pages internet qui s' ouvrent toute seul !(RESOLU)
Dernière réponse : dans Sécurité
bonjour,
les pages internet s'ouvrent ttes seules voici le rapport hijackthis
pouvez vous me dire si j' ai un virus
Logfile of HijackThis v1.99.1
Scan saved at 13:52:19, on 24/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\WinZip\WZQKPICK.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\olivier\Bureau\scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
les pages internet s'ouvrent ttes seules voici le rapport hijackthis
pouvez vous me dire si j' ai un virus
Logfile of HijackThis v1.99.1
Scan saved at 13:52:19, on 24/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\WinZip\WZQKPICK.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\olivier\Bureau\scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Autres pages sur : pages internet ouvrent seul resolu
Lassé par la pub ? Créez un compte
Bonjour,
On commence par l'infection Egdaccess.
Les manipulations sont à faire sans interruption et dans l'ordre
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Enregistre cette page pour avoir accès à la procédure en mode sans échec :
- Fichier
- Enregistrer Sous...
- Nom du fichier : Procédure
- Type : Page Web, complète
- Pour l'emplacement, chosis ton Bureau
- Clique maintenant sur Enregistrer
Télécharge :
Brute Force Uninstaller (de Merjin).
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
Navipromo.zip et décompresse-le sur ton bureau.
FAIS UN CLIQUE-DROIT ICI et choisis "Enregistrer la cible du lien sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Note : Si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".
AIDE : Comment installer et utiliser BFU ?
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attends que Complete script execution apparaisse pour cliquer sur OK.
Clique Exit pour fermer le programme BFU.
Redémarre normalement.
Poste les rapports :
- Hijackthis
- C:\egd.txt
- C:\Navipromo.txt
On commence par l'infection Egdaccess.
Les manipulations sont à faire sans interruption et dans l'ordre
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Enregistre cette page pour avoir accès à la procédure en mode sans échec :
- Fichier
- Enregistrer Sous...
- Nom du fichier : Procédure
- Type : Page Web, complète
- Pour l'emplacement, chosis ton Bureau
- Clique maintenant sur Enregistrer
Télécharge :
Brute Force Uninstaller (de Merjin).
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
Navipromo.zip et décompresse-le sur ton bureau.
FAIS UN CLIQUE-DROIT ICI et choisis "Enregistrer la cible du lien sous..." afin de télécharger EGDACCESS.bfu (de Metallica). Sauvegarde-le dans le dossier créé (C:\BFU).
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Note : Si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers".
AIDE : Comment installer et utiliser BFU ?
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attends que Complete script execution apparaisse pour cliquer sur OK.
Clique Exit pour fermer le programme BFU.
Redémarre normalement.
Poste les rapports :
- Hijackthis
- C:\egd.txt
- C:\Navipromo.txt
voici le resultat egd
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACTIVBOARD"="c:\\apps\\ABoard\\ABoard.exe"
"DXM6Patch_981116"="C:\\WINDOWS\\p_981116.exe /Q:A"
"VCSPlayer"="\"C:\\Program Files\\Virtual CD v4 SDK\\system\\vcsplay.exe\""
"CleanEasyImg"="c:\\apps\\easydvd\\cleanall.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Omnipage"="C:\\Program Files\\ScanSoft\\OmniPageSE\\opware32.exe"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"msnappau"="\"C:\\Program Files\\MSN Apps\\Updater\\01.02.3000.1001\\fr\\msnappau.exe\""
"MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\""
"ATIPTA"="C:\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"
"IntelliType"="\"C:\\Program Files\\Microsoft Hardware\\Keyboard\\type32.exe\""
"POINTER"="point32.exe"
"TRIXX"="\"C:\\Program Files\\TRIXX\\TRIXX.exe\" -s"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb11.exe"
"HPHUPD06"="C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Abouthtmtransbarb"="C:\\Documents and Settings\\All Users\\Application Data\\LongAudioAboutHtm\\nurb poll.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
celui navipromo
Rapport Navipromo.bat 0.71 effectué le 24/12/2006 à 16:11:21,06
L'opération se déroule en mode sans échec sous le compte olivier
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
nayvugbc.exe
nayvugbc_navps.dat
nayvugbc.dat
nayvugbc.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 24/12/2006 à 16:12:37,18
L'opération se déroule en mode sans échec sous le compte olivier
** Recherche...
1/ nayvugbc trouvé, recherche de nayvugbc*
C:\WINDOWS\system32\nayvugbc.dat
C:\WINDOWS\system32\nayvugbc.exe
C:\WINDOWS\system32\nayvugbc_nav.dat
C:\WINDOWS\system32\nayvugbc_navps.dat
C:\WINDOWS\prefetch\NAYVUGBC.EXE-2A9466CC.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
nayvugbc REG_SZ c:\windows\system32\nayvugbc.exe nayvugbc
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de nayvugbc* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\nayvugbc* déplacé avec succès !
C:\WINDOWS\prefetch\nayvugbc* déplacé avec succès
------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\nayvugbc.dat
C:\Navipromo\Backups\nayvugbc.exe
C:\Navipromo\Backups\NAYVUGBC.EXE-2A9466CC.pf
C:\Navipromo\Backups\nayvugbc_nav.dat
C:\Navipromo\Backups\nayvugbc_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ACTIVBOARD"="c:\\apps\\ABoard\\ABoard.exe"
"DXM6Patch_981116"="C:\\WINDOWS\\p_981116.exe /Q:A"
"VCSPlayer"="\"C:\\Program Files\\Virtual CD v4 SDK\\system\\vcsplay.exe\""
"CleanEasyImg"="c:\\apps\\easydvd\\cleanall.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Omnipage"="C:\\Program Files\\ScanSoft\\OmniPageSE\\opware32.exe"
"NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"msnappau"="\"C:\\Program Files\\MSN Apps\\Updater\\01.02.3000.1001\\fr\\msnappau.exe\""
"MessengerPlus3"="\"C:\\Program Files\\Messenger Plus! 3\\MsgPlus.exe\""
"ATIPTA"="C:\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime"
"IntelliType"="\"C:\\Program Files\\Microsoft Hardware\\Keyboard\\type32.exe\""
"POINTER"="point32.exe"
"TRIXX"="\"C:\\Program Files\\TRIXX\\TRIXX.exe\" -s"
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb11.exe"
"HPHUPD06"="C:\\Program Files\\HP\\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\\hphupd06.exe"
"HP Component Manager"="\"C:\\Program Files\\HP\\hpcoretech\\hpcmpmgr.exe\""
"HPHmon06"="C:\\WINDOWS\\system32\\hphmon06.exe"
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Abouthtmtransbarb"="C:\\Documents and Settings\\All Users\\Application Data\\LongAudioAboutHtm\\nurb poll.exe"
"ccApp"="\"C:\\Program Files\\Fichiers communs\\Symantec Shared\\ccApp.exe\""
"Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
celui navipromo
Rapport Navipromo.bat 0.71 effectué le 24/12/2006 à 16:11:21,06
L'opération se déroule en mode sans échec sous le compte olivier
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
nayvugbc.exe
nayvugbc_navps.dat
nayvugbc.dat
nayvugbc.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 24/12/2006 à 16:12:37,18
L'opération se déroule en mode sans échec sous le compte olivier
** Recherche...
1/ nayvugbc trouvé, recherche de nayvugbc*
C:\WINDOWS\system32\nayvugbc.dat
C:\WINDOWS\system32\nayvugbc.exe
C:\WINDOWS\system32\nayvugbc_nav.dat
C:\WINDOWS\system32\nayvugbc_navps.dat
C:\WINDOWS\prefetch\NAYVUGBC.EXE-2A9466CC.pf
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
nayvugbc REG_SZ c:\windows\system32\nayvugbc.exe nayvugbc
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de nayvugbc* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\nayvugbc* déplacé avec succès !
C:\WINDOWS\prefetch\nayvugbc* déplacé avec succès
------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\nayvugbc.dat
C:\Navipromo\Backups\nayvugbc.exe
C:\Navipromo\Backups\NAYVUGBC.EXE-2A9466CC.pf
C:\Navipromo\Backups\nayvugbc_nav.dat
C:\Navipromo\Backups\nayvugbc_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
Re,
Supprime ce dossier :
C:\Navipromo\Backups\
-- Fais un scan en ligne Kaspersky :
- Scan le Poste de travail
- Sauvegarde puis colle le rapport en fin d'analyse
AIDE : Démonstration en images..
Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Va dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
Supprime ce dossier :
C:\Navipromo\Backups\
-- Fais un scan en ligne Kaspersky :
- Scan le Poste de travail
- Sauvegarde puis colle le rapport en fin d'analyse
AIDE : Démonstration en images..
Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Va dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
voici le rapport
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/12/2006
Enregistrements dans la base antivirus Kaspersky : 239781
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Dossiers
C:\Documents and Settings\olivier\Mes documents\
Statistiques de l'analyse
Total d'objets analysés 5859
Nombre de virus trouvés 1
Nombre d'objets infectés 1 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:50:01
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\olivier\Mes documents\Ma musique\divers\Incoming\GTR FIA GT Racing(for PC) Crack and Serial.exe Infecté : Trojan-Downloader.Win32.Agent.aii ignoré
Analyse terminée.
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 24/12/2006
Enregistrements dans la base antivirus Kaspersky : 239781
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Dossiers
C:\Documents and Settings\olivier\Mes documents\
Statistiques de l'analyse
Total d'objets analysés 5859
Nombre de virus trouvés 1
Nombre d'objets infectés 1 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:50:01
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\olivier\Mes documents\Ma musique\divers\Incoming\GTR FIA GT Racing(for PC) Crack and Serial.exe Infecté : Trojan-Downloader.Win32.Agent.aii ignoré
Analyse terminée.
fichier supprimé mais le prbleme persiste
voici le nouveau rapport.
Logfile of HijackThis v1.99.1
Scan saved at 10:28:58, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\TRIXX\TRIXX.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
voici le nouveau rapport.
Logfile of HijackThis v1.99.1
Scan saved at 10:28:58, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\TRIXX\TRIXX.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Re,
Télécharge Lopxp.zip
Dézippe le sur le Bureau
Lance le fichier lopxp.bat
Un rapport sera généré, poste son contenu ici.
Télécharge Lopxp.zip
Dézippe le sur le Bureau
Lance le fichier lopxp.bat
Un rapport sera généré, poste son contenu ici.
Rapport fait à 21:51:56,28 le 25/12/2006
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 15182626816 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
03/11/2006 13:55 <REP> LongAudioAboutHtm
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
22 R‚p(s) 15182622720 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 15182622720 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
07/12/2006 12:48 <REP> DriveCleaner 2006 Free
05/12/2006 11:28 <REP> MessengerSkinner
03/11/2006 13:55 <REP> list soap roam
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
31 R‚p(s) 15182618624 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 15ÿ182ÿ618ÿ624 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 15182626816 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
03/11/2006 13:55 <REP> LongAudioAboutHtm
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
22 R‚p(s) 15182622720 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 15182622720 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
07/12/2006 12:48 <REP> DriveCleaner 2006 Free
05/12/2006 11:28 <REP> MessengerSkinner
03/11/2006 13:55 <REP> list soap roam
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
31 R‚p(s) 15182618624 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 15ÿ182ÿ618ÿ624 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Re,
Redémarre en mode sans échec
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers et/ou dossiers s'ils existent encore :
C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\<- le dossier
C:\Documents and Settings\olivier\Application Data\DriveCleaner 2006 Free\<- le dossier
C:\Documents and Settings\olivier\Application Data\MessengerSkinner\<- le dossier
C:\Documents and Settings\olivier\Application Data\list soap roam \<- le dossier
C:\WINDOWS\Tasks\AC34EDDE916B64E6.job
Redémarre en mode sans échec
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers et/ou dossiers s'ils existent encore :
C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\<- le dossier
C:\Documents and Settings\olivier\Application Data\DriveCleaner 2006 Free\<- le dossier
C:\Documents and Settings\olivier\Application Data\MessengerSkinner\<- le dossier
C:\Documents and Settings\olivier\Application Data\list soap roam \<- le dossier
C:\WINDOWS\Tasks\AC34EDDE916B64E6.job
nouveaau scan :
Logfile of HijackThis v1.99.1
Scan saved at 22:46:08, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:46:08, on 25/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
voici le rapport loxp
Rapport fait à 11:22:55,98 le 26/12/2006
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 16237174784 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
21 R‚p(s) 16237170688 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 16237170688 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
26/12/2006 11:13 <REP> list soap roam
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
29 R‚p(s) 16237166592 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 16ÿ237ÿ166ÿ592 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Rapport fait à 11:22:55,98 le 26/12/2006
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 16237174784 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
21 R‚p(s) 16237170688 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 16237170688 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
26/12/2006 11:13 <REP> list soap roam
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
29 R‚p(s) 16237166592 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 16ÿ237ÿ166ÿ592 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Rapport fait à 13:34:59,31 le 26/12/2006
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 15128047616 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
21 R‚p(s) 15128043520 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 15128043520 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
28 R‚p(s) 15128039424 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 15ÿ128ÿ039ÿ424 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Administrateur\Application Data
15/10/2005 18:10 62 desktop.ini
15/10/2005 18:10 <REP> Adobe
15/10/2005 18:10 <REP> Identities
15/10/2005 18:10 <REP> InterTrust
15/10/2005 18:10 <REP> Microsoft
15/10/2005 18:10 <REP> ..
15/10/2005 18:10 <REP> Real
15/10/2005 18:10 <REP> .
1 fichier(s) 62 octets
7 R‚p(s) 15128047616 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\All Users\Application Data
31/10/2006 14:19 <REP> Google
01/06/2006 11:46 <REP> Hewlett-Packard
01/06/2006 11:38 1188 hpzinstall.log
31/05/2006 06:40 <REP> Windows Genuine Advantage
20/02/2006 08:51 <REP> NFS Underground
31/12/2005 21:41 <REP> DVD Shrink
28/08/2005 19:45 <REP> Messenger Plus!
16/07/2005 07:41 <REP> BVRP Software
17/02/2005 21:16 <REP> ScanSoft
16/02/2005 19:52 <REP> SSScanWizard
16/02/2005 19:52 <REP> SSScanAppDataDir
07/01/2005 21:44 <REP> Ulead Systems
10/12/2004 22:37 <REP> Adobe
10/11/2004 19:36 <REP> OLYMPUS
06/11/2004 18:22 <REP> SBSI
06/11/2004 18:22 <REP> QuickTime
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> CyberLink
06/11/2004 18:22 <REP> .
06/11/2004 18:22 <REP> ..
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
30/09/2002 11:55 62 desktop.ini
2 fichier(s) 1250 octets
21 R‚p(s) 15128043520 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Call of Duty extension
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Default User\Application Data
06/11/2004 18:22 <REP> Microsoft
06/11/2004 18:22 <REP> ..
06/11/2004 18:22 <REP> .
06/11/2004 09:44 <REP> Identities
06/11/2004 09:44 <REP> InterTrust
06/11/2004 09:44 <REP> Adobe
06/11/2004 09:44 <REP> Real
30/09/2002 11:55 62 desktop.ini
1 fichier(s) 62 octets
7 R‚p(s) 15128043520 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\olivier\Application Data
25/07/2006 11:29 <REP> STOIK
20/07/2006 11:45 <REP> FotoWire
21/03/2006 23:59 <REP> vlc
20/03/2006 20:32 <REP> Sun
22/02/2006 20:47 4194441 sdi.db
08/02/2006 07:41 <REP> ATI
01/01/2006 00:51 <REP> Google
25/07/2005 21:42 <REP> WholeSecurity
16/02/2005 20:07 <REP> Canon
16/02/2005 20:05 <REP> ArcSoft
16/02/2005 19:52 <REP> ScanSoft
15/02/2005 12:40 <REP> Microsoft Web Folders
11/02/2005 17:21 <REP> CyberLink
01/01/2005 17:14 <REP> NeroVision
19/11/2004 12:40 <REP> Ahead
18/11/2004 18:44 19304 GDIPFONTCACHEV1.DAT
17/11/2004 12:58 <REP> Help
13/11/2004 22:13 <REP> AdobeUM
10/11/2004 22:57 <REP> ubi.com
09/11/2004 18:55 <REP> VERITAS
07/11/2004 21:15 <REP> Macromedia
06/11/2004 11:25 <REP> MSN6
06/11/2004 09:49 <REP> Symantec
06/11/2004 09:45 62 desktop.ini
06/11/2004 09:45 <REP> Adobe
06/11/2004 09:45 <REP> Identities
06/11/2004 09:45 <REP> InterTrust
06/11/2004 09:45 <REP> Microsoft
06/11/2004 09:45 <REP> ..
06/11/2004 09:45 <REP> .
06/11/2004 09:45 <REP> Real
3 fichier(s) 4213807 octets
28 R‚p(s) 15128039424 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\Documents and Settings\Propri‚taire
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est B8E7-B492
R‚pertoire de C:\WINDOWS\Tasks
12/11/2006 00:09 570 Norton AntiVirus - Analyser mon ordinateur - olivier.job
03/11/2006 13:55 274 AC34EDDE916B64E6.job
01/06/2006 11:49 458 WebReg 20060601124927.job
01/06/2006 11:48 320 HP Usg Daily FY04.job
06/11/2004 18:28 <REP> ..
06/11/2004 18:28 <REP> .
30/09/2002 12:04 6 SA.DAT
30/09/2002 11:49 65 desktop.ini
6 fichier(s) 1ÿ693 octets
2 R‚p(s) 15ÿ128ÿ039ÿ424 octets libres
******************************************
Recherche dans Program files
Le dossier C:\Program Files\C2Media n'existe pas
*************** Fin du rapport ****************
Logfile of HijackThis v1.99.1
Scan saved at 13:56:06, on 26/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\TRIXX\TRIXX.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Scan saved at 13:56:06, on 26/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Microsoft Hardware\Keyboard\type32.exe
C:\Program Files\Microsoft Hardware\Mouse\point32.exe
C:\Program Files\TRIXX\TRIXX.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\hphmon06.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\olivier\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jeux.fr/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = NetLibre - L'esprit libre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\fr\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [TRIXX] "C:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe
O4 - HKLM\..\Run: [HPHUPD06] C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Barre d'état système d'ATI CATALYST.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\digital imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\digital imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} (SponsorAdulto Class) - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.c...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.edipole.fr/kits/WebInstall.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {8731163E-77B9-4F91-9122-F112521C28AF} (MMSPlayerX Class) - http://mmt.bouyguestelecom.fr/mmawap/jsp/composer/playe...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.ca...
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) - http://www.sponsoradulto.com/cab/fr/SysWebTelecomInt.ca...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by22fd.bay22.hotmail.msn.com/activex/HMAtchmt.oc...
O17 - HKLM\System\CCS\Services\Tcpip\..\{4B77C3C7-CF06-4CF9-920F-63160058EEC2}: NameServer = 192.168.1.1,192.168.1.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{808C05A8-0FEA-4D8D-AAD4-09BF28D71B49}: NameServer = 192.168.1.1,192.168.1.2
O18 - Protocol: bw+0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {D35C584D-8AF9-40FD-B68C-2853C2966CC9} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
Re,
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
Clique sur Fix checked (en bas à gauche)
-- Fais un scan en ligne Kaspersky :
- Scan le Poste de travail
- Sauvegarde puis colle le rapport en fin d'analyse
AIDE : Démonstration en images..
Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Va dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O2 - BHO: SponsorAdulto Class - {511F9316-771B-4953-A268-1C36DA667FE9} - C:\WINDOWS\Downloaded Program Files\sponsoradulto.dll (file missing)
O4 - HKLM\..\Run: [Abouthtmtransbarb] C:\Documents and Settings\All Users\Application Data\LongAudioAboutHtm\nurb poll.exe
O4 - HKCU\..\Run: [Link noun] C:\DOCUME~1\olivier\APPLIC~1\LISTSO~1\open thunk.exe
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
Clique sur Fix checked (en bas à gauche)
-- Fais un scan en ligne Kaspersky :
- Scan le Poste de travail
- Sauvegarde puis colle le rapport en fin d'analyse
AIDE : Démonstration en images..
Si ce message apparaît :
"La licence de Kaspersky On-line Scanner est périmée"
Va dans Ajout/Suppression de programmes pour désinstaller l'Online Scanner
Retente ensuite le scan.
aie
voici le scan
Tuesday, December 26, 2006 6:12:55 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 26/12/2006
Enregistrements dans la base antivirus Kaspersky : 240101
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Statistiques de l'analyse
Total d'objets analysés 128054
Nombre de virus trouvés 3
Nombre d'objets infectés 8 / 0
Nombre d'objets suspects 0
Durée de l'analyse 03:40:34
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-12-26_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Boîte d'envoi.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 22:03:09 +0100]/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Boîte d'envoi.dbx Mail MS Outlook 5: infecté - 1 ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:29:42 +0100]/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:36:44 +0100]/UNNAMED/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:36:44 +0100]/UNNAMED Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infecté - 3 ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_3c4.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_ee4.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_f90.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFBB4.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2006-12-26.11-25-31.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPPolicy.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPStart.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPStop.log L'objet est verrouillé ignoré
C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\L0000001.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\storydb.idx L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVApp.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVError.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVVirus.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\Quarantine\42DF2C43.DLL Infecté : Trojan-Downloader.Win32.Small.abe ignoré
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP810\change.log L'objet est verrouillé ignoré
C:\WINDOWS\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\dtscsi.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd2765.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\vaxscsi.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
F:\jeux\GTA San Andreas\o-sanocd.exe Infecté : Trojan-Dropper.Win32.Delf.ae ignoré
F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
F:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP810\change.log L'objet est verrouillé ignoré
Analyse terminée.
voici le scan
Tuesday, December 26, 2006 6:12:55 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 26/12/2006
Enregistrements dans la base antivirus Kaspersky : 240101
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Statistiques de l'analyse
Total d'objets analysés 128054
Nombre de virus trouvés 3
Nombre d'objets infectés 8 / 0
Nombre d'objets suspects 0
Durée de l'analyse 03:40:34
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate\2006-12-26_Log.ALUSchedulerSvc.LiveUpdate L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Fichiers Internet temporaires\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\ApplicationHistory\hpqgalry.exe.cf8dd223.ini.inuse L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Boîte d'envoi.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 22:03:09 +0100]/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Boîte d'envoi.dbx Mail MS Outlook 5: infecté - 1 ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:29:42 +0100]/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:36:44 +0100]/UNNAMED/tools.exe Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx/[From "olivier" ][Date Sun, 7 Nov 2004 21:36:44 +0100]/UNNAMED Infecté : not-virus:BadJoke.Win32.Farce.b ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Identities\{F9097B72-395C-4E07-A518-31AE2BD2E4DD}\Microsoft\Outlook Express\Éléments supprimés.dbx Mail MS Outlook 5: infecté - 3 ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_3c4.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_ee4.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\Perflib_Perfdata_f90.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temp\~DFBB4.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\olivier\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\logs\starwind.2006-12-26.11-25-31.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcrst.dll L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDALRT.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDCON.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDDBG.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDFW.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDIDS.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SNDSYS.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPPolicy.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPStart.log L'objet est verrouillé ignoré
C:\Program Files\Fichiers communs\Symantec Shared\SPStop.log L'objet est verrouillé ignoré
C:\Program Files\HP\hpcoretech\hpcmerr.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\L0000001.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\olivier\Data\storydb.idx L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVApp.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVError.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\AVVirus.log L'objet est verrouillé ignoré
C:\Program Files\Norton AntiVirus\Quarantine\42DF2C43.DLL Infecté : Trojan-Downloader.Win32.Small.abe ignoré
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP810\change.log L'objet est verrouillé ignoré
C:\WINDOWS\$_hpcst$.hpc L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\dtscsi.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd2765.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\vaxscsi.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
F:\jeux\GTA San Andreas\o-sanocd.exe Infecté : Trojan-Dropper.Win32.Delf.ae ignoré
F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
F:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP810\change.log L'objet est verrouillé ignoré
Analyse terminée.
Re,
Edite ton premier message avec![]()
puis ajoute (Résolu) au titre.
Dénonce ton infection (EGDACCESS) pour faire condamner les auteurs, ça serait sympa.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
AIDE : Comment rapporter son infection sur Malware-Complaints ?
Consulte cette page pour éviter que ces problèmes ne réapparaissent.
Edite ton premier message avec
puis ajoute (Résolu) au titre.Dénonce ton infection (EGDACCESS) pour faire condamner les auteurs, ça serait sympa.
Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
AIDE : Comment rapporter son infection sur Malware-Complaints ?
Consulte cette page pour éviter que ces problèmes ne réapparaissent.
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumOuvrir plusieurs pages internet avec seul lien
- ForumPages internet qui s'ouvrent toute seul
- ForumFenetre internet s' ouvrent sans arret.
- articlesPages internets pub s'ouvrent toutes seul.
- downloadPages internet s ouvrent toutes seules
- ForumDes pages internet s ouvrent toutes seules
- ForumPages internet qui s ouvrent toutes seules
- ForumPages internet s'ouvre toute seule
- ForumPages internet s'ouvrent toute seules
- articlesPages internet s'ouvrent toute seule
- Voir plus
