Windows 5.1.2600 Service Pack 2 NTFS

        Balayage processus cachés ...

        Balayage caché autostart entries ...

        Balayage des fichiers cachés ...

        Scan terminé avec succès
        Les fichiers cachés: 0

        **************************************************************************
        .
        Temps d'accomplissement: 2008-05-31 17:23:19
        ComboFix-quarantined-files.txt 2008-05-31 15:22:40
        ComboFix2.txt 2008-05-29 21:24:24
        ComboFix3.txt 2008-05-28 18:45:59

        Pre-Run: 49,299,410,944 octets libres
        Post-Run: 49,281,765,376 octets libres

        343 --- E O F --- 2008-05-30 18:02:55
        0
  8. boule
     
    Et le rapport Hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:33:49, on 31/05/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
    C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
    C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe
    C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Samsung\DisplayManager\DisplayManager.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\WINDOWS\system32\igfxext.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
    C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    C:\Program Files\palmOne\Hotsync.exe
    C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
    C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.veosearch.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~2\VMNTOO~1.DLL
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Starter] C:\WINDOWS\System32\Starter.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAShCut.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.EXE" VBStart
    O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe
    O4 - HKLM\..\Run: [BatteryManager] C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe
    O4 - HKLM\..\Run: [DisplayManager] C:\Program Files\Samsung\DisplayManager\DMLoader.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [Samsung Common SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: palmOne Registration.lnk = C:\Program Files\palmOne\register.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: DataViz Inc Messenger.lnk = C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\palmOne\Hotsync.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=https://www.orange.fr/portail
    O16 - DPF: {1DE9BB01-B121-401D-8877-BCD5ED5B7EE5} (Tpwin Control) - https://www.crezio.com/test/leeyunho/AlwaysOn/AlwaysOn.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: bw+0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {6F2C886C-E41A-40B3-AEE3-A7E25F75EC4A} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: SNM WLAN Service - Unknown owner - C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs, Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
    0
  9. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    refais avec ceci

    Ferme tout tes navigateurs (donc copie ou imprime les instructions avant)

    Crée un nouveau document texte : clic droit de souris sur le bureau > Nouveau > Document Texte, et copie dedans les lignes suivantes :

    File::
    C:\WINDOWS\system32\blackster.scr
    C:\Documents and Settings\Sven\Application Data\AXPDefender
    C:\WINDOWS\system32\beep.sys k

    Enregistre ce fichier sous le nom CFscript

    Fait un glisser/déposer de ce fichier CFscrïpt sur le fichier ComboFix.exe

    Clique sur le fichier CFScript, maintient le doigt enfoncé et glisse la souris pour que l'icône du CFScript vienne recouvrir l'icône de Combofix. Relache la souris. Combofix va démarrer.

    Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

    Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

    Ne touche à rien tant que le scan n'est pas terminé.

    Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

    et dis tes soucis actuels

    Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
    0
    1. Boule
       
      Voici le rapport COmbofix..
      Pendant l'analyse et après l'analyse, les messages suivants sont apparus :
      - Impossible d'appeler la valeur registre suivante : 84b1450f165cc83a
      - Impossible d'appeler la valeur registre suivante : : 4145771832e9a844
      Suite à l'analyse, disparition du bureau (il a fallut redémarrer le PC)

      ComboFix 08-05-27.4 - Sven 2008-06-01 11:23:49.6 - NTFSx86
      Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.523 [GMT 2:00]
      Endroit: C:\Documents and Settings\Sven\Bureau\ComboFix.exe
      Command switches used :: C:\Documents and Settings\Sven\Bureau\CFscript.txt
      * Création d'un nouveau point de restauration

      [color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

      FILE ::
      C:\Documents and Settings\Sven\Application Data\AXPDefender
      C:\WINDOWS\system32\beep.sys k
      C:\WINDOWS\system32\blackster.scr
      .

      ((((((((((((((((((((((((((((( Fichiers créés 2008-05-01 to 2008-06-01 ))))))))))))))))))))))))))))))))))))
      .

      2008-05-31 18:18 . 2008-05-31 18:19 <REP> d-------- C:\1c21725317a365130bd78fc4a8
      2008-05-31 18:17 . 2008-05-31 18:17 <REP> d-------- C:\WINDOWS\LastGood
      2008-05-28 23:34 . 2008-05-28 23:34 <REP> d-------- C:\Documents and Settings\Sven\Application Data\MSNInstaller
      2008-05-28 22:40 . 2008-05-28 22:40 0 --a------ C:\WINDOWS\nsreg.dat
      2008-05-28 15:53 . 2008-05-28 15:53 5,512 --a------ C:\WINDOWS\system32\tmp.reg
      2008-05-28 15:44 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
      2008-05-28 15:44 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
      2008-05-28 15:44 . 2008-05-27 13:54 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
      2008-05-28 15:44 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\404Fix.exe
      2008-05-28 15:44 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
      2008-05-28 15:44 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
      2008-05-28 15:44 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
      2008-05-28 14:20 . 2008-05-31 18:22 889 --a------ C:\WINDOWS\system32\spupdsvc.inf
      2008-05-28 00:39 . 2008-05-28 00:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Malwarebytes
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
      2008-05-28 00:36 . 2005-11-08 07:09 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Mes documents
      2008-05-28 00:36 . 2005-11-08 08:03 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
      2008-05-28 00:36 . 2005-11-08 07:22 <REP> dr------- C:\Documents and Settings\Administrateur\Favoris
      2008-05-28 00:36 . 2006-08-25 16:03 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
      2008-05-28 00:36 . 2006-05-17 15:32 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Symantec
      2008-05-28 00:36 . 2008-05-28 00:36 <REP> d-------- C:\Documents and Settings\Administrateur
      2008-05-27 15:57 . 2008-05-27 16:07 <REP> d-------- C:\Program Files\RogueRemover FREE
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\Sven\Application Data\Malwarebytes
      2008-05-27 15:13 . 2008-05-27 15:13 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
      2008-05-27 13:55 . 2008-05-27 13:55 <REP> d-------- C:\Program Files\Trend Micro
      2008-05-27 11:33 . 2008-05-27 12:40 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
      2008-05-27 11:33 . 2008-05-27 12:58 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-05-27 10:12 . 2008-05-27 10:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
      2008-05-27 10:01 . 2008-05-27 12:56 <REP> d-------- C:\Program Files\a-squared Anti-Malware
      2008-05-27 01:36 . 2008-05-27 01:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-05-27 01:27 . 2008-05-27 01:27 <REP> d-------- C:\Program Files\Enigma Software Group
      2008-05-27 00:07 . 2008-05-27 00:07 <REP> d-------- C:\Documents and Settings\Sven\Application Data\AXPDefender
      2008-05-27 00:05 . 2004-08-05 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
      2008-05-26 23:59 . 2008-05-26 23:59 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-05-26 23:59 . 2008-05-26 23:59 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-05-26 10:09 . 2008-05-26 10:09 244 --ah----- C:\sqmnoopt03.sqm
      2008-05-26 10:09 . 2008-05-26 10:09 232 --ah----- C:\sqmdata03.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 244 --ah----- C:\sqmnoopt02.sqm
      2008-05-20 12:43 . 2008-05-20 12:43 232 --ah----- C:\sqmdata02.sqm
      2008-05-10 15:43 . 2008-05-10 15:43 <REP> d-------- C:\Program Files\directx
      2008-05-10 15:42 . 2008-05-10 15:42 <REP> d-------- C:\Program Files\Rockstar Games
      2008-05-06 18:24 . 2008-05-27 13:00 <REP> d-------- C:\Program Files\FAR Colony

      .
      (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-05-31 15:04 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
      2008-05-28 21:42 --------- d-----w C:\Program Files\Samsung
      2008-05-28 21:39 --------- d-----w C:\Documents and Settings\Sven\Application Data\My Games
      2008-05-28 21:38 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2008-05-28 21:29 --------- d-----w C:\Program Files\Java
      2008-05-28 12:25 --------- d-----w C:\Program Files\Objective Tarot
      2008-05-28 12:24 --------- d-----w C:\Program Files\Nvu
      2008-05-28 12:24 --------- d-----w C:\Program Files\3DBELOTE
      2008-05-28 12:23 --------- d-----w C:\Program Files\Evrsoft First Page 2006
      2008-05-27 15:01 --------- d-----w C:\Documents and Settings\Sven\Application Data\AdobeUM
      2008-05-27 11:23 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
      2008-05-10 12:59 --------- d-----w C:\Documents and Settings\Sven\Application Data\Skype
      2008-05-10 12:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\skypePM
      2008-05-06 15:49 --------- d-----w C:\Program Files\Risk
      2008-04-29 17:29 --------- d-----w C:\Program Files\Lecteur CANALPLAY
      2008-04-28 23:34 --------- d-----w C:\Program Files\e-anim
      2008-04-26 08:47 --------- d-----w C:\Program Files\MSXML 6.0
      2008-04-25 15:33 --------- d-----w C:\Program Files\Fichiers communs\Eltima Shared
      2008-04-25 15:33 --------- d-----w C:\Program Files\Eltima Software
      2008-04-25 15:33 --------- d-----w C:\Documents and Settings\Sven\Application Data\Eltima Software
      2008-04-25 10:48 --------- d-----w C:\Program Files\Magic Swf2Gif
      2008-04-25 10:25 --------- d-----w C:\Program Files\MSBuild
      2008-04-25 10:18 --------- d-----w C:\Program Files\Reference Assemblies
      2008-04-25 09:49 --------- d-----w C:\Program Files\Tukanas Files Converter
      2008-04-24 07:15 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
      2008-04-22 21:24 --------- d-----w C:\Program Files\Windows Live
      2008-04-22 21:23 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
      2008-04-22 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
      2008-04-06 12:21 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
      2008-04-06 12:17 --------- d-----w C:\Program Files\Skype
      2008-04-06 12:17 --------- d-----w C:\Program Files\Fichiers communs\Skype
      2008-04-06 12:17 --------- d-----w C:\Documents and Settings\All Users\Application Data\Skype
      2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
      2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
      2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
      2006-12-10 15:33 81,920 ----a-w C:\Documents and Settings\Sven\Application Data\ezpinst.exe
      2006-12-10 15:33 47,360 ----a-w C:\Documents and Settings\Sven\Application Data\pcouffin.sys
      2004-08-05 12:00 4,096 --sha-w C:\WINDOWS\system32\loadsftpf.dat
      .

      ((((((((((((((((((((((((((((( snapshot_2008-05-31_17.19.17,18 )))))))))))))))))))))))))))))))))))))))))
      .
      - 2008-05-30 18:20:03 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      + 2008-05-31 16:01:48 2,048 --s-a-w C:\WINDOWS\bootstat.dat
      + 2004-08-05 12:00:00 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
      + 2004-08-05 12:00:00 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
      + 2004-08-05 12:00:00 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
      + 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
      + 2008-02-16 09:31:58 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
      + 2008-02-16 09:31:58 205,312 -c----w C:\WINDOWS\ie7\dxtrans.dll
      + 2008-02-16 09:31:58 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
      + 2004-08-05 12:00:00 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
      + 2004-08-05 12:00:00 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
      + 2004-08-05 12:00:00 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
      + 2004-08-05 12:00:00 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
      + 2004-08-05 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
      + 2004-08-05 12:00:00 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
      + 2008-02-15 09:07:53 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
      + 2004-08-05 12:00:00 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
      + 2008-02-16 09:31:58 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll
      + 2004-08-05 12:00:00 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
      + 2004-08-05 12:00:00 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
      + 2004-08-05 12:00:00 93,184 -c----w C:\WINDOWS\ie7\iexplore.exe
      + 2004-08-05 12:00:00 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
      + 2008-02-16 09:31:58 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
      + 2007-12-18 14:41:58 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
      + 2008-02-16 09:31:58 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
      + 2004-08-05 12:00:00 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
      + 2004-08-05 12:00:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
      + 2008-02-16 09:31:59 3,087,872 -c----w C:\WINDOWS\ie7\mshtml.dll
      + 2008-02-16 09:31:59 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
      + 2004-08-05 12:00:00 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
      + 2004-08-05 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
      + 2008-02-16 09:31:59 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
      + 2008-02-16 09:31:59 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
      + 2004-08-05 12:00:00 97,280 -c----w C:\WINDOWS\ie7\occache.dll
      + 2008-02-16 09:31:59 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
      + 2007-09-26 16:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
      + 2007-09-26 16:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
      + 2006-09-06 15:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
      + 2006-09-06 15:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
      + 2004-08-05 12:00:00 37,888 -c----w C:\WINDOWS\ie7\url.dll
      + 2008-02-16 09:32:00 620,544 -c----w C:\WINDOWS\ie7\urlmon.dll
      + 2007-12-18 14:41:59 417,792 -c----w C:\WINDOWS\ie7\vbscript.dll
      + 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
      + 2004-08-05 12:00:00 281,600 -c----w C:\WINDOWS\ie7\webcheck.dll
      + 2008-02-16 09:32:00 670,208 -c----w C:\WINDOWS\ie7\wininet.dll
      + 2007-08-13 16:36:26 61,952 ------w C:\WINDOWS\system32\icardie.dll
      + 2007-02-12 14:10:12 2,451,312 ------w C:\WINDOWS\system32\ieapfltr.dat
      + 2007-07-11 10:27:48 383,488 ------w C:\WINDOWS\system32\ieapfltr.dll
      + 2007-08-13 16:54:10 6,049,280 ------w C:\WINDOWS\system32\ieframe.dll
      + 2007-08-13 16:34:04 266,752 ------w C:\WINDOWS\system32\iertutil.dll
      - 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
      + 2007-08-13 16:39:10 13,312 ----a-w C:\WINDOWS\system32\ieudinit.exe
      + 2007-08-13 16:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
      + 2007-08-13 16:54:10 458,752 ------w C:\WINDOWS\system32\msfeeds.dll
      + 2007-08-13 16:54:10 50,688 ------w C:\WINDOWS\system32\msfeedsbs.dll
      + 2007-08-13 16:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
      + 2007-08-13 16:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
      .
      -- Snapshot reset to current date --
      .
      ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00 15360]
      "PowerBar"="" []
      "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-07 17:54 32768]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
      "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-05 14:00 110592 C:\WINDOWS\system32\bthprops.cpl]
      "Starter"="C:\WINDOWS\System32\Starter.exe" [ ]
      "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2005-12-15 02:30 98304]
      "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2005-12-15 02:27 77824]
      "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2005-12-15 02:31 118784]
      "Raccourci vers la page des propriétés de High Definition Audio"="HDAShCut.exe" [2005-01-07 17:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
      "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 17:11 925696]
      "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 21:12 102492]
      "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 21:11 692316]
      "AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 23:50 88204 C:\WINDOWS\AGRSMMSG.exe]
      "ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2005-04-12 13:39 58992]
      "farstone"="" []
      "RestoreIT!"="C:\Program Files\Phoenix Technologies Ltd\RecoverPro_XP\VBPTASK.exe" [2004-09-23 19:27 114688]
      "MagicKeyboard"="C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe" [2005-04-11 13:01 151552]
      "BatteryManager"="C:\Program Files\Samsung\Samsung Battery Manager\BatteryManager.exe" [2006-04-25 14:05 2764800]
      "DisplayManager"="C:\Program Files\Samsung\DisplayManager\DMLoader.exe" [2005-11-16 11:13 356352]
      "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2006-10-01 11:12 100056]
      "Samsung Common SM"="C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" [2004-05-17 07:34 360448]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-15 20:41 282624]
      "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-01-25 16:15 185896]
      "LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [ ]
      "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 16:17 159744]
      "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 17:33 563984]
      "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 17:37 2178832]
      "CanalPlayerHelper"="C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe" [ ]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 14:00 15360]

      C:\Documents and Settings\Sven\Menu D‚marrer\Programmes\D‚marrage\
      palmOne Registration.lnk - C:\Program Files\palmOne\register.exe [2005-02-11 13:44:58 2301952]

      C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
      Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-10-05 11:58:42 113664]
      BTTray.lnk - C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe [2005-09-19 16:02:54 581693]
      DataViz Inc Messenger.lnk - C:\Program Files\Fichiers communs\DataViz\DvzIncMsgr.exe [2006-10-18 08:00:13 28672]
      HotSync Manager.lnk - C:\Program Files\palmOne\Hotsync.exe [2004-06-09 14:16:08 471040]
      Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
      Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-03-07 17:54:54 450560]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
      "vidc.mpng"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.mjpg"= C:\Program Files\t@b\[u]0[/u].956\686\tabdec.dll
      "vidc.mvjp"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll
      "vidc.444p"= C:\Program Files\t@b\[u]0[/u].958\686\tabdec.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusDisableNotify"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001

      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
      "C:\\Program Files\\palmOne\\Hotsync.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword.exe"=
      "C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Beyond the Sword\\Civ4BeyondSword_PitBoss.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
      "C:\\Program Files\\Lecteur CANALPLAY\\CanalPlayer.exe"=
      "C:\\Program Files\\Skype\\Phone\\Skype.exe"=

      R0 RITCPT;RITCPT;C:\WINDOWS\system32\drivers\RITCPT.sys [2004-05-18 23:43]
      R0 VVBackd5;VVBackd5;C:\WINDOWS\system32\drivers\VVBackd5.sys [2005-08-08 01:09]
      R2 DOSMEMIO;MEMIO;C:\WINDOWS\system32\MEMIO.SYS [2000-08-23 18:19]
      R2 FBAPI;FBAPI;C:\WINDOWS\system32\drivers\FBAPI.sys [2004-05-18 23:43]
      R2 SNM WLAN Service;SNM WLAN Service;"C:\Program Files\samsung\Samsung Network Manager\SNMWLANService.exe" [2005-05-28 08:35]
      R2 SRS_PostInstaller;SRS PostInstaller Service;"C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe" [2005-11-28 12:06]
      R3 wowfilter;WOW XT Filter Driver;C:\WINDOWS\system32\drivers\wowfilter.sys [2005-11-28 12:06]
      S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 16:37]
      S3 Service CANALPLAY;Service CANALPLAY;"C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe" [2007-11-29 12:27]
      S3 SUEPD;SUE NDIS Protocol Driver;C:\WINDOWS\system32\DRIVERS\SUE_PD.sys [2005-05-24 15:26]
      S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 09:42]
      S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 09:42]
      S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 09:42]
      S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 09:42]
      S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 09:42]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0eb1a002-4679-11dc-b74e-0016cef4a59f}]
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
      \Shell\Open(&0)\command - Recycled\ctfmon.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6ab6d684-6a13-11dc-b77f-001302d435f6}]
      \Shell\AutoRun\command - cayfq2.cmd
      \Shell\explore\Command - cayfq2.cmd
      \Shell\open\Command - cayfq2.cmd

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de8676ea-8553-11dc-b795-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{df119f4e-9ae3-11dc-b7a9-001302d435f6}]
      \Shell\AutoRun\command - E:\LaunchU3.exe -a

      .
      Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
      "2008-05-30 18:06:00 C:\WINDOWS\Tasks\Norton AntiVirus - Analyser mon ordinateur - Sven.job"
      - C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
      .
      **************************************************************************

      catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-06-01 11:28:20
      Windows 5.1.2600 Service Pack 2 NTFS

      Balayage processus cachés ...

      Balayage caché autostart entries ...

      Balayage des fichiers cachés ...

      Scan terminé avec succès
      Les fichiers cachés: 0

      **************************************************************************
      .
      Temps d'accomplissement: 2008-06-01 11:30:09
      ComboFix-quarantined-files.txt 2008-06-01 09:30:00
      ComboFix2.txt 2008-05-31 15:23:25
      ComboFix3.txt 2008-05-29 21:24:24
      ComboFix4.txt 2008-05-28 18:45:59

      Pre-Run: 49,118,175,232 octets libres
      Post-Run: 49,101,742,080 octets libres

      282 --- E O F --- 2008-05-31 16:22:49
      0
  10. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    télécharge OTMoveIt
    http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau. Ou sur https://www.luanagames.com/index.fr.html
    double-clique sur OTMoveIt.exe pour le lancer.
    copie la liste qui se trouve en citation ci-dessous,
    et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

    Citation :

    C:\Documents and Settings\Sven\Application Data\AXPDefender

    clique sur MoveIt! pour lancer la suppression.
    le résultat apparaitra dans le cadre "Results".
    clique sur Exit pour fermer.
    poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

    il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

    __________________

    Télécharge ToolsCleaner sur ton bureau.
    --> http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
    # Clique sur Recherche et laisse le scan agir ...
    # Clique sur Suppression pour finaliser.
    # Tu peux, si tu le souhaites, te servir des Options facultatives.
    # Clique sur Quitter pour obtenir le rapport.
    # Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

    ps : pas besoin de m´envoyer le rapport si tout a ete supprimer ;-)

    ____________________

    encore des soucis
    0
    1. boule
       
      Désolé, je n'étais pas là pendant quelques jours..
      Voici le rapport toolsCleaner..
      Je te fais suivre le rapport OtMoveIt, je crois que ToolsCleaner a tout virer..


      -->- Recherche:

      C:\Qoobox: trouvé !
      C:\_OtMoveIt: trouvé !
      C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
      C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
      C:\Documents and Settings\Sven\Bureau\HijackThis.lnk: trouvé !
      C:\Documents and Settings\Sven\Bureau\OtMoveIt2.exe: trouvé !
      C:\Documents and Settings\Sven\Bureau\ComboFix.exe: trouvé !
      C:\Documents and Settings\Sven\Bureau\SmitFraudfix: trouvé !
      C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Mods\Star Wars\Assets\Art\Units\avenger: trouvé !
      C:\Program Files\Trend Micro\HijackThis: trouvé !
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

      ---------------------------------
      -->- Suppression:

      C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
      C:\Documents and Settings\Sven\Bureau\HijackThis.lnk: supprimé !
      C:\Documents and Settings\Sven\Bureau\OtMoveIt2.exe: supprimé !
      C:\Documents and Settings\Sven\Bureau\ComboFix.exe: supprimé !
      C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
      C:\Qoobox: supprimé !
      C:\_OtMoveIt: supprimé !
      C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
      C:\Documents and Settings\Sven\Bureau\SmitFraudfix: supprimé !
      C:\Program Files\Firaxis Games\Sid Meier's Civilization 4\Mods\Star Wars\Assets\Art\Units\avenger: supprimé !
      C:\Program Files\Trend Micro\HijackThis: supprimé !
      0
      1. boule > boule
         
        Et voici le rapport OTMoveIt

        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Packages moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\BrowserObjects moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuCurrentUser moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\StartMenuAllUsers moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM\RunOnce moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKLM moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU\RunOnce moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun\HKCU moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine\Autorun moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender\Quarantine moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender\AXPDefender moved successfully.
        C:\Documents and Settings\Sven\Application Data\AXPDefender moved successfully.

        OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06062008_143126
        0
  11. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    encore des soucis?
    0
    1. Boule
       
      A priori c bon.. Donc si tu me confirmes que de ton côté c bon, on peut en rester là..
      En tout cas, un grand merci !!
      0
  12. jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 041
     
    ok
    0