fenetres intempestives
Forum Sécurité - Virus : fenetres intempestives
bonsoir, je suis envahie de fenetres de sites en tout genre, comment m'en débarrasser? merci de votre aide!
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:34:01, on 16/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norman\NPF\NPFSVICE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Norman\NPF\NPFMSG.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CanalPlayer] C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe /iconic
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1992] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1191] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6908] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC669] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7890] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4655] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8140] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1405] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB5145] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4896] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4414] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8892] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB12] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6621] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB298] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5158] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NPF Messenger.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O18 - Protocol: bw+0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\Program Files\Norman\NPF\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 24146 bytes
bonjour,
qu'est-ce que je dois faire après ce rapport?
merci!
au secours,
que faire après vous avoir envoyé le rapport!
merci
Tu peux pas patienter ?! On a une vie !
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Répondre à Angeldark
Voil le rapport et encore merci pour ton aide!
Search Navipromo version 3.0.4 commencé le 17/09/2007 à 17:34:14,68
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 16.09.2007 a 13h00 by IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Virginie\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight [...] _help.html
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.
[+] Started on 09/17/07 at 17:34:17.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ........................................................................................................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 09/17/07 at 17:57:03 (return code = 0).
*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!
* Scan C:\WINDOWS\system32 *
Fichiers trouvés :
Aucun Fichier trouvé !
Fichiers suspects :
Aucun Fichier suspect trouvé !
*** Recherche fichiers ***
*** Recherche cles registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse Terminé le 17/09/2007 à 17:57:34,51 ***
Tu as des pubs sur tous les sites ?
Répondre à Angeldark
j'ai des pubs en tous genres, quand je vais sur des sites différents ( messagerie free, météo, l'internaute,...)
Bizarre.
Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.
Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.
IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.
Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.
Lorsque le scan est terminé, clique sur Copy.
Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.
Répondre à Angeldark
j'ai fait ce que tu m'as dit, voilà le rapport,
(en revenant sur le site infu du net, j'ai à nouveau des fenetres)
GMER 1.0.13.12551 - http://www.gmer.net
Rootkit scan 2007-09-17 19:07:34
Windows 5.1.2600 Service Pack 2
---- Files - GMER 1.0.13 ----
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\01\12-{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}-v1-{5E4CF5B6-C840-46A2-B670-2B1B8174704F}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\13\150-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v113-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v150-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\13\150-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v113-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v150-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\15\130-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v115-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v130-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\17\131-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v117-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v131-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\18\126-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v118-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v126-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\18\126-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v118-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v126-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\19\127-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v119-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v127-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\20\128-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v120-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v128-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\23\134-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v123-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v134-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\24\135-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v124-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v135-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\25\133-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v125-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v133-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\69\151-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v69-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\69\151-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v69-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v151-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\70\152-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v70-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\70\152-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v70-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v152-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\71\153-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v71-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\71\153-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v71-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v153-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\72\154-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v72-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\72\154-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v72-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v154-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\73\155-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v73-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\73\155-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v73-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v155-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\74\156-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v74-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\74\156-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v74-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v156-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\75\157-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v75-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\75\157-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v75-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v157-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\77\149-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v77-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v149-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.rdc.1
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\77\149-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v77-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v149-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\marc_oldfield@hotmail.com\DFSR\Staging\CS{CA270A7C-1340-FE95-0D91-546ED9D556FD}\01\16-{CA270A7C-1340-FE95-0D91-546ED9D556FD}-v1-{5E4CF5B6-C840-46A2-B670-2B1B8174704F}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\melaniefrancia@hotmail.fr\DFSR\Staging\CS{5F5396E0-421B-EE68-B6BC-43264E159E6A}\01\14-{5F5396E0-421B-EE68-B6BC-43264E159E6A}-v1-{5E4CF5B6-C840-46A2-B670-2B1B8174704F}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\pikiperrine@hotmail.fr\DFSR\Staging\CS{BBD3C4BC-E624-6E25-2A0C-D7BA6E6E6F1D}\01\11-{BBD3C4BC-E624-6E25-2A0C-D7BA6E6E6F1D}-v1-{5E4CF5B6-C840-46A2-B670-2B1B8174704F}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Charlotte_2\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\titeyoyo.du.49@hotmail.fr\DFSR\Staging\CS{5785FAC8-FA82-75A9-6FD0-98451F3FBA20}\01\13-{5785FAC8-FA82-75A9-6FD0-98451F3FBA20}-v1-{5E4CF5B6-C840-46A2-B670-2B1B8174704F}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\01\11-{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}-v1-{C66A8291-9E28-4C48-8C08-1529068EDC4F}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\13\122-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v113-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v122-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\18\126-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v118-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v126-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\19\127-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v119-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v127-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\20\128-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v120-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v128-Partial.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\69\88-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v69-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v88-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\70\89-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v70-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v89-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\71\90-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v71-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v90-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\72\87-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v72-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v87-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\73\110-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v73-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v110-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\74\111-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v74-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v111-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\75\112-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v75-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v112-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Eugénie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\77\86-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v77-{E826FBDA-09BB-4B4F-BEF8-F4AC3CCE5A3A}-v86-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Laurent\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\01\11-{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}-v1-{C08B9E79-9DEA-451E-9CEC-D0CADECEF917}-v11-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Laurent\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\marc_oldfield@hotmail.com\DFSR\Staging\CS{CA270A7C-1340-FE95-0D91-546ED9D556FD}\01\10-{CA270A7C-1340-FE95-0D91-546ED9D556FD}-v1-{C08B9E79-9DEA-451E-9CEC-D0CADECEF917}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Paul\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\marc_oldfield@hotmail.com\DFSR\Staging\CS{CA270A7C-1340-FE95-0D91-546ED9D556FD}\01\10-{CA270A7C-1340-FE95-0D91-546ED9D556FD}-v1-{C5343885-0608-4703-AE57-7306E5D76752}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\berta900@hotmail.com\DFSR\Staging\CS{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}\01\16-{A1448E6F-F2BD-99B5-E44A-A27802DC0A36}-v1-{3E2BD20A-9F10-4ECE-8BF0-6BE1D3E6C165}-v16-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\marc_oldfield@hotmail.com\DFSR\Staging\CS{CA270A7C-1340-FE95-0D91-546ED9D556FD}\01\12-{CA270A7C-1340-FE95-0D91-546ED9D556FD}-v1-{3E2BD20A-9F10-4ECE-8BF0-6BE1D3E6C165}-v12-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\melaniefrancia@hotmail.fr\DFSR\Staging\CS{5F5396E0-421B-EE68-B6BC-43264E159E6A}\01\14-{5F5396E0-421B-EE68-B6BC-43264E159E6A}-v1-{3E2BD20A-9F10-4ECE-8BF0-6BE1D3E6C165}-v14-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\orange_mais_pas_trop@hotmail.fr\DFSR\Staging\CS{3B4FA25B-FD82-B36A-C9BC-5AD1FFF8140F}\01\10-{3B4FA25B-FD82-B36A-C9BC-5AD1FFF8140F}-v1-{3E2BD20A-9F10-4ECE-8BF0-6BE1D3E6C165}-v10-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\orange_mais_pas_trop@hotmail.fr\DFSR\Staging\CS{3B4FA25B-FD82-B36A-C9BC-5AD1FFF8140F}\70\70-{84DADF82-0952-44F3-AECF-9B3417B55FB5}-v70-{84DADF82-0952-44F3-AECF-9B3417B55FB5}-v70-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
ADS C:\Documents and Settings\Virginie\Local Settings\Application Data\Microsoft\Messenger\coco_349@hotmail.fr\SharingMetadata\titeyoyo.du.49@hotmail.fr\DFSR\Staging\CS{5785FAC8-FA82-75A9-6FD0-98451F3FBA20}\01\13-{5785FAC8-FA82-75A9-6FD0-98451F3FBA20}-v1-{3E2BD20A-9F10-4ECE-8BF0-6BE1D3E6C165}-v13-Downloaded.frx:{59828bbb-3f72-4c1b-a420-b51ad66eb5d3}.XPRESS
---- EOF - GMER 1.0.13 ----
Un problème Hardware pour moi.
Répondre à Angeldark
c'est encore moi!!! toujours des fen^tres qui s'ouvrent... y -a-t-il une solution??....
merci
Re,
Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\RunOnce: [SpybotDeletingA1992] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1191] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA6908] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC669] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7890] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4655] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingA8140] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKLM\..\RunOnce: [SpybotDeletingC1405] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5145] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4896] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4414] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8892] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB12] command /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6621] cmd /c del "C:\WINDOWS\system32\drivers\core.cache.dsk_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingB298] command /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5158] cmd /c del "C:\WINDOWS\system32\drivers\core.sys_tobedeleted"
Répondre à Angeldark
j'ai fait ce que tu m'as dit, mais je n'ai retrouvé que la ligne 02 que tu m'as dit de fixer, les autres n'apparaissent plus!
mais j'ai toujours des fenetres. par exemple en ce moment sur ce site!
Reposte un rapport Hijackthis.
Répondre à Angeldark
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:58:53, on 18/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norman\NPF\NPFSVICE.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Belkin\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Norman\NPF\NPFMSG.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [CanalPlayer] C:\Program Files\Lecteur CANALPLAY\CanalPlayer.exe /iconic
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NPF Messenger.lnk = ?
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photoways.com/clients/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/ [...] loader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O18 - Protocol: bw+0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09925630-5FE4-441B-80B4-320C335DC847} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman Type-R - Unknown owner - C:\Program Files\Norman\NPF\NPFSVICE.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
--
End of file - 22190 bytes
Mieux ?
Répondre à Angeldark
non, , en restant sur ce site, j'ai des fenêtres qui s'ouvrent encore. galère...
après avoir éteint internet, puis rallumé, je me suis balladée sur des sites pour voir ce que ça donnait, et des fenêtres s'ouvrent toujours!
Comprends pas. Fais un scan en ligne Panda (TotalScan) puis poste le rapport).
Répondre à Angeldark
This action will cancel the scan
Are you sure you want to cancel the scan?
j'ai fait le scan indiqué, voilà le rapprt:
Generate results report...Español | English Sign in | Sign up | My account | Sign out Home| What is TotalScan?| We love feedback!| FAQ
Quick scan: Searching for malicious software
Scanning
Searching 2,012,862 viruses, spyware, Trojans and other threats. It also uses heuristic technologies to detect unknown viruses.
100%
Item in progress:
Items scanned:
5094
Items with viruses, spyware, Trojans... detected:
14
Suspicious files detected:
0
Results
PC infected
13 examples of less dangerous malicious software.
We detected that Norman Virus Control ver. 5.90 is enabled and up-to-date.
El texto que corresponda en cada momento
After a quick scan of your PC, we have not detected any ACTIVE or LATENT malicious software.
Become a TotalScan Pro member
Includes disinfection!
< Back to home
Scan details
High danger level (0)
Medium danger level (0)
Low danger level (13)
Cookie/Cgi-bin Tracking Cookie Latent Show + Info
C:\Documents and Settings...@www5.addfreestats[1].txt
Cookie/888 Tracking Cookie Latent Show + Info
C:\Documents and Settings...ginie@int.sitestat[1].txt
Cookie/Winanti... Tracking Cookie Latent Show + Info
C:\Documents and Settings...inie@.winantivirus[1].txt
adware/savenow Adware Latent Show + Info
hkey_local_machine\softwa...nagement\arpcache\savenow
c:\windows\downloaded program files\wuinst.inf
Cookie/Cassava Tracking Cookie Latent Show + Info
C:\Documents and Settings...ginie@int.sitestat[2].txt
Cookie/Hbmedia... Tracking Cookie Latent Show + Info
C:\Documents and Settings...e@adopt.hbmediapro[2].txt
Cookie/fe.lea.... Tracking Cookie Latent Show + Info
C:\Documents and Settings...ginie@fe.lea.lycos[1].txt
Cookie/Yadro Tracking Cookie Latent Show + Info
C:\Documents and Settings...ies\virginie@yadro[1].txt
Cookie/Weboram... Tracking Cookie Latent Show + Info
C:\Documents and Settings...\virginie@weborama[1].txt
Cookie/Serving... Tracking Cookie Latent Show + Info
C:\Documents and Settings...rginie@serving-sys[1].txt
Cookie/Belnk Tracking Cookie Latent Show + Info
C:\Documents and Settings...ies\virginie@belnk[1].txt
Cookie/Serving... Tracking Cookie Latent Show + Info
C:\Documents and Settings...nie@bs.serving-sys[2].txt
Cookie/Xiti Tracking Cookie Latent Show + Info
C:\Documents and Settings...kies\virginie@xiti[1].txt
<<
1
2
3
4
5
>>
Suspicious files (3)
<<
1
2
3
4
5
>>
Recommendations
Disinfect
Send suspicious files to laboratory
Install permanent protection
Enable your permanent protection
Update your permanent protection
How can I do this?
You should periodically carry out a FULL scan of your PC with TotalScan. That way you will reduce the chances of infection.
El % of other users' computers were infected and we have disinfected %
Check the Key features and the minimum requirements
Become a TotalScan member. It's FREE.
Benefits: 1. Customized scan 2. Scan history
Disinfection of this type of threat is
exclusive to TotalScan members Pro.
TotalScan Pro Members
It seems that you have registered previously and your account is still active. You cannot register again with the same account. Enter your account using your e-mail and password. Forgotten your password?
E-mail
Please enter this information
Password
Please enter this information
Repeat password
Please enter this information
Remember e-mail and password
I want to receive the latest news about NanoScan or TotalScan. I would also like to receive information on relevant promotions from Panda Security and/or its international representatives.
* Panda Security will send this information via e-mail or other equivalent form of communication (e.g. SMS).
I do not want to receive any type of information.
Have you forgotten your password?
You have not registered yet? Register now FREE
Still not a member?
Become a TotalScan Pro member and benefit from its maximum detection and disinfection capacity:
Detects over 1,100,000 viruses, spyware, Trojans and other threats.
Continuous updates: over 2,500 new viruses every day.
Includes disinfection.
Buy TotalScan Pro and become a member.
Use of TotalScan is subject to acceptance of the Terms and conditions of use
This is a Panda project
Que des cookies 
Vois plus d'autres possibilités.
Répondre à Angeldark
est-ce que je peux désinfecter avec panda?
C'est payant et il va enlever rien de méchant 
Répondre à Angeldark
OK, merci beaucoup pour ton aide.
Bonne chance.
Répondre à Angeldark
Il y a 1663 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
