aidez moi SVP j'ai un ver !!!! [Résolu]

Bonjour,

qq un pourrait il m'aider à supprimer le ver qui m'a infecté win32.worm.bagle.zlc dans le fichier mdelk.exe que je n'arrive pas à supprimer en mode sans échec. Il m'a neutraliser mon antivirus norton. Je l'ai détecter en faisant un antivirus en ligne BIT DEFENDER qui n'a pas réussi à me le supprimer. J'ai donc essayé le scan espagnol de crois "ebagla" et en voici le rapport :

Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Je ne sais pas ce que je dois faire maintenant.

merci de votre aide

Configuration: Windows Vista
Internet

Message édité par fanyca le 24-03-2008 à 19:22:07

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

:hello:

Citation :

Infection BAGLE

Si tu es sous Vista, désactive l'uac : http://bibou0007.com/tutos-f45/tut [...] a-t132.htm

Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : http://forum.pcastuces.com/sujet.asp?f=25&s=37315

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !

Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

alors mon "uac" est déjà désactivé apparemment je passe donc à la seconde étape. je reviens..

Répondre à fanyca

voila le rapport combofix
ComboFix 08-03-22.1 - r3no 2008-03-22 18:08:25.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1241 [GMT 1:00]
Endroit: C:\Users\r3no\Desktop\killbagle.exe
* Création d'un nouveau point de restauration
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\System32\1.exe
C:\Windows\system32\drivers\down
C:\Windows\system32\drivers\down\101088.exe
C:\Windows\system32\drivers\down\101478.exe
C:\Windows\system32\drivers\down\101681.exe
C:\Windows\system32\drivers\down\102617.exe
C:\Windows\system32\drivers\down\102945.exe
C:\Windows\system32\drivers\down\103740.exe
C:\Windows\system32\drivers\down\1041135.exe
C:\Windows\system32\drivers\down\106829.exe
C:\Windows\system32\drivers\down\1078887.exe
C:\Windows\system32\drivers\down\108139.exe
C:\Windows\system32\drivers\down\1092412.exe
C:\Windows\system32\drivers\down\1095158.exe
C:\Windows\system32\drivers\down\1097950.exe
C:\Windows\system32\drivers\down\109902.exe
C:\Windows\system32\drivers\down\110199.exe
C:\Windows\system32\drivers\down\111244.exe
C:\Windows\system32\drivers\down\111915.exe
C:\Windows\system32\drivers\down\112539.exe
C:\Windows\system32\drivers\down\113194.exe
C:\Windows\system32\drivers\down\1133206.exe
C:\Windows\system32\drivers\down\1137746.exe
C:\Windows\system32\drivers\down\1140336.exe
C:\Windows\system32\drivers\down\1141396.exe
C:\Windows\system32\drivers\down\1144111.exe
C:\Windows\system32\drivers\down\114520.exe
C:\Windows\system32\drivers\down\114613.exe
C:\Windows\system32\drivers\down\11656254.exe
C:\Windows\system32\drivers\down\11659483.exe
C:\Windows\system32\drivers\down\11661995.exe
C:\Windows\system32\drivers\down\11684303.exe
C:\Windows\system32\drivers\down\11689841.exe
C:\Windows\system32\drivers\down\11714177.exe
C:\Windows\system32\drivers\down\11719918.exe
C:\Windows\system32\drivers\down\11722757.exe
C:\Windows\system32\drivers\down\11726017.exe
C:\Windows\system32\drivers\down\11729091.exe
C:\Windows\system32\drivers\down\11754659.exe
C:\Windows\system32\drivers\down\11758154.exe
C:\Windows\system32\drivers\down\11760275.exe
C:\Windows\system32\drivers\down\11764612.exe
C:\Windows\system32\drivers\down\1179632.exe
C:\Windows\system32\drivers\down\118014.exe
C:\Windows\system32\drivers\down\1184328.exe
C:\Windows\system32\drivers\down\119215.exe
C:\Windows\system32\drivers\down\119980.exe
C:\Windows\system32\drivers\down\120027.exe
C:\Windows\system32\drivers\down\121009.exe
C:\Windows\system32\drivers\down\12465306.exe
C:\Windows\system32\drivers\down\12468520.exe
C:\Windows\system32\drivers\down\124863.exe
C:\Windows\system32\drivers\down\12490781.exe
C:\Windows\system32\drivers\down\12493652.exe
C:\Windows\system32\drivers\down\12496272.exe
C:\Windows\system32\drivers\down\126548.exe
C:\Windows\system32\drivers\down\126704.exe
C:\Windows\system32\drivers\down\127062.exe
C:\Windows\system32\drivers\down\127125.exe
C:\Windows\system32\drivers\down\127733.exe
C:\Windows\system32\drivers\down\128513.exe
C:\Windows\system32\drivers\down\128778.exe
C:\Windows\system32\drivers\down\129137.exe
C:\Windows\system32\drivers\down\129980.exe
C:\Windows\system32\drivers\down\130058.exe
C:\Windows\system32\drivers\down\131352.exe
C:\Windows\system32\drivers\down\131836.exe
C:\Windows\system32\drivers\down\132039.exe
C:\Windows\system32\drivers\down\132772.exe
C:\Windows\system32\drivers\down\132959.exe
C:\Windows\system32\drivers\down\133178.exe
C:\Windows\system32\drivers\down\133318.exe
C:\Windows\system32\drivers\down\133427.exe
C:\Windows\system32\drivers\down\133926.exe
C:\Windows\system32\drivers\down\134504.exe
C:\Windows\system32\drivers\down\135003.exe
C:\Windows\system32\drivers\down\135081.exe
C:\Windows\system32\drivers\down\135689.exe
C:\Windows\system32\drivers\down\138076.exe
C:\Windows\system32\drivers\down\138450.exe
C:\Windows\system32\drivers\down\138856.exe
C:\Windows\system32\drivers\down\139355.exe
C:\Windows\system32\drivers\down\139386.exe
C:\Windows\system32\drivers\down\139464.exe
C:\Windows\system32\drivers\down\140759.exe
C:\Windows\system32\drivers\down\140931.exe
C:\Windows\system32\drivers\down\141477.exe
C:\Windows\system32\drivers\down\141960.exe
C:\Windows\system32\drivers\down\142475.exe
C:\Windows\system32\drivers\down\142553.exe
C:\Windows\system32\drivers\down\143224.exe
C:\Windows\system32\drivers\down\143240.exe
C:\Windows\system32\drivers\down\143879.exe
C:\Windows\system32\drivers\down\144254.exe
C:\Windows\system32\drivers\down\145626.exe
C:\Windows\system32\drivers\down\14620694.exe
C:\Windows\system32\drivers\down\14623034.exe
C:\Windows\system32\drivers\down\14623206.exe
C:\Windows\system32\drivers\down\14627106.exe
C:\Windows\system32\drivers\down\14629212.exe
C:\Windows\system32\drivers\down\14629383.exe
C:\Windows\system32\drivers\down\14633502.exe
C:\Windows\system32\drivers\down\14643267.exe
C:\Windows\system32\drivers\down\14643720.exe
C:\Windows\system32\drivers\down\146516.exe
C:\Windows\system32\drivers\down\14653548.exe
C:\Windows\system32\drivers\down\14653719.exe
C:\Windows\system32\drivers\down\14656387.exe
C:\Windows\system32\drivers\down\14662003.exe
C:\Windows\system32\drivers\down\14678446.exe
C:\Windows\system32\drivers\down\146843.exe
C:\Windows\system32\drivers\down\14684561.exe
C:\Windows\system32\drivers\down\14685606.exe
C:\Windows\system32\drivers\down\14688040.exe
C:\Windows\system32\drivers\down\14688851.exe
C:\Windows\system32\drivers\down\14691066.exe
C:\Windows\system32\drivers\down\14691113.exe
C:\Windows\system32\drivers\down\14694030.exe
C:\Windows\system32\drivers\down\14694498.exe
C:\Windows\system32\drivers\down\14694826.exe
C:\Windows\system32\drivers\down\14702220.exe
C:\Windows\system32\drivers\down\14707415.exe
C:\Windows\system32\drivers\down\14707431.exe
C:\Windows\system32\drivers\down\14708117.exe
C:\Windows\system32\drivers\down\14709334.exe
C:\Windows\system32\drivers\down\14711752.exe
C:\Windows\system32\drivers\down\14712563.exe
C:\Windows\system32\drivers\down\14712984.exe
C:\Windows\system32\drivers\down\14713140.exe
C:\Windows\system32\drivers\down\14715933.exe
C:\Windows\system32\drivers\down\14742515.exe
C:\Windows\system32\drivers\down\14742999.exe
C:\Windows\system32\drivers\down\147436.exe
C:\Windows\system32\drivers\down\14748911.exe
C:\Windows\system32\drivers\down\14750144.exe
C:\Windows\system32\drivers\down\14753264.exe
C:\Windows\system32\drivers\down\14753451.exe
C:\Windows\system32\drivers\down\14753638.exe
C:\Windows\system32\drivers\down\14754434.exe
C:\Windows\system32\drivers\down\14756321.exe
C:\Windows\system32\drivers\down\14766867.exe
C:\Windows\system32\drivers\down\147779.exe
C:\Windows\system32\drivers\down\14790626.exe
C:\Windows\system32\drivers\down\14797615.exe
C:\Windows\system32\drivers\down\14800173.exe
C:\Windows\system32\drivers\down\14803418.exe
C:\Windows\system32\drivers\down\14806288.exe
C:\Windows\system32\drivers\down\148341.exe
C:\Windows\system32\drivers\down\14836724.exe
C:\Windows\system32\drivers\down\14837941.exe
C:\Windows\system32\drivers\down\14838300.exe
C:\Windows\system32\drivers\down\14841217.exe
C:\Windows\system32\drivers\down\14877284.exe
C:\Windows\system32\drivers\down\14881746.exe
C:\Windows\system32\drivers\down\149667.exe
C:\Windows\system32\drivers\down\150977.exe
C:\Windows\system32\drivers\down\151554.exe
C:\Windows\system32\drivers\down\151648.exe
C:\Windows\system32\drivers\down\151664.exe
C:\Windows\system32\drivers\down\152147.exe
C:\Windows\system32\drivers\down\152459.exe
C:\Windows\system32\drivers\down\152693.exe
C:\Windows\system32\drivers\down\152740.exe
C:\Windows\system32\drivers\down\153005.exe
C:\Windows\system32\drivers\down\153270.exe
C:\Windows\system32\drivers\down\153879.exe
C:\Windows\system32\drivers\down\154331.exe
C:\Windows\system32\drivers\down\154986.exe
C:\Windows\system32\drivers\down\155345.exe
C:\Windows\system32\drivers\down\155470.exe
C:\Windows\system32\drivers\down\156188.exe
C:\Windows\system32\drivers\down\156671.exe
C:\Windows\system32\drivers\down\157186.exe
C:\Windows\system32\drivers\down\157280.exe
C:\Windows\system32\drivers\down\157342.exe
C:\Windows\system32\drivers\down\157763.exe
C:\Windows\system32\drivers\down\157935.exe
C:\Windows\system32\drivers\down\158309.exe
C:\Windows\system32\drivers\down\158559.exe
C:\Windows\system32\drivers\down\158621.exe
C:\Windows\system32\drivers\down\159230.exe
C:\Windows\system32\drivers\down\159479.exe
C:\Windows\system32\drivers\down\159713.exe
C:\Windows\system32\drivers\down\160322.exe
C:\Windows\system32\drivers\down\160462.exe
C:\Windows\system32\drivers\down\160634.exe
C:\Windows\system32\drivers\down\160868.exe
C:\Windows\system32\drivers\down\161008.exe
C:\Windows\system32\drivers\down\161570.exe
C:\Windows\system32\drivers\down\162007.exe
C:\Windows\system32\drivers\down\162272.exe
C:\Windows\system32\drivers\down\162896.exe
C:\Windows\system32\drivers\down\163707.exe
C:\Windows\system32\drivers\down\163816.exe
C:\Windows\system32\drivers\down\163832.exe
C:\Windows\system32\drivers\down\164019.exe
C:\Windows\system32\drivers\down\164144.exe
C:\Windows\system32\drivers\down\165283.exe
C:\Windows\system32\drivers\down\165953.exe
C:\Windows\system32\drivers\down\166281.exe
C:\Windows\system32\drivers\down\166375.exe
C:\Windows\system32\drivers\down\166499.exe
C:\Windows\system32\drivers\down\166889.exe
C:\Windows\system32\drivers\down\167045.exe
C:\Windows\system32\drivers\down\167389.exe
C:\Windows\system32\drivers\down\168808.exe
C:\Windows\system32\drivers\down\169697.exe
C:\Windows\system32\drivers\down\169994.exe
C:\Windows\system32\drivers\down\170150.exe
C:\Windows\system32\drivers\down\170446.exe
C:\Windows\system32\drivers\down\171523.exe
C:\Windows\system32\drivers\down\171991.exe
C:\Windows\system32\drivers\down\172069.exe
C:\Windows\system32\drivers\down\172287.exe
C:\Windows\system32\drivers\down\174565.exe
C:\Windows\system32\drivers\down\174877.exe
C:\Windows\system32\drivers\down\176203.exe
C:\Windows\system32\drivers\down\176873.exe
C:\Windows\system32\drivers\down\177981.exe
C:\Windows\system32\drivers\down\178121.exe
C:\Windows\system32\drivers\down\178168.exe
C:\Windows\system32\drivers\down\178761.exe
C:\Windows\system32\drivers\down\180243.exe
C:\Windows\system32\drivers\down\180992.exe
C:\Windows\system32\drivers\down\182115.exe
C:\Windows\system32\drivers\down\182302.exe
C:\Windows\system32\drivers\down\183316.exe
C:\Windows\system32\drivers\down\183581.exe
C:\Windows\system32\drivers\down\184081.exe
C:\Windows\system32\drivers\down\184595.exe
C:\Windows\system32\drivers\down\184970.exe
C:\Windows\system32\drivers\down\185141.exe
C:\Windows\system32\drivers\down\186389.exe
C:\Windows\system32\drivers\down\186748.exe
C:\Windows\system32\drivers\down\187482.exe
C:\Windows\system32\drivers\down\187575.exe
C:\Windows\system32\drivers\down\187903.exe
C:\Windows\system32\drivers\down\188012.exe
C:\Windows\system32\drivers\down\188433.exe
C:\Windows\system32\drivers\down\189790.exe
C:\Windows\system32\drivers\down\189868.exe
C:\Windows\system32\drivers\down\189993.exe
C:\Windows\system32\drivers\down\190196.exe
C:\Windows\system32\drivers\down\191148.exe
C:\Windows\system32\drivers\down\191553.exe
C:\Windows\system32\drivers\down\191756.exe
C:\Windows\system32\drivers\down\192068.exe
C:\Windows\system32\drivers\down\192162.exe
C:\Windows\system32\drivers\down\192177.exe
C:\Windows\system32\drivers\down\194174.exe
C:\Windows\system32\drivers\down\194876.exe
C:\Windows\system32\drivers\down\194970.exe
C:\Windows\system32\drivers\down\195874.exe
C:\Windows\system32\drivers\down\196077.exe
C:\Windows\system32\drivers\down\196311.exe
C:\Windows\system32\drivers\down\196608.exe
C:\Windows\system32\drivers\down\196826.exe
C:\Windows\system32\drivers\down\196888.exe
C:\Windows\system32\drivers\down\197778.exe
C:\Windows\system32\drivers\down\198074.exe
C:\Windows\system32\drivers\down\198121.exe
C:\Windows\system32\drivers\down\198495.exe
C:\Windows\system32\drivers\down\198838.exe
C:\Windows\system32\drivers\down\199338.exe
C:\Windows\system32\drivers\down\200024.exe
C:\Windows\system32\drivers\down\200055.exe
C:\Windows\system32\drivers\down\200133.exe
C:\Windows\system32\drivers\down\200976.exe
C:\Windows\system32\drivers\down\201678.exe
C:\Windows\system32\drivers\down\202177.exe
C:\Windows\system32\drivers\down\202692.exe
C:\Windows\system32\drivers\down\202926.exe
C:\Windows\system32\drivers\down\203565.exe
C:\Windows\system32\drivers\down\203581.exe
C:\Windows\system32\drivers\down\203768.exe
C:\Windows\system32\drivers\down\203815.exe
C:\Windows\system32\drivers\down\204314.exe
C:\Windows\system32\drivers\down\205718.exe
C:\Windows\system32\drivers\down\205936.exe
C:\Windows\system32\drivers\down\206077.exe
C:\Windows\system32\drivers\down\206732.exe
C:\Windows\system32\drivers\down\206982.exe
C:\Windows\system32\drivers\down\207028.exe
C:\Windows\system32\drivers\down\207044.exe
C:\Windows\system32\drivers\down\207231.exe
C:\Windows\system32\drivers\down\208526.exe
C:\Windows\system32\drivers\down\209041.exe
C:\Windows\system32\drivers\down\210367.exe
C:\Windows\system32\drivers\down\210476.exe
C:\Windows\system32\drivers\down\211740.exe
C:\Windows\system32\drivers\down\212161.exe
C:\Windows\system32\drivers\down\213331.exe
C:\Windows\system32\drivers\down\213752.exe
C:\Windows\system32\drivers\down\214579.exe
C:\Windows\system32\drivers\down\214860.exe
C:\Windows\system32\drivers\down\216919.exe
C:\Windows\system32\drivers\down\218510.exe
C:\Windows\system32\drivers\down\220351.exe
C:\Windows\system32\drivers\down\221615.exe
C:\Windows\system32\drivers\down\223471.exe
C:\Windows\system32\drivers\down\224064.exe
C:\Windows\system32\drivers\down\226092.exe
C:\Windows\system32\drivers\down\226451.exe
C:\Windows\system32\drivers\down\226669.exe
C:\Windows\system32\drivers\down\227059.exe
C:\Windows\system32\drivers\down\227777.exe
C:\Windows\system32\drivers\down\229087.exe
C:\Windows\system32\drivers\down\229867.exe
C:\Windows\system32\drivers\down\229961.exe
C:\Windows\system32\drivers\down\231786.exe
C:\Windows\system32\drivers\down\231989.exe
C:\Windows\system32\drivers\down\232191.exe
C:\Windows\system32\drivers\down\232628.exe
C:\Windows\system32\drivers\down\232831.exe
C:\Windows\system32\drivers\down\233939.exe
C:\Windows\system32\drivers\down\234251.exe
C:\Windows\system32\drivers\down\234407.exe
C:\Windows\system32\drivers\down\235187.exe
C:\Windows\system32\drivers\down\235452.exe
C:\Windows\system32\drivers\down\236747.exe
C:\Windows\system32\drivers\down\237121.exe
C:\Windows\system32\drivers\down\237215.exe
C:\Windows\system32\drivers\down\237371.exe
C:\Windows\system32\drivers\down\238447.exe
C:\Windows\system32\drivers\down\240600.exe
C:\Windows\system32\drivers\down\240678.exe
C:\Windows\system32\drivers\down\240756.exe
C:\Windows\system32\drivers\down\240818.exe
C:\Windows\system32\drivers\down\242378.exe
C:\Windows\system32\drivers\down\243267.exe
C:\Windows\system32\drivers\down\243377.exe
C:\Windows\system32\drivers\down\244484.exe
C:\Windows\system32\drivers\down\244859.exe
C:\Windows\system32\drivers\down\245405.exe
C:\Windows\system32\drivers\down\245498.exe
C:\Windows\system32\drivers\down\247043.exe
C:\Windows\system32\drivers\down\247604.exe
C:\Windows\system32\drivers\down\247776.exe
C:\Windows\system32\drivers\down\247869.exe
C:\Windows\system32\drivers\down\247947.exe
C:\Windows\system32\drivers\down\248790.exe
C:\Windows\system32\drivers\down\249242.exe
C:\Windows\system32\drivers\down\249507.exe
C:\Windows\system32\drivers\down\249851.exe
C:\Windows\system32\drivers\down\250756.exe
C:\Windows\system32\drivers\down\251052.exe
C:\Windows\system32\drivers\down\251988.exe
C:\Windows\system32\drivers\down\252581.exe
C:\Windows\system32\drivers\down\252924.exe
C:\Windows\system32\drivers\down\252955.exe
C:\Windows\system32\drivers\down\254063.exe
C:\Windows\system32\drivers\down\254297.exe
C:\Windows\system32\drivers\down\254468.exe
C:\Windows\system32\drivers\down\254531.exe
C:\Windows\system32\drivers\down\255124.exe
C:\Windows\system32\drivers\down\255389.exe
C:\Windows\system32\drivers\down\257526.exe
C:\Windows\system32\drivers\down\258680.exe
C:\Windows\system32\drivers\down\260225.exe
C:\Windows\system32\drivers\down\260630.exe
C:\Windows\system32\drivers\down\262300.exe
C:\Windows\system32\drivers\down\265607.exe
C:\Windows\system32\drivers\down\268774.exe
C:\Windows\system32\drivers\down\272159.exe
C:\Windows\system32\drivers\down\272408.exe
C:\Windows\system32\drivers\down\274561.exe
C:\Windows\system32\drivers\down\275918.exe
C:\Windows\system32\drivers\down\275934.exe
C:\Windows\system32\drivers\down\277057.exe
C:\Windows\system32\drivers\down\277634.exe
C:\Windows\system32\drivers\down\277790.exe
C:\Windows\system32\drivers\down\280474.exe
C:\Windows\system32\drivers\down\282221.exe
C:\Windows\system32\drivers\down\283344.exe
C:\Windows\system32\drivers\down\284093.exe
C:\Windows\system32\drivers\down\284358.exe
C:\Windows\system32\drivers\down\284701.exe
C:\Windows\system32\drivers\down\285232.exe
C:\Windows\system32\drivers\down\285388.exe
C:\Windows\system32\drivers\down\285450.exe
C:\Windows\system32\drivers\down\286854.exe
C:\Windows\system32\drivers\down\287026.exe
C:\Windows\system32\drivers\down\288711.exe
C:\Windows\system32\drivers\down\290598.exe
C:\Windows\system32\drivers\down\29167553.exe
C:\Windows\system32\drivers\down\29167974.exe
C:\Windows\system32\drivers\down\291768.exe
C:\Windows\system32\drivers\down\29177912.exe
C:\Windows\system32\drivers\down\29178068.exe
C:\Windows\system32\drivers\down\29180689.exe
C:\Windows\system32\drivers\down\29186117.exe
C:\Windows\system32\drivers\down\29207864.exe
C:\Windows\system32\drivers\down\29213199.exe
C:\Windows\system32\drivers\down\29215352.exe
C:\Windows\system32\drivers\down\29219034.exe
C:\Windows\system32\drivers\down\29228518.exe
C:\Windows\system32\drivers\down\29235663.exe
C:\Windows\system32\drivers\down\29237738.exe
C:\Windows\system32\drivers\down\29238362.exe
C:\Windows\system32\drivers\down\29241092.exe
C:\Windows\system32\drivers\down\292689.exe
C:\Windows\system32\drivers\down\29278205.exe
C:\Windows\system32\drivers\down\29282308.exe
C:\Windows\system32\drivers\down\293328.exe
C:\Windows\system32\drivers\down\294545.exe
C:\Windows\system32\drivers\down\295528.exe
C:\Windows\system32\drivers\down\295840.exe
C:\Windows\system32\drivers\down\296557.exe
C:\Windows\system32\drivers\down\296620.exe
C:\Windows\system32\drivers\down\298991.exe
C:\Windows\system32\drivers\down\299256.exe
C:\Windows\system32\drivers\down\303484.exe
C:\Windows\system32\drivers\down\304217.exe
C:\Windows\system32\drivers\down\305247.exe
C:\Windows\system32\drivers\down\309942.exe
C:\Windows\system32\drivers\down\309973.exe
C:\Windows\system32\drivers\down\311533.exe
C:\Windows\system32\drivers\down\311721.exe
C:\Windows\system32\drivers\down\312485.exe
C:\Windows\system32\drivers\down\314794.exe
C:\Windows\system32\drivers\down\314888.exe
C:\Windows\system32\drivers\down\315699.exe
C:\Windows\system32\drivers\down\316775.exe
C:\Windows\system32\drivers\down\318850.exe
C:\Windows\system32\drivers\down\320784.exe
C:\Windows\system32\drivers\down\322173.exe
C:\Windows\system32\drivers\down\323249.exe
C:\Windows\system32\drivers\down\323358.exe
C:\Windows\system32\drivers\down\326385.exe
C:\Windows\system32\drivers\down\327898.exe
C:\Windows\system32\drivers\down\330519.exe
C:\Windows\system32\drivers\down\333498.exe
C:\Windows\system32\drivers\down\337196.exe
C:\Windows\system32\drivers\down\337398.exe
C:\Windows\system32\drivers\down\338506.exe
C:\Windows\system32\drivers\down\342390.exe
C:\Windows\system32\drivers\down\343545.exe
C:\Windows\system32\drivers\down\345667.exe
C:\Windows\system32\drivers\down\346337.exe
C:\Windows\system32\drivers\down\348381.exe
C:\Windows\system32\drivers\down\350971.exe
C:\Windows\system32\drivers\down\351610.exe
C:\Windows\system32\drivers\down\351673.exe
C:\Windows\system32\drivers\down\354465.exe
C:\Windows\system32\drivers\down\356368.exe
C:\Windows\system32\drivers\down\356618.exe
C:\Windows\system32\drivers\down\365853.exe
C:\Windows\system32\drivers\down\365947.exe
C:\Windows\system32\drivers\down\366789.exe
C:\Windows\system32\drivers\down\370892.exe
C:\Windows\system32\drivers\down\371641.exe
C:\Windows\system32\drivers\down\374183.exe
C:\Windows\system32\drivers\down\387366.exe
C:\Windows\system32\drivers\down\391375.exe
C:\Windows\system32\drivers\down\396398.exe
C:\Windows\system32\drivers\down\399939.exe
C:\Windows\system32\drivers\down\400392.exe
C:\Windows\system32\drivers\down\403824.exe
C:\Windows\system32\drivers\down\409003.exe
C:\Windows\system32\drivers\down\424057.exe
C:\Windows\system32\drivers\down\42713.exe
C:\Windows\system32\drivers\down\428550.exe
C:\Windows\system32\drivers\down\43087.exe
C:\Windows\system32\drivers\down\434462.exe
C:\Windows\system32\drivers\down\439517.exe
C:\Windows\system32\drivers\down\43961.exe
C:\Windows\system32\drivers\down\443698.exe
C:\Windows\system32\drivers\down\44631.exe
C:\Windows\system32\drivers\down\446334.exe
C:\Windows\system32\drivers\down\454025.exe
C:\Windows\system32\drivers\down\46129.exe
C:\Windows\system32\drivers\down\472542.exe
C:\Windows\system32\drivers\down\47783.exe
C:\Windows\system32\drivers\down\486598.exe
C:\Windows\system32\drivers\down\491839.exe
C:\Windows\system32\drivers\down\495069.exe
C:\Windows\system32\drivers\down\497081.exe
C:\Windows\system32\drivers\down\501075.exe
C:\Windows\system32\drivers\down\51729.exe
C:\Windows\system32\drivers\down\52197.exe
C:\Windows\system32\drivers\down\53414.exe
C:\Windows\system32\drivers\down\534350.exe
C:\Windows\system32\drivers\down\538453.exe
C:\Windows\system32\drivers\down\54179.exe
C:\Windows\system32\drivers\down\54600.exe
C:\Windows\system32\drivers\down\547844.exe
C:\Windows\system32\drivers\down\551993.exe
C:\Windows\system32\drivers\down\55520.exe
C:\Windows\system32\drivers\down\56004.exe
C:\Windows\system32\drivers\down\56347.exe
C:\Windows\system32\drivers\down\56394.exe
C:\Windows\system32\drivers\down\58999.exe
C:\Windows\system32\drivers\down\59264.exe
C:\Windows\system32\drivers\down\60715.exe
C:\Windows\system32\drivers\down\63835.exe
C:\Windows\system32\drivers\down\65161.exe
C:\Windows\system32\drivers\down\66128.exe
C:\Windows\system32\drivers\down\67376.exe
C:\Windows\system32\drivers\down\67844.exe
C:\Windows\system32\drivers\down\68375.exe
C:\Windows\system32\drivers\down\69030.exe
C:\Windows\system32\drivers\down\69482.exe
C:\Windows\system32\drivers\down\69919.exe
C:\Windows\system32\drivers\down\74038.exe
C:\Windows\system32\drivers\down\74459.exe
C:\Windows\system32\drivers\down\75488.exe
C:\Windows\system32\drivers\down\76534.exe
C:\Windows\system32\drivers\down\77002.exe
C:\Windows\system32\drivers\down\78203.exe
C:\Windows\system32\drivers\down\78530.exe
C:\Windows\system32\drivers\down\78780.exe
C:\Windows\system32\drivers\down\79529.exe
C:\Windows\system32\drivers\down\79669.exe
C:\Windows\system32\drivers\down\80059.exe
C:\Windows\system32\drivers\down\80168.exe
C:\Windows\system32\drivers\down\81073.exe
C:\Windows\system32\drivers\down\81744.exe
C:\Windows\system32\drivers\down\82618.exe
C:\Windows\system32\drivers\down\83569.exe
C:\Windows\system32\drivers\down\84380.exe
C:\Windows\system32\drivers\down\85036.exe
C:\Windows\system32\drivers\down\85051.exe
C:\Windows\system32\drivers\down\85129.exe
C:\Windows\system32\drivers\down\85691.exe
C:\Windows\system32\drivers\down\86190.exe
C:\Windows\system32\drivers\down\87001.exe
C:\Windows\system32\drivers\down\87048.exe
C:\Windows\system32\drivers\down\87563.exe
C:\Windows\system32\drivers\down\87734.exe
C:\Windows\system32\drivers\down\88530.exe
C:\Windows\system32\drivers\down\88764.exe
C:\Windows\system32\drivers\down\89372.exe
C:\Windows\system32\drivers\down\90230.exe
C:\Windows\system32\drivers\down\90589.exe
C:\Windows\system32\drivers\down\91229.exe
C:\Windows\system32\drivers\down\93241.exe
C:\Windows\system32\drivers\down\93304.exe
C:\Windows\system32\drivers\down\94365.exe
C:\Windows\system32\drivers\down\94723.exe
C:\Windows\system32\drivers\down\95800.exe
C:\Windows\system32\drivers\down\96003.exe
C:\Windows\system32\drivers\down\968064.exe
C:\Windows\system32\drivers\down\971855.exe
C:\Windows\system32\drivers\down\972806.exe
C:\Windows\system32\drivers\down\979171.exe
C:\Windows\system32\drivers\down\98779.exe
C:\Windows\system32\drivers\down\98967.exe
C:\Windows\system32\drivers\down\99871.exe
C:\Windows\system32\drivers\down\99934.exe
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_SROSA
-------\Service_srosa

((((((((((((((((((((((((( Files Created from 2008-02-22 to 2008-03-22 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-22 15:22 262,144 ----a-w C:\ntuser.dat
2008-03-19 15:31 --------- d-----w C:\Program Files\Windows Mail
2008-03-19 15:31 --------- d-----w C:\Program Files\Norton Internet Security
2008-03-19 15:31 --------- d-----w C:\Program Files\Microsoft Works
2008-03-19 15:31 --------- d-----w C:\Program Files\Finance 2002
2008-03-19 15:31 --------- d-----w C:\Program Files\Disc2Phone
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-19 14:20 --------- d-----w C:\PROGRA~2\Symantec
2008-03-19 13:44 --------- d-----w C:\Program Files\Alwil Software
2008-03-08 08:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 12:40 13,035 ----a-w C:\Windows\system32\drivers\SymRedir.cat
2008-03-07 12:40 1,358 ----a-w C:\Windows\system32\drivers\SymRedir.inf
2008-03-07 12:39 39,984 ----a-w C:\Windows\system32\drivers\symids.sys
2008-03-07 12:39 37,936 ----a-w C:\Windows\system32\drivers\symndisv.sys
2008-03-07 12:39 27,696 ----a-w C:\Windows\system32\drivers\symredrv.sys
2008-03-07 12:39 191,536 ----a-w C:\Windows\system32\drivers\symtdi.sys
2008-03-07 12:39 145,968 ----a-w C:\Windows\system32\drivers\symfw.sys
2008-03-07 12:39 12,848 ----a-w C:\Windows\system32\drivers\symdns.sys
2008-02-29 21:47 --------- d-----w C:\Users\r3no\AppData\Roaming\Skype
2008-02-17 08:09 --------- d-----w C:\Users\r3no\AppData\Roaming\OpenOffice.org2
2008-02-13 09:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 09:10 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-13 09:10 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-13 09:10 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-13 09:10 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys
2008-02-13 09:09 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 09:09 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 09:09 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 09:09 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 09:09 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 09:08 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 09:08 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 09:08 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 09:08 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 09:08 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 09:08 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 09:06 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-01-26 04:43 --------- d-----w C:\Program Files\World of Warcraft
2008-01-25 15:26 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-25 14:50 --------- d-----w C:\Program Files\Windows Live
2008-01-25 14:49 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-25 14:43 --------- d-----w C:\PROGRA~2\WLInstaller
2007-08-30 08:10 174 --sha-w C:\Program Files\desktop.ini
2007-07-07 06:37 0 ----a-w C:\Users\r3no\AppData\Roaming\wklnhst.dat
2007-07-06 17:54 22 --sha-w C:\Windows\SMINST\HPCD.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 00:52 1232896]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-07 12:38 32768]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 14:42 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 12:34 155648]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 12:39 151552]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 15:46 4349952 C:\Windows\RtHDVCpl.exe]
"CCUTRAYICON"="FactoryMode" []
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-03-22 18:10 115816]
"osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2008-03-22 18:10 22696]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\Windows\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-07 02:05 1006264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-07 12:38:59 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-07 13:20:04 692224]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-245561791-3675916137-1691796862-1001]
"EnableNotificationsRef"=dword:00000004

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{883DCC1A-57B0-40D9-8214-1886E9CE8414}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{F467BD2A-C293-4A5B-9A98-C5C9AEE30806}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{90952649-CC5E-4979-8CD9-CA4A4464B720}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{52A9CE63-F748-4024-8DBA-D7961AC308A5}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{11261E0B-0FCB-4503-BF57-790417B99912}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{154DF8FC-0B53-4A18-882A-9CCE3E476512}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{78520819-0ED9-4172-A85D-C8F6DBAC6A22}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{28118C03-69B4-4411-BD2F-FAC843BA6437}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{290C6F34-F75F-49B9-86A4-BD9B2CF63E86}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{853F23DD-CCA8-4C7A-A3C4-4C59FEB09D74}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{404438DA-0F0C-46AA-B488-83962673511C}"= Disabled:UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{0349D75A-3641-4425-9C22-699000257C65}"= Disabled:TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{EB65C428-A5EC-41DA-A408-0F8868EDF7C3}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44BA32EB-D00D-41F8-9AA9-94044341EDEB}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{1034DDDA-73FA-49BB-8E05-C50353381670}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{BC57958B-47EF-4DA3-B592-8F91FA46465E}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{AA8B48B2-05B4-4CEA-9CD0-7BAF873F8381}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{14A48264-8BEE-45AB-946B-66F23B5694F5}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{BE332459-66F8-4E1E-83E2-87976F8816FA}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{76C3FD81-7041-437E-B36C-9B23609D9114}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{D10746C0-8F8E-4EA7-AF3F-77D5C51BE236}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{85094C99-BEA8-40E9-B2BE-E686ADF548AE}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{FE0FD6AD-4CFE-406D-AB4D-920B1F12C4E0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{327C7031-9895-4CCB-A461-0C67FCA53AA6}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{50CE5DD2-D625-49B2-BB2F-BA1B53BD64A4}C:\\users\\r3no\\programmes\\emule\\emule.exe"= UDP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"UDP Query User{5980A0E1-0324-4EDA-817E-CD0323E9739D}C:\\users\\r3no\\programmes\\emule\\emule.exe"= TCP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"TCP Query User{66A7AE08-E58C-4F49-B29D-A64827EFDAB4}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{0437D87B-B51B-4DD6-8726-A66FF0552F72}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{3A88F224-9BA8-4EE9-93C6-26F044B8BFD7}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{F94685BC-935D-4F8D-A062-9BF30139D629}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{E0811EE4-416B-4121-85F9-3DF9FEC91F91}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{77A176D0-9442-42AE-A989-5D71F2DDCF5B}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"{A6CEAC16-DD4B-4F44-AC36-30ABCAC60FD4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080305.002\IDSvix86.sys [2008-02-13 17:18]
R2 DQLWinService;DQLWinService;"C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe" [2006-09-03 10:32]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-12-28 01:11]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-13 12:09]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 13:16]
S2 IntelDHSvcConf;Intel DH Service;"C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe" [2006-05-10 09:13]
S3 Symantec RemoteAssist;Symantec RemoteAssist;"C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe" [2008-01-29 16:09]
S3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-03-07 13:39]

*Newly Created Service* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {E505DA68-3442-5D45-2BD4-1AF0B6312E53} /qb
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-22 18:13:10
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\conime.exe
.
**************************************************************************
.
Completion time: 2008-03-22 18:15:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-22 17:14:57
.
2008-03-07 17:25:51 --- E O F ---

Répondre à fanyca

Re,

Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.

AIDE : Tuto sur le scan en ligne

NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

il dit sur la page d'accueil que la compatibilité avec vista est bientot disponible dois je le faire tout de meme ??

Répondre à fanyca

Oui, en ayant désactivé l'uac préalablement

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

ok il est en cours

Répondre à fanyca

apparemment il bloque et ne veux pas télécharger le programme nécessaire

Répondre à fanyca

je confirme le scan kaspersky ne fonctionne pas

Répondre à fanyca

Re,

Normalement il marche très bien sous Vista

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

j'ai essayé deux fois sans succés

Répondre à fanyca

http://www.infos-du-net.com/forum/ [...] -kaspersky

Tu as bien fait comme il fallait ?

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

Oui je viens meme de ressayer. Ya pas de manip très compliquée il faut suivre ce que l'on dit et je l'ai fait...

Répondre à fanyca

...

Bizarre

Refais-moi un scan ELIBAGLA.

Puis essaye ce scan en ligne :

- Fais un nano/total scan avec panda en désactivant ton antivirus pendant le scan!
- Enregitre toi sur le site en créant un compte à partir du bouton Register Free à droite.
- Après avoir indiqué une adresse mail valide et un mot de passe.. tu vas recevoir un mail.. clic sur le lien pour activer ton compte
- Retourne sur le site et identifie toi dans la partie droite en indiquant ton adresse mail et ton mot de passe
- Coche au milieu l'option Full Scan puis clic sur le bouton Scan now
- Le site va te demander d'accepter l'installation du contrôle Activex.. accepte en cliquant sur le bouton Oui.
- Le programme va télécharger les mises à jour puis le scan va se faire.. Il peut durer une heure.
- Une fois le scan terminé.. clic en bas de la page de rapport sur le bouton Desinfect
- Ensuite dans la partie haute, clic sur le petit bouton Save.. Cela va te permettre d'enregistrer un rapport sur ton bureau.
- Ouvre ce rapport et Copie/colle le rapport panda ici

AIDE : Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

il bloque sur la fenetre de mise a jour des bases antivirus après avoir acceper l'installation du programme kaspersky lab et il me met en haut à gauche que le programme ne répond pas

Répondre à fanyca

Il bloque c'est-à-dire ? Il faut être patient aussi

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

oui j'ai été très patiente... lol mais il me met en haut à gauche que le programme ne répond pas.... quand tu dis patient c'est à dire....

Répondre à fanyca

Patient... hum plusieurs bonne minutes ( une bonne dizaine, voire 1/4h )

Je t'ai donné les explications pour un autre scan sino

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

ok j'avais pa vu ce message je le fais tout de suite

Répondre à fanyca

voila le 2° rapport eliblaga

Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\

Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0

Sat Mar 22 18:07:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.

Sat Mar 22 18:13:09 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sat Mar 22 19:20:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):

Sat Mar 22 19:20:23 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102945.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\133926.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146516.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14653719.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14753638.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\149667.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\153005.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\156188.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\167045.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\169697.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29178068.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\366789.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\56394.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\80168.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85691.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\90589.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\972806.EXE.VIR --> Eliminado Bagle

Nº Total de Directorios: 15673
Nº Total de Ficheros: 92516
Nº de Ficheros Analizados: 15874
Nº de Ficheros Infectados: 17
Nº de Ficheros Limpiados: 17

Répondre à fanyca

dsl toujours meme problème qu'avec kaspersky il bloque et ne me télécharge meme pas le logiciel (....... ne répond pas).

Répondre à fanyca

Re,

Désinstalle/réinstalle tous tes logiciels de protection et dis-moi s'ils remarchent normalement.

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

je pense que j'en suis venu a bout. Apparemment plus rien, g desinstall norton et mis avast.... ca a l'air de fonctionné...........merci pour tout et bonne soirée

Répondre à fanyca

Re, bonne nouvelle mais ce n'est pas fini !

Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software

Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.

Télécharge et installe Antivir. (tuto)
Pourquoi changer ? Avast vs Antivir
Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.

Bonne soirée :hello:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voila easy cleaner et passer ainsi que antivir en mode sans échec voila le rapport

AntiVir PersonalEdition Classic
Report file date: 2008-03-22 22:56

Scanning for 1161960 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: r3no
Computer name: PC-DE-R3NO

Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 21:45:26
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 2008-03-21 21:45:26
ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 2008-03-22 21:45:26
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 2008-03-22 21:45:26
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-03-22 21:45:26
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: 2008-03-22 22:56

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
16 processes with 16 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!

Starting to scan the registry.
The registry was scanned ( '15' files ).

Starting the file scan:

Begin scan in 'C:\' <HP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\catchme2008-03-22_181310.28.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.LC
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\1.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\101681.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\108139.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\112539.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\113194.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\121009.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\12468520.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\127733.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\135003.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\142475.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14623206.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c4.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14629383.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c5.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14643720.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4ab0f7e6.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\192177.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\216919.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4a8dbf1e.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\247776.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481c83c9.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29167974.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481683cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\333498.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481883ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\43961.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44631.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481b83cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59264.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783d1.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\69919.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481e83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\79669.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81073.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481583ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81744.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83cb.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85051.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481583cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\88764.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\98967.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83d3.qua'!
Begin scan in 'D:\' <Recovery>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.

Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.

End of the scan: 2008-03-22 23:22
Used time: 26:23 min

The scan has been done completely.

16016 Scanning directories
307886 Files were scanned
37 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
16 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
307849 Files not concerned
2359 Archives were scanned
1 Warnings
12 Notes

Répondre à fanyca

Re,

Une dernière vérification

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

ok voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:28, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 20450 bytes

Répondre à fanyca

:hello:

1) Afficher les dossiers cachés : http://www.micro-astuce.com/Forum/topic1607.html

2) Rends toi sur ce lien : Virus Total

Clique sur Parcourir
Rends toi jusque sur ce fichier si tu le trouves :

c:\windows\sminst\launcher.exe

Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
Lorsque l'analyse est terminée ("Situation actuelle: terminé" ), clique sur Formaté
Une nouvelle fenêtre de ton navigateur va apparaître
Clique alors sur cette image :
Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
Enfin colle le résultat dans ta prochaine réponse.

Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

Message édité par Egwene le 23-03-2008 à 10:43:51

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

OK merci.. voila le résultat de l'analyse

Fichier Launcher.exe reçu le 2008.02.18 20:48:16 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -

Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -

Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -

Répondre à fanyca

Re,

1) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

2) Tu as des restes de Norton :

Désinstalle Symantec, Norton ..
Désinstallation Norton :
Télécharge et exécute : http://service1.symantec.com/SUPPO [...] 4110429924

Une fois cela fait, redémarre l'ordinateur et poste-moi un nouveau rapport hijackthis et dis-moi comment va le PC

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

j'ai un pb car je n'ai pas le cd d'install de norton (il me le demande pour la désinstall.) car je l'ai eu préinstallé sur mon ordi quand je l'ai acheté. est ce vraiment nécessaire ou peut être y a t'il un autre moyen qu'en penses tu ?

Répondre à fanyca

Re,

As-tu essayé l'outil du lien que je t'ai donné ?

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

oui mais il demande le de faire une réinstall. pour desinstall..?? loll

Répondre à fanyca

ou alors j'ai peut être mal compris c'est peut etre pour refaire un install par la suite .... rhooo dsl je suis pas une pro merci de ta patience

Répondre à fanyca

bon je re je me lance loll

Répondre à fanyca

il ne veux pas faire il me fait une erreur :
runtime error !

Program:c/users/...../desktop/Norton_Remove_Tool.exe

This application has requested the runtime to terminate it in an unusual way.
Please contact the application's support team for more information.

Répondre à fanyca

Re,

Essaye de supprimer les restes de Norton Manuellement en t'aidant de ce petit utilitaire.

http://www.01net.com/telecharger/w [...] 32585.html

Tuto : http://www.cave-a-yoyo.com/forum/t [...] -vt23.html

N.B : fais-le en mode sans échec pour plus d'efficacité.

Message édité par Egwene le 23-03-2008 à 20:55:28

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

oui c'est ce que j'ai fait en lisant qq trucs par ci par la ... lol voila le rapport hijackthis après la suppression manuelle de tous les fichiers norton/symantec :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:47, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)

--
End of file - 20431 bytes

Répondre à fanyca

Re,

Je t'avais demandé de "fixer" des lignes avec hijackthis plus haut... visiblement ça n'a pas été fait, alors fais-le, redémarre le PC et reposte un nouveau hijackthis.

Message édité par Egwene le 23-03-2008 à 21:18:25

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

je les ai faites normalement

Répondre à fanyca

Alors redémarre le PC pour que les changements soient pris en compte et poste un nouveau rapport hijackthis

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

j'ai refais la manip et redémarrer et voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:55, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)

--
End of file - 20569 bytes

Répondre à fanyca

Re,

Les 018 de BackWeb résistent

Tente de les fixer en mode sans échec Redémarre en mode normal puis poste un nouveau rapport.

Message édité par Egwene le 23-03-2008 à 21:37:05

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

impossible en mode sans échec il me met une erreur, j'ai tout de meme refait une tentative en mode normal mais je crois que rien n'y fait voici le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:35, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\r3no\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/ [...] rtdgi1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)

--
End of file - 20454 bytes

Répondre à fanyca

Re,

Une erreur en mode sans échec ? Laquelle ?

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

run time je crois

Répondre à fanyca

Re,

Je me renseigne, je te tiens au courant :super:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

voila le message exact : Run-time error "481" : invalid picture

Répondre à fanyca

Je me renseigne et te tiens au courant

Demain je te réponds

Bonne soirée :hello:

------------------------------ Prière de signaler si vous vous faites déjà aider sur un autre forum ou dans un autre topic.

Sécurité / Prévention
Répondre à Egwene

[Résolu] aidez moi SVP j'ai un ver !!!!

Forum Sécurité - Virus : [Résolu] aidez moi SVP j'ai un ver !!!!

Attention