[Résolu] Spyware Secure
Dernière réponse : dans Sécurité
Bonjour,
Depuis cet apres midi, j'ai un certain "Spyware-secure" qui s'ouvre dans une page firefox et ZA me signal qu'un certain "PQZBLEOWYA.EXE" tente d'acceder a internet, et j'ai cru comprendre que c'était le cas pour beaucoup de personnes, je me suis dit que j'allais suivre la procedure que vous aviez donné pour les autres mais a parament il faut le faire au cas par cas alors je post ...
J'ai deja fait une analyse avc l'anti-virus kaspersky on-line mais je ne sais pas si il l'a supprimé car le message de ZA revient toujours.
Merci de l'aide
EDIT : quand j'ai posté le message, la fenetre de spyware-secure est revenue ....
Depuis cet apres midi, j'ai un certain "Spyware-secure" qui s'ouvre dans une page firefox et ZA me signal qu'un certain "PQZBLEOWYA.EXE" tente d'acceder a internet, et j'ai cru comprendre que c'était le cas pour beaucoup de personnes, je me suis dit que j'allais suivre la procedure que vous aviez donné pour les autres mais a parament il faut le faire au cas par cas alors je post ...
J'ai deja fait une analyse avc l'anti-virus kaspersky on-line mais je ne sais pas si il l'a supprimé car le message de ZA revient toujours.
Merci de l'aide
EDIT : quand j'ai posté le message, la fenetre de spyware-secure est revenue ....
Autres pages sur : resolu spyware secure
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Hijackthis (de Trend Micro).
Dézippe-le dans un dossier ou sur ton Bureau.
Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :
Edition / Sélectionner tout
Edition / Copier
Clique-Droit / Coller dans ta réponse
&
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Télécharge Hijackthis (de Trend Micro).
Dézippe-le dans un dossier ou sur ton Bureau.
Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :
&
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
rapport de hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:49:56, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [pqzbleowya] c:\windows\system32\pqzbleowya.exe pqzbleowya
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17421 bytes
rapport de Navilog 1 :
Search Navipromo version 2.0.9 commencé le 23/08/2007 à 14:53:41,66
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
WebMediaPlayer
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Max\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.
[+] Started on 08/23/07 at 14:53:47.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .........................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 08/23/07 at 14:59:53 (return code = 0).
*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!
Fichiers trouvés :
C:\WINDOWS\system32\virus.exe trouvé !
Fichiers suspects :
Aucun Fichier suspect trouvé !
*** Recherche fichiers ***
C:\DOCUME~1\Max\Bureau\WebMediaPlayer.lnk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1454471165-1343024091-1060284298-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\pqzbleowya.dat trouvé !
**
C:\WINDOWS\system32\pqzbleowya.dat trouvé !
***
****
C:\WINDOWS\system32\pqzbleowya_navps.dat trouvé !
*****
C:\WINDOWS\system32\pqzbleowya_nav.dat trouvé !
******
*******
********
3)Recherche Certificats :
Certificat Egroup trouvé !
*** Analyse Terminé le 23/08/2007 à 15:00:23,43 ***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:49:56, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [pqzbleowya] c:\windows\system32\pqzbleowya.exe pqzbleowya
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17421 bytes
rapport de Navilog 1 :
Search Navipromo version 2.0.9 commencé le 23/08/2007 à 14:53:41,66
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
WebMediaPlayer
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Max\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.
[+] Started on 08/23/07 at 14:53:47.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items .........................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 08/23/07 at 14:59:53 (return code = 0).
*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!
Fichiers trouvés :
C:\WINDOWS\system32\virus.exe trouvé !
Fichiers suspects :
Aucun Fichier suspect trouvé !
*** Recherche fichiers ***
C:\DOCUME~1\Max\Bureau\WebMediaPlayer.lnk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-1454471165-1343024091-1060284298-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
*
C:\WINDOWS\system32\pqzbleowya.dat trouvé !
**
C:\WINDOWS\system32\pqzbleowya.dat trouvé !
***
****
C:\WINDOWS\system32\pqzbleowya_navps.dat trouvé !
*****
C:\WINDOWS\system32\pqzbleowya_nav.dat trouvé !
******
*******
********
3)Recherche Certificats :
Certificat Egroup trouvé !
*** Analyse Terminé le 23/08/2007 à 15:00:23,43 ***
Re,
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Clean Navipromo version 2.0.9 commencé le 23/08/2007 à 15:08:33,31
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)
*** Recherche avec GenericNaviSearch ***
!!! Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!
Fichiers trouvés supprimés avec backups :
Fichiers suspects :
Aucun Fichier suspect trouvé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Max\Application Data ***
*** Suppression fichiers ***
C:\DOCUME~1\Max\Bureau\WebMediaPlayer.lnk supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Max\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
C:\WINDOWS\System32\pqzbleowya.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya.dat supprimé !
**
***
****
C:\WINDOWS\System32\pqzbleowya_navps.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya_navps.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya_navps.dat supprimé !
*****
C:\WINDOWS\System32\pqzbleowya_nav.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya_nav.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya_nav.dat supprimé !
******
*******
********
3)Certificats :
Certificat Egroup supprimé !
*** Sauvegarde du registre vers dossier Backupnavi ***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Nettoyage termine le 23/08/2007 à 15:15:00,74 ***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:17:23, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17245 bytes
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)
*** Recherche avec GenericNaviSearch ***
!!! Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!
Fichiers trouvés supprimés avec backups :
Fichiers suspects :
Aucun Fichier suspect trouvé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Max\Application Data ***
*** Suppression fichiers ***
C:\DOCUME~1\Max\Bureau\WebMediaPlayer.lnk supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
C:\WINDOWS\prefetch\WEBMEDIAPLAYER.EXE-33B0F5F9.pf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Max\Local Settings\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche et Suppression Heuristique :
*
C:\WINDOWS\System32\pqzbleowya.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya.dat supprimé !
**
***
****
C:\WINDOWS\System32\pqzbleowya_navps.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya_navps.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya_navps.dat supprimé !
*****
C:\WINDOWS\System32\pqzbleowya_nav.dat trouvé !
Copie C:\WINDOWS\system32\pqzbleowya_nav.dat réalise avec succes !
C:\WINDOWS\system32\pqzbleowya_nav.dat supprimé !
******
*******
********
3)Certificats :
Certificat Egroup supprimé !
*** Sauvegarde du registre vers dossier Backupnavi ***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Nettoyage termine le 23/08/2007 à 15:15:00,74 ***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:17:23, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17245 bytes
Re,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:28:36, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\GUILD WARS\Gw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17559 bytes
Scan saved at 17:28:36, on 23/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Teamspeak2_RC2\TeamSpeak.exe
C:\Program Files\GUILD WARS\Gw.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17559 bytes
On termine.
Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur ![]()
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
KASPERSKY ON-LINE SCANNER REPORT
Friday, August 24, 2007 2:51:34 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 23/08/2007
Enregistrements dans la base antivirus Kaspersky : 364274
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 86200
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 06:46:28
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Historique\History.IE5\MSHist012007082320070824\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Temp\~DFF2D5.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Max\NTUSER.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Maman\Bureau\PKZ4AF.tmp/setup.exe Infecté : Backdoor.Win32.Agent.aou ignoré
C:\Maman\Bureau\PKZ4AF.tmp ZIP: infecté - 1 ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\L0000002.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\storydb.idx L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{EEB3A522-3DFF-46AD-B2F7-7EC002B43784}\RP66\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\PC-MAX.ldb L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ZLT014a5.TMP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ZLT07a26.TMP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
Friday, August 24, 2007 2:51:34 AM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 23/08/2007
Enregistrements dans la base antivirus Kaspersky : 364274
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
Statistiques de l'analyse
Total d'objets analysés 86200
Nombre de virus trouvés 1
Nombre d'objets infectés 2 / 0
Nombre d'objets suspects 0
Durée de l'analyse 06:46:28
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Historique\History.IE5\MSHist012007082320070824\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Temp\~DFF2D5.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Max\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Max\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Max\NTUSER.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Maman\Bureau\PKZ4AF.tmp/setup.exe Infecté : Backdoor.Win32.Agent.aou ignoré
C:\Maman\Bureau\PKZ4AF.tmp ZIP: infecté - 1 ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\BWDocMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\BWInfopakMap.pht L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chandir.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chandir.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chn.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\chn.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\D0000000.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\inuse.txt L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\L0000002.FCS L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\main.log L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_die.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_die.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_dnd.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_dnd.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_ext.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_ext.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_rcv.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\prs_rcv.idx L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\storydb.dat L'objet est verrouillé ignoré
C:\Program Files\Logitech\Desktop Messenger\8876480\Users\Max\Data\storydb.idx L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{EEB3A522-3DFF-46AD-B2F7-7EC002B43784}\RP66\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\fwdbglog.txt L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\fwpktlog.txt L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\IAMDB.RDB L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\PC-MAX.ldb L'objet est verrouillé ignoré
C:\WINDOWS\Internet Logs\tvDebug.log L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ZLT014a5.TMP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\ZLT07a26.TMP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:11:19, on 24/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17370 bytes
Scan saved at 15:11:19, on 24/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\ACD Systems\FR\DevDetect.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Max\Mes documents\Mozzila firefox\HiJackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.02\RivaTuner.exe" /S
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36AEFE05-58F4-4EC4-B75E-EC09D6076618}: NameServer = 212.27.53.252,212.27.54.252
O18 - Protocol: bw+0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {82F6D89A-F2ED-4BB9-AB10-ECCB67BBDC17} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
--
End of file - 17370 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumInfection spyware secure a l aide
- ForumVirus spyware secure svp
- ForumSpyware secure
- ForumPb avec des affichages de spyware secure
- ForumPages de pub spyware secure
- ForumSpyware spyware secure drive cleaner
- ForumInfecte par spyware spyware secure, errorsaf
- ForumComment se debarrasser de spyware secure
- ForumPb de virus spyware secure
- ForumSpyware pubs de spyware secure, casino.
- Voir plus
