probleme de fenetre intempestive + mon ordi s'eteint tout seul
Dernière réponse : dans Sécurité
j'ai un probleme avec mon ordi y chaque fois que je vait sur le net j'ai tjs des fenetre qui s'affiche pour me dire que mon ordi est infecter ou des fois c des pub de site porno qui s'affiche donc sa m'fou grave la rage et j'ai essayer de me debrouiller un peu tout seul mais hijackthis j'ai po trop piger et smitfraudfix ne fait rien ni meme ad-aware et c cleaner.
donc merci de bien vouloir m'aider
a bientot gennaro
donc merci de bien vouloir m'aider
a bientot gennaro
Autres pages sur : probleme fenetre intempestive ordi eteint seul
Lassé par la pub ? Créez un compte
Salut,
Télécharge la dernière version d'HijackThis.
Déconnecte-toi d'Internet, dézippe-le et installe-le sur ton Bureau.
Ouvre-le et clique sur "Do a system scan and save a logfile". A la fin du scan, le bloc-notes va s'ouvrir, affichant le rapport ...
Copie/colle l'intégralité de ce rapport et poste-le ici.
Télécharge la dernière version d'HijackThis.
Déconnecte-toi d'Internet, dézippe-le et installe-le sur ton Bureau.
Ouvre-le et clique sur "Do a system scan and save a logfile". A la fin du scan, le bloc-notes va s'ouvrir, affichant le rapport ...
Copie/colle l'intégralité de ce rapport et poste-le ici.
Logfile of HijackThis v1.99.1
Scan saved at 02:26:52, on 25.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Scan saved at 02:26:52, on 25.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
Télécharge Blacklight (de F-Secure).
Clique sur "I accept" au bas de la page. Sauvegarde le sur ton Bureau.
Double-clique sur blbeta.exe et accepte la licence.
Clique "Scan" puis "Next".
Tu verras une liste de fichiers détectés apparaître ainsi qu'un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Copie/colle le contenu de ce rapport dans ta prochaine réponse.
Attention : Ne pas choisir l'option "Rename" tout de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe ...
Attention : Ne pas choisir l'option "Rename" tout de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe ...
voici mon rapport avec blacklight
02/25/07 12:59:33 [Info]: BlackLight Engine 1.0.55 initialized
02/25/07 12:59:33 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/25/07 12:59:33 [Note]: 7019 4
02/25/07 12:59:33 [Note]: 7005 0
02/25/07 12:59:41 [Note]: 7006 0
02/25/07 12:59:41 [Note]: 7011 2028
02/25/07 12:59:42 [Note]: 7026 0
02/25/07 12:59:42 [Note]: 7026 0
02/25/07 12:59:42 [Note]: 7024 3
02/25/07 12:59:42 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/25/07 12:59:50 [Note]: FSRAW library version 1.7.1021
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/25/07 13:04:54 [Note]: 10002 1
merci pour ton aide precieuse que doit-je faire maintenant ???
02/25/07 12:59:33 [Info]: BlackLight Engine 1.0.55 initialized
02/25/07 12:59:33 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/25/07 12:59:33 [Note]: 7019 4
02/25/07 12:59:33 [Note]: 7005 0
02/25/07 12:59:41 [Note]: 7006 0
02/25/07 12:59:41 [Note]: 7011 2028
02/25/07 12:59:42 [Note]: 7026 0
02/25/07 12:59:42 [Note]: 7026 0
02/25/07 12:59:42 [Note]: 7024 3
02/25/07 12:59:42 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/25/07 12:59:50 [Note]: FSRAW library version 1.7.1021
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/25/07 13:04:54 [Note]: 10002 1
02/25/07 13:04:54 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/25/07 13:04:54 [Note]: 10002 1
merci pour ton aide precieuse que doit-je faire maintenant ???
Avertissement : Tu n’auras pas accès à Internet pendant une partie de la procédure. Enregistre cette page pour pouvoir la consulter hors-connexion : Fichier > Enregistrer sous ...
Dans "Type", choisis "Page Web, complète" et donne-lui un nom.
Télécharge Navipromo.zip et décompresse-le sur ton bureau.
Télécharge Brute Force Uninstaller (de Merijn).
Créé un nouveau dossier directement sur C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU).
Fais un clic-droit ICI et choisis "Enregistrer la cible sous ..." afin de télécharger EGDACCESS.bfu (de Metallica).
Sauvegarde-le dans le dossier créé (C:\BFU).
Note : si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
Redémarre ton ordinateur.
Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "[Entrée]".
Choisis ton compte.
Une autre manière en images.
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Clique sur le petit dossier jaune, à droite de la boîte "Scriptline to execute", et double-clique sur EGDACCESS.bfu.
Dans la boîte "Scriptline to execute", tu devrais maintenant voir C:\BFU\EGDACCESS.bfu ...
Clique sur "Execute" et laisse-le faire son travail.
Attends que "Complete script execution" apparaîsse et clique sur "OK".
Clique sur "Exit" pour fermer le programme BFU.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Redémarre ton ordinateur en mode normal (pas en mode sans échec) et poste les 2 rapports egd.txt et navipromo.txt, un nouveau rapport Blacklight et un nouveau rapport HijackThis.
Dans "Type", choisis "Page Web, complète" et donne-lui un nom.
Télécharge Navipromo.zip et décompresse-le sur ton bureau.
Télécharge Brute Force Uninstaller (de Merijn).
Note : si tu utlises Internet Explorer, lors de la sauvegarde, assure-toi que le champs "Type" affiche "Tous les fichiers".
Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Redémarre ton ordinateur en mode normal (pas en mode sans échec) et poste les 2 rapports egd.txt et navipromo.txt, un nouveau rapport Blacklight et un nouveau rapport HijackThis.
rapport egd.txt
BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 22:56:22, on 25.02.2007
Option Delete files to Recycle Bin: Yes
Failed: RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices|MC (key not found)
Failed: RegDelValue HKCU\software\microsoft\windows\currentversion\wintrust\trust providers\software publishing\trust database\0|ELECTRONIC GROUP (key not found)
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: FolderDelete C:\Program Files\InternetGameBox (folder not found)
Failed: FolderDelete C:\Program Files\GoRecord2 (folder not found)
Failed: FolderDelete C:\Program Files\GoAstro (folder not found)
Failed: FolderDelete C:\Program Files\SudoPlanet (folder not found)
Failed: FolderDelete C:\Program Files\WebMediaPlayer (folder not found)
Failed: FolderDelete C:\Program Files\MessengerSkinner (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FolderDelete C:\WINDOWS\msskinner (folder not found)
Failed: FolderDelete C:\WINDOWS\wintrim (folder not found)
Failed: FolderDelete C:\WINDOWS\wincomp (folder not found)
Failed: FolderDelete C:\WINDOWS\winmgts (folder not found)
Failed: FolderDelete C:\WINDOWS\simcss (folder not found)
Failed: FolderDelete C:\WINDOWS\mc (folder not found)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFD05E.tmp (operation failed)
Failed: FolderCreate C:\WINDOWS\system32\bfubackups (folder already exists)
Script completed.
rapport navipromo.txt
Rapport Navipromo.bat 0.71 effectué le 25.02.2007 à 22:51:24.93
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
dgvyxtbqwp.exe
dgvyxtbqwp.exe
nscowzjblk.exe
rlxohwbv.exe
sxchmyvbnk.exe
ydrgxbopmf.exe
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 25.02.2007 à 22:51:54.51
L'opération se déroule en mode sans échec sous le compte Propri‚taire
** Recherche...
Fin du rapport de recherche
Adware Navipromo non trouvé avec cette méthode
rapport blacklight
02/25/07 23:04:46 [Info]: BlackLight Engine 1.0.55 initialized
02/25/07 23:04:46 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/25/07 23:04:46 [Note]: 7019 4
02/25/07 23:04:46 [Note]: 7005 0
02/25/07 23:04:49 [Note]: 7006 0
02/25/07 23:04:49 [Note]: 7011 160
02/25/07 23:04:50 [Note]: 7026 0
02/25/07 23:04:50 [Note]: 7026 0
02/25/07 23:04:50 [Note]: 7024 3
02/25/07 23:04:50 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/25/07 23:04:56 [Note]: FSRAW library version 1.7.1021
02/25/07 23:08:46 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:46 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:46 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:47 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/25/07 23:08:47 [Note]: 10002 1
02/25/07 23:13:23 [Note]: 7007 0
rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:14:37, on 25.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
merci pour l'aide
BFU v1.00.9
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 22:56:22, on 25.02.2007
Option Delete files to Recycle Bin: Yes
Failed: RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices|MC (key not found)
Failed: RegDelValue HKCU\software\microsoft\windows\currentversion\wintrust\trust providers\software publishing\trust database\0|ELECTRONIC GROUP (key not found)
Failed: DllUnregister C:\WINDOWS\system32\MSWBM32.DLL|1 (file not found)
Failed: DllUnregister C:\Program Files\MailSkinner\OESkinner.dll|1 (file not found)
Failed: FolderDelete C:\Program Files\dialpass (folder not found)
Failed: FolderDelete C:\Program Files\eghtmldialer (folder not found)
Failed: FolderDelete C:\Program Files\egroup (folder not found)
Failed: FolderDelete C:\Program Files\Instant Access (folder not found)
Failed: FolderDelete C:\Program Files\MailSkinner (folder not found)
Failed: FolderDelete C:\Program Files\InternetGameBox (folder not found)
Failed: FolderDelete C:\Program Files\GoRecord2 (folder not found)
Failed: FolderDelete C:\Program Files\GoAstro (folder not found)
Failed: FolderDelete C:\Program Files\SudoPlanet (folder not found)
Failed: FolderDelete C:\Program Files\WebMediaPlayer (folder not found)
Failed: FolderDelete C:\Program Files\MessengerSkinner (folder not found)
Failed: DllUnregister C:\WINDOWS\mslagent\2_mslagent.dll|1 (file not found)
Failed: DllUnregister C:\WINDOWS\navmpc\2_navmpc.dll|1 (file not found)
Failed: FolderDelete C:\WINDOWS\mslagent (folder not found)
Failed: FolderDelete C:\WINDOWS\navmpc (folder not found)
Failed: FolderDelete C:\WINDOWS\msskinner (folder not found)
Failed: FolderDelete C:\WINDOWS\wintrim (folder not found)
Failed: FolderDelete C:\WINDOWS\wincomp (folder not found)
Failed: FolderDelete C:\WINDOWS\winmgts (folder not found)
Failed: FolderDelete C:\WINDOWS\simcss (folder not found)
Failed: FolderDelete C:\WINDOWS\mc (folder not found)
Failed: FileDelete C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\~DFD05E.tmp (operation failed)
Failed: FolderCreate C:\WINDOWS\system32\bfubackups (folder already exists)
Script completed.
rapport navipromo.txt
Rapport Navipromo.bat 0.71 effectué le 25.02.2007 à 22:51:24.93
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
dgvyxtbqwp.exe
dgvyxtbqwp.exe
nscowzjblk.exe
rlxohwbv.exe
sxchmyvbnk.exe
ydrgxbopmf.exe
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 25.02.2007 à 22:51:54.51
L'opération se déroule en mode sans échec sous le compte Propri‚taire
** Recherche...
Fin du rapport de recherche
Adware Navipromo non trouvé avec cette méthode
rapport blacklight
02/25/07 23:04:46 [Info]: BlackLight Engine 1.0.55 initialized
02/25/07 23:04:46 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/25/07 23:04:46 [Note]: 7019 4
02/25/07 23:04:46 [Note]: 7005 0
02/25/07 23:04:49 [Note]: 7006 0
02/25/07 23:04:49 [Note]: 7011 160
02/25/07 23:04:50 [Note]: 7026 0
02/25/07 23:04:50 [Note]: 7026 0
02/25/07 23:04:50 [Note]: 7024 3
02/25/07 23:04:50 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/25/07 23:04:56 [Note]: FSRAW library version 1.7.1021
02/25/07 23:08:46 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:46 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:46 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/25/07 23:08:46 [Note]: 10002 1
02/25/07 23:08:47 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/25/07 23:08:47 [Note]: 10002 1
02/25/07 23:13:23 [Note]: 7007 0
rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:14:37, on 25.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
merci pour l'aide
Télécharge Brute Force Uninstaller (de Merijn).
Créé un nouveau dossier directement sur C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU).
Ouvre le bloc-notes (Demarrer > Tous les programmes > accessoires > bloc-notes).
Copie ceci (en gras) dans le bloc-notes :
RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sxchmyvbnk
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sxchmyvbnk
RegDelValue HKCU\Software\Microsoft\Windows\CurrentVersion\Run|sxchmyvbnk
FileDelete %SYSDIR%\sxchmyvbnk_navps.dat
FileDelete %SYSDIR%\sxchmyvbnk_nav.dat
FileDelete %SYSDIR%\sxchmyvbnk.dat
FileDelete %SYSDIR%\sxchmyvbnk.exe
Ensuite, enregistre dans: C:\BFU
Nom du fichier : aftermath.bfu (attention! l'extension doit bien etre .bfu et pas autre chose)
Type de fichier : tous les fichiers
clique sur Enregistrer
Quitte le bloc-notes
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : c:\bfu\aftermath.bfu
Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : c:\bfu\aftermath.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attends que "Complete script execution" apparaîsse et clique sur "OK".
Clique sur "Exit" pour fermer le programme BFU.
Poste un nouveau rapport Blacklight ...
Créé un nouveau dossier directement sur C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU).
Ouvre le bloc-notes (Demarrer > Tous les programmes > accessoires > bloc-notes).
Copie ceci (en gras) dans le bloc-notes :
RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sxchmyvbnk
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|sxchmyvbnk
RegDelValue HKCU\Software\Microsoft\Windows\CurrentVersion\Run|sxchmyvbnk
FileDelete %SYSDIR%\sxchmyvbnk_navps.dat
FileDelete %SYSDIR%\sxchmyvbnk_nav.dat
FileDelete %SYSDIR%\sxchmyvbnk.dat
FileDelete %SYSDIR%\sxchmyvbnk.exe
Ensuite, enregistre dans: C:\BFU
Nom du fichier : aftermath.bfu (attention! l'extension doit bien etre .bfu et pas autre chose)
Type de fichier : tous les fichiers
clique sur Enregistrer
Quitte le bloc-notes
Démarre "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : c:\bfu\aftermath.bfu
Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : c:\bfu\aftermath.bfu
Clique sur "Execute" et laisse-le faire son travail.
Attends que "Complete script execution" apparaîsse et clique sur "OK".
Clique sur "Exit" pour fermer le programme BFU.
Poste un nouveau rapport Blacklight ...
voila denouveau un rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 18:41:22, on 26.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Executive Software\DiskeeperLite\DfrgFat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
a bientot
Logfile of HijackThis v1.99.1
Scan saved at 18:41:22, on 26.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Executive Software\DiskeeperLite\DfrgFat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
a bientot
...
oups scuse moi j'avait cru voir hijackthis au lieu de blacklight
alors voila le blacklight
02/26/07 22:11:35 [Info]: BlackLight Engine 1.0.55 initialized
02/26/07 22:11:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/26/07 22:11:35 [Note]: 7019 4
02/26/07 22:11:35 [Note]: 7005 0
02/26/07 22:11:37 [Note]: 7006 0
02/26/07 22:11:37 [Note]: 7011 872
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7024 3
02/26/07 22:11:37 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:11:41 [Note]: FSRAW library version 1.7.1021
02/26/07 22:15:35 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/26/07 22:15:35 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:17:11 [Note]: 7007 0
alors voila le blacklight
02/26/07 22:11:35 [Info]: BlackLight Engine 1.0.55 initialized
02/26/07 22:11:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/26/07 22:11:35 [Note]: 7019 4
02/26/07 22:11:35 [Note]: 7005 0
02/26/07 22:11:37 [Note]: 7006 0
02/26/07 22:11:37 [Note]: 7011 872
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7024 3
02/26/07 22:11:37 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:11:41 [Note]: FSRAW library version 1.7.1021
02/26/07 22:15:35 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/26/07 22:15:35 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:17:11 [Note]: 7007 0
Tu as bien suivi les instructions ?
Retente ceci :
Redémarre ton ordinateur en mode sans échec.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Redémarre normalement.
Poste le rapport C:\Navipromo.txt ...
Retente ceci :
Redémarre ton ordinateur en mode sans échec.
Lance le fichier Navipromo.bat qui se trouve sur ton bureau dans le dossier Navipromo.
Sélectionne d'abord l'option "Vérifications", et patiente quelques minutes. Lorsqu'il a terminé, ferme le rapport qui s'est ouvert.
Sélectionne ensuite l'option "Recherche et suppression automatique" en tapant sur la touche R.
S'il trouve quelque chose, tu verras défiler des lignes dans la fenêtre de commande et au bout de quelques instants, il faudra que tu appuies sur une touche pour que le nettoyage soit lancé.
Redémarre normalement.
Poste le rapport C:\Navipromo.txt ...
oups scuse moi j'avait cru voir hijackthis au lieu de blacklight
alors voila le blacklight
02/26/07 22:11:35 [Info]: BlackLight Engine 1.0.55 initialized
02/26/07 22:11:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/26/07 22:11:35 [Note]: 7019 4
02/26/07 22:11:35 [Note]: 7005 0
02/26/07 22:11:37 [Note]: 7006 0
02/26/07 22:11:37 [Note]: 7011 872
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7024 3
02/26/07 22:11:37 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:11:41 [Note]: FSRAW library version 1.7.1021
02/26/07 22:15:35 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/26/07 22:15:35 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:17:11 [Note]: 7007 0
alors voila le blacklight
02/26/07 22:11:35 [Info]: BlackLight Engine 1.0.55 initialized
02/26/07 22:11:35 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/26/07 22:11:35 [Note]: 7019 4
02/26/07 22:11:35 [Note]: 7005 0
02/26/07 22:11:37 [Note]: 7006 0
02/26/07 22:11:37 [Note]: 7011 872
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7026 0
02/26/07 22:11:37 [Note]: 7024 3
02/26/07 22:11:37 [Info]: Hidden process: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:11:41 [Note]: FSRAW library version 1.7.1021
02/26/07 22:15:35 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk.dat
02/26/07 22:15:35 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: C:\windows\system32\sxchmyvbnk.exe
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_nav.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:15:36 [Info]: Hidden file: c:\WINDOWS\system32\sxchmyvbnk_navps.dat
02/26/07 22:15:36 [Note]: 10002 1
02/26/07 22:17:11 [Note]: 7007 0
desoler j'ai eu un probleme j'ai po vuq ue je l'avait deja poster ben oui j'essaye de faire a la lettre meme si c un peu compliquer j'ai l'impression de faire tout comme il faut je te poste le rapport navi
Rapport Navipromo.bat 0.71 effectué le 26.02.2007 à 23:04:47.95
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
dgvyxtbqwp.exe
dgvyxtbqwp.exe
nscowzjblk.exe
rlxohwbv.exe
sxchmyvbnk.exe
ydrgxbopmf.exe
sxchmyvbnk_navps.dat
sxchmyvbnk.dat
sxchmyvbnk.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 26.02.2007 à 23:05:31.42
L'opération se déroule en mode sans échec sous le compte Propri‚taire
** Recherche...
1/ sxchmyvbnk trouvé, recherche de sxchmyvbnk*
C:\WINDOWS\system32\sxchmyvbnk.dat
C:\WINDOWS\system32\sxchmyvbnk.exe
C:\WINDOWS\system32\sxchmyvbnk_nav.dat
C:\WINDOWS\system32\sxchmyvbnk_navps.dat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
sxchmyvbnk REG_SZ c:\windows\system32\sxchmyvbnk.exe sxchmyvbnk
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de sxchmyvbnk* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\sxchmyvbnk* déplacé avec succès !
------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\sxchmyvbnk.dat
C:\Navipromo\Backups\sxchmyvbnk.exe
C:\Navipromo\Backups\sxchmyvbnk_nav.dat
C:\Navipromo\Backups\sxchmyvbnk_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
Rapport Navipromo.bat 0.71 effectué le 26.02.2007 à 23:04:47.95
L'opération se déroule en mode sans échec sous le compte Propri‚taire
## Vérifications supplémentaires
Note : cette section est expérimentale, aucun fichier ne sera supprimé. Si des fichiers sont trouvés à l'aide de cette méthode, ils ne seront pas nécessairement dangereux.
* Navipromo
C:\WINDOWS\System32
dgvyxtbqwp.exe
dgvyxtbqwp.exe
nscowzjblk.exe
rlxohwbv.exe
sxchmyvbnk.exe
ydrgxbopmf.exe
sxchmyvbnk_navps.dat
sxchmyvbnk.dat
sxchmyvbnk.dat
* Trojan Nebula
* Trojan Vundo
-------------
Rapport Navipromo.bat 0.71 effectué le 26.02.2007 à 23:05:31.42
L'opération se déroule en mode sans échec sous le compte Propri‚taire
** Recherche...
1/ sxchmyvbnk trouvé, recherche de sxchmyvbnk*
C:\WINDOWS\system32\sxchmyvbnk.dat
C:\WINDOWS\system32\sxchmyvbnk.exe
C:\WINDOWS\system32\sxchmyvbnk_nav.dat
C:\WINDOWS\system32\sxchmyvbnk_navps.dat
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
sxchmyvbnk REG_SZ c:\windows\system32\sxchmyvbnk.exe sxchmyvbnk
------------------
Fin du rapport de recherche
Adware Navipromo trouvé 1 fois avec cette méthode
################################################
** Nettoyage...
1/ Déplacement de sxchmyvbnk* vers C:\Navipromo\Backups...
C:\WINDOWS\System32\sxchmyvbnk* déplacé avec succès !
------------------
* Suppression clés et valeurs de registre
1 entrées de registre netttoyées
* Backups :
C:\Navipromo\Backups\ARPCache.reg
C:\Navipromo\Backups\HKCURun.reg
C:\Navipromo\Backups\HKLMRun.reg
C:\Navipromo\Backups\sxchmyvbnk.dat
C:\Navipromo\Backups\sxchmyvbnk.exe
C:\Navipromo\Backups\sxchmyvbnk_nav.dat
C:\Navipromo\Backups\sxchmyvbnk_navps.dat
C:\Navipromo\Backups\Uninstall.reg
Ajout d'extension .off aux backups
## Fin du rapport de Suppression
okay alors voila le rapport blacklight:
02/27/07 18:35:28 [Info]: BlackLight Engine 1.0.55 initialized
02/27/07 18:35:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/27/07 18:35:28 [Note]: 7019 4
02/27/07 18:35:28 [Note]: 7005 0
02/27/07 18:35:30 [Note]: 7006 0
02/27/07 18:35:30 [Note]: 7011 220
02/27/07 18:35:30 [Note]: 7026 0
02/27/07 18:35:30 [Note]: 7026 0
02/27/07 18:35:39 [Note]: FSRAW library version 1.7.1021
02/27/07 18:40:39 [Note]: 7007 0
et voila le rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 18:41:42, on 27.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
02/27/07 18:35:28 [Info]: BlackLight Engine 1.0.55 initialized
02/27/07 18:35:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
02/27/07 18:35:28 [Note]: 7019 4
02/27/07 18:35:28 [Note]: 7005 0
02/27/07 18:35:30 [Note]: 7006 0
02/27/07 18:35:30 [Note]: 7011 220
02/27/07 18:35:30 [Note]: 7026 0
02/27/07 18:35:30 [Note]: 7026 0
02/27/07 18:35:39 [Note]: FSRAW library version 1.7.1021
02/27/07 18:40:39 [Note]: 7007 0
et voila le rapport hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 18:41:42, on 27.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE
C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Logitech\ImageStudio\LowLight.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Propriétaire\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [farstone] NULL
O4 - HKLM\..\Run: [RestoreIT!] "C:\Program Files\FarStone\RestoreIT!\RestoreIT!_XP\VBPTASK.EXE" VBStart
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\WINDOWS\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\Documents and Settings\Propriétaire\Local Settings\Temp\EI40_\msxml4.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.ca...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: bw+0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {78D4D05D-BD24-4BEC-B0EB-F8A2FE478744} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe
C'est bien ce qui me semblait ...
En gratuit, Avast est très bien. On t'explique tout ici.
Je ne vois pas non plus de pare-feu installé ... Il est fortement recommandé d'en installer un.
Celui proposé par le centre de sécurité de Windows XP est insuffisant car il ne surveille pas les connexions sortantes. Désactive-le avant d'installer celui que tu as choisi dans la liste qui suit :
Zone Alarm Free > Comment le configurer par fbc
Zone Alarm Pro > Comment le configurer par Tesgaz
Kerio Personel Firewall > Comment le configurer par Malekal_morte
Outpost Free > Comment le configurer par Odsen
Jetico > Comment le configurer par Odsen
Tu peux aussi consulter cette page pour un choix encore plus vaste ...
Tu peux tester ton firewall ici ...
Et pour finir, ta console Java n'est pas à jour.
Pour la mettre à jour :
Télécharge la dernière version de Java Runtime Environment.
Descend dans la page jusque "Java Runtime Environment (JRE) 6" et clique sur Download".
Accepte le contrat de licence.
Clique sur le lien Windows Offline Installation, Multi-language.
Ferme toutes les applications en cours, spécialement ton navigateur Internet.
Désinstalle les anciennes versions de Java via Panneau de configuration > Ajout/Suppression de programmes.
Redémarre le PC.
Double-clique sur jre-6-windows-i586.exe et suis les instructions pour installer la nouvelle version.
En gratuit, Avast est très bien. On t'explique tout ici.
Je ne vois pas non plus de pare-feu installé ... Il est fortement recommandé d'en installer un.
Celui proposé par le centre de sécurité de Windows XP est insuffisant car il ne surveille pas les connexions sortantes. Désactive-le avant d'installer celui que tu as choisi dans la liste qui suit :
Tu peux aussi consulter cette page pour un choix encore plus vaste ...
Tu peux tester ton firewall ici ...
Et pour finir, ta console Java n'est pas à jour.
Pour la mettre à jour :
Un bon firewall est un firewall qui te convient, c'est à dire qu'il sera assez intuitif pour te permettre de bien l'utiliser ...
Si tu autorises tout, le firewall ne sert à rien, si tu bloques tout, tu auras du mal à surfer ...
C'est pourquoi je donne un lien vers une aide à la configuration pour chacun d'entre-eux ...
Fais ton choix en regardant les tutos pour voir si tu les comprends ...
Si tu as des questions, n'hésite pas ...
Si tu autorises tout, le firewall ne sert à rien, si tu bloques tout, tu auras du mal à surfer ...
C'est pourquoi je donne un lien vers une aide à la configuration pour chacun d'entre-eux ...
Fais ton choix en regardant les tutos pour voir si tu les comprends ...
Si tu as des questions, n'hésite pas ...
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme fenetre intempestive
- ForumProbleme ordi s'eteint tout seul
- ForumProbleme de fenetre se fermant toute seul
- ForumVirus , fenetre intempestive et ordi qui rame
- ForumOrdi infecte help fenetre intempestive.
- ForumProbleme mon ordi redemarre tout seul.
- ForumProbleme fenetre intempestives
- ForumProbleme fenetre qui s'ouvre tte seule
- ForumProbleme fenetre dos se ferme toute seule
- ForumAsus g73 probleme ordi allume ecran eteint
- Voir plus
