[Résolu] aidez moi SVP j'ai un ver !!!!
Dernière réponse : dans Sécurité
Bonjour,
qq un pourrait il m'aider à supprimer le ver qui m'a infecté win32.worm.bagle.zlc dans le fichier mdelk.exe que je n'arrive pas à supprimer en mode sans échec. Il m'a neutraliser mon antivirus norton. Je l'ai détecter en faisant un antivirus en ligne BIT DEFENDER qui n'a pas réussi à me le supprimer. J'ai donc essayé le scan espagnol de crois "ebagla" et en voici le rapport :
Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Je ne sais pas ce que je dois faire maintenant.
merci de votre aide
Configuration: Windows Vista
Internet
qq un pourrait il m'aider à supprimer le ver qui m'a infecté win32.worm.bagle.zlc dans le fichier mdelk.exe que je n'arrive pas à supprimer en mode sans échec. Il m'a neutraliser mon antivirus norton. Je l'ai détecter en faisant un antivirus en ligne BIT DEFENDER qui n'a pas réussi à me le supprimer. J'ai donc essayé le scan espagnol de crois "ebagla" et en voici le rapport :
Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Je ne sais pas ce que je dois faire maintenant.
merci de votre aide
Configuration: Windows Vista
Internet
Autres pages sur : resolu aidez svp ver
Lassé par la pub ? Créez un compte
Citation :
Infection BAGLESi tu es sous Vista, désactive l'uac : http://bibou0007.com/tutos-f45/tutorial-desactiver-l-ua...
Télécharge Combofix de sUBs : Renomme le avant toute installation, par exemple, nomme le "KillBagle". aide ici : http://forum.pcastuces.com/sujet.asp?f=25&s=37315
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Sauvegarde le sur ton bureau et pas ailleurs !
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider, laisse toi guider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
voila le rapport combofix
ComboFix 08-03-22.1 - r3no 2008-03-22 18:08:25.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1241 [GMT 1:00]
Endroit: C:\Users\r3no\Desktop\killbagle.exe
* Création d'un nouveau point de restauration
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\System32\1.exe
C:\Windows\system32\drivers\down
C:\Windows\system32\drivers\down\101088.exe
C:\Windows\system32\drivers\down\101478.exe
C:\Windows\system32\drivers\down\101681.exe
C:\Windows\system32\drivers\down\102617.exe
C:\Windows\system32\drivers\down\102945.exe
C:\Windows\system32\drivers\down\103740.exe
C:\Windows\system32\drivers\down\1041135.exe
C:\Windows\system32\drivers\down\106829.exe
C:\Windows\system32\drivers\down\1078887.exe
C:\Windows\system32\drivers\down\108139.exe
C:\Windows\system32\drivers\down\1092412.exe
C:\Windows\system32\drivers\down\1095158.exe
C:\Windows\system32\drivers\down\1097950.exe
C:\Windows\system32\drivers\down\109902.exe
C:\Windows\system32\drivers\down\110199.exe
C:\Windows\system32\drivers\down\111244.exe
C:\Windows\system32\drivers\down\111915.exe
C:\Windows\system32\drivers\down\112539.exe
C:\Windows\system32\drivers\down\113194.exe
C:\Windows\system32\drivers\down\1133206.exe
C:\Windows\system32\drivers\down\1137746.exe
C:\Windows\system32\drivers\down\1140336.exe
C:\Windows\system32\drivers\down\1141396.exe
C:\Windows\system32\drivers\down\1144111.exe
C:\Windows\system32\drivers\down\114520.exe
C:\Windows\system32\drivers\down\114613.exe
C:\Windows\system32\drivers\down\11656254.exe
C:\Windows\system32\drivers\down\11659483.exe
C:\Windows\system32\drivers\down\11661995.exe
C:\Windows\system32\drivers\down\11684303.exe
C:\Windows\system32\drivers\down\11689841.exe
C:\Windows\system32\drivers\down\11714177.exe
C:\Windows\system32\drivers\down\11719918.exe
C:\Windows\system32\drivers\down\11722757.exe
C:\Windows\system32\drivers\down\11726017.exe
C:\Windows\system32\drivers\down\11729091.exe
C:\Windows\system32\drivers\down\11754659.exe
C:\Windows\system32\drivers\down\11758154.exe
C:\Windows\system32\drivers\down\11760275.exe
C:\Windows\system32\drivers\down\11764612.exe
C:\Windows\system32\drivers\down\1179632.exe
C:\Windows\system32\drivers\down\118014.exe
C:\Windows\system32\drivers\down\1184328.exe
C:\Windows\system32\drivers\down\119215.exe
C:\Windows\system32\drivers\down\119980.exe
C:\Windows\system32\drivers\down\120027.exe
C:\Windows\system32\drivers\down\121009.exe
C:\Windows\system32\drivers\down\12465306.exe
C:\Windows\system32\drivers\down\12468520.exe
C:\Windows\system32\drivers\down\124863.exe
C:\Windows\system32\drivers\down\12490781.exe
C:\Windows\system32\drivers\down\12493652.exe
C:\Windows\system32\drivers\down\12496272.exe
C:\Windows\system32\drivers\down\126548.exe
C:\Windows\system32\drivers\down\126704.exe
C:\Windows\system32\drivers\down\127062.exe
C:\Windows\system32\drivers\down\127125.exe
C:\Windows\system32\drivers\down\127733.exe
C:\Windows\system32\drivers\down\128513.exe
C:\Windows\system32\drivers\down\128778.exe
C:\Windows\system32\drivers\down\129137.exe
C:\Windows\system32\drivers\down\129980.exe
C:\Windows\system32\drivers\down\130058.exe
C:\Windows\system32\drivers\down\131352.exe
C:\Windows\system32\drivers\down\131836.exe
C:\Windows\system32\drivers\down\132039.exe
C:\Windows\system32\drivers\down\132772.exe
C:\Windows\system32\drivers\down\132959.exe
C:\Windows\system32\drivers\down\133178.exe
C:\Windows\system32\drivers\down\133318.exe
C:\Windows\system32\drivers\down\133427.exe
C:\Windows\system32\drivers\down\133926.exe
C:\Windows\system32\drivers\down\134504.exe
C:\Windows\system32\drivers\down\135003.exe
C:\Windows\system32\drivers\down\135081.exe
C:\Windows\system32\drivers\down\135689.exe
C:\Windows\system32\drivers\down\138076.exe
C:\Windows\system32\drivers\down\138450.exe
C:\Windows\system32\drivers\down\138856.exe
C:\Windows\system32\drivers\down\139355.exe
C:\Windows\system32\drivers\down\139386.exe
C:\Windows\system32\drivers\down\139464.exe
C:\Windows\system32\drivers\down\140759.exe
C:\Windows\system32\drivers\down\140931.exe
C:\Windows\system32\drivers\down\141477.exe
C:\Windows\system32\drivers\down\141960.exe
C:\Windows\system32\drivers\down\142475.exe
C:\Windows\system32\drivers\down\142553.exe
C:\Windows\system32\drivers\down\143224.exe
C:\Windows\system32\drivers\down\143240.exe
C:\Windows\system32\drivers\down\143879.exe
C:\Windows\system32\drivers\down\144254.exe
C:\Windows\system32\drivers\down\145626.exe
C:\Windows\system32\drivers\down\14620694.exe
C:\Windows\system32\drivers\down\14623034.exe
C:\Windows\system32\drivers\down\14623206.exe
C:\Windows\system32\drivers\down\14627106.exe
C:\Windows\system32\drivers\down\14629212.exe
C:\Windows\system32\drivers\down\14629383.exe
C:\Windows\system32\drivers\down\14633502.exe
C:\Windows\system32\drivers\down\14643267.exe
C:\Windows\system32\drivers\down\14643720.exe
C:\Windows\system32\drivers\down\146516.exe
C:\Windows\system32\drivers\down\14653548.exe
C:\Windows\system32\drivers\down\14653719.exe
C:\Windows\system32\drivers\down\14656387.exe
C:\Windows\system32\drivers\down\14662003.exe
C:\Windows\system32\drivers\down\14678446.exe
C:\Windows\system32\drivers\down\146843.exe
C:\Windows\system32\drivers\down\14684561.exe
C:\Windows\system32\drivers\down\14685606.exe
C:\Windows\system32\drivers\down\14688040.exe
C:\Windows\system32\drivers\down\14688851.exe
C:\Windows\system32\drivers\down\14691066.exe
C:\Windows\system32\drivers\down\14691113.exe
C:\Windows\system32\drivers\down\14694030.exe
C:\Windows\system32\drivers\down\14694498.exe
C:\Windows\system32\drivers\down\14694826.exe
C:\Windows\system32\drivers\down\14702220.exe
C:\Windows\system32\drivers\down\14707415.exe
C:\Windows\system32\drivers\down\14707431.exe
C:\Windows\system32\drivers\down\14708117.exe
C:\Windows\system32\drivers\down\14709334.exe
C:\Windows\system32\drivers\down\14711752.exe
C:\Windows\system32\drivers\down\14712563.exe
C:\Windows\system32\drivers\down\14712984.exe
C:\Windows\system32\drivers\down\14713140.exe
C:\Windows\system32\drivers\down\14715933.exe
C:\Windows\system32\drivers\down\14742515.exe
C:\Windows\system32\drivers\down\14742999.exe
C:\Windows\system32\drivers\down\147436.exe
C:\Windows\system32\drivers\down\14748911.exe
C:\Windows\system32\drivers\down\14750144.exe
C:\Windows\system32\drivers\down\14753264.exe
C:\Windows\system32\drivers\down\14753451.exe
C:\Windows\system32\drivers\down\14753638.exe
C:\Windows\system32\drivers\down\14754434.exe
C:\Windows\system32\drivers\down\14756321.exe
C:\Windows\system32\drivers\down\14766867.exe
C:\Windows\system32\drivers\down\147779.exe
C:\Windows\system32\drivers\down\14790626.exe
C:\Windows\system32\drivers\down\14797615.exe
C:\Windows\system32\drivers\down\14800173.exe
C:\Windows\system32\drivers\down\14803418.exe
C:\Windows\system32\drivers\down\14806288.exe
C:\Windows\system32\drivers\down\148341.exe
C:\Windows\system32\drivers\down\14836724.exe
C:\Windows\system32\drivers\down\14837941.exe
C:\Windows\system32\drivers\down\14838300.exe
C:\Windows\system32\drivers\down\14841217.exe
C:\Windows\system32\drivers\down\14877284.exe
C:\Windows\system32\drivers\down\14881746.exe
C:\Windows\system32\drivers\down\149667.exe
C:\Windows\system32\drivers\down\150977.exe
C:\Windows\system32\drivers\down\151554.exe
C:\Windows\system32\drivers\down\151648.exe
C:\Windows\system32\drivers\down\151664.exe
C:\Windows\system32\drivers\down\152147.exe
C:\Windows\system32\drivers\down\152459.exe
C:\Windows\system32\drivers\down\152693.exe
C:\Windows\system32\drivers\down\152740.exe
C:\Windows\system32\drivers\down\153005.exe
C:\Windows\system32\drivers\down\153270.exe
C:\Windows\system32\drivers\down\153879.exe
C:\Windows\system32\drivers\down\154331.exe
C:\Windows\system32\drivers\down\154986.exe
C:\Windows\system32\drivers\down\155345.exe
C:\Windows\system32\drivers\down\155470.exe
C:\Windows\system32\drivers\down\156188.exe
C:\Windows\system32\drivers\down\156671.exe
C:\Windows\system32\drivers\down\157186.exe
C:\Windows\system32\drivers\down\157280.exe
C:\Windows\system32\drivers\down\157342.exe
C:\Windows\system32\drivers\down\157763.exe
C:\Windows\system32\drivers\down\157935.exe
C:\Windows\system32\drivers\down\158309.exe
C:\Windows\system32\drivers\down\158559.exe
C:\Windows\system32\drivers\down\158621.exe
C:\Windows\system32\drivers\down\159230.exe
C:\Windows\system32\drivers\down\159479.exe
C:\Windows\system32\drivers\down\159713.exe
C:\Windows\system32\drivers\down\160322.exe
C:\Windows\system32\drivers\down\160462.exe
C:\Windows\system32\drivers\down\160634.exe
C:\Windows\system32\drivers\down\160868.exe
C:\Windows\system32\drivers\down\161008.exe
C:\Windows\system32\drivers\down\161570.exe
C:\Windows\system32\drivers\down\162007.exe
C:\Windows\system32\drivers\down\162272.exe
C:\Windows\system32\drivers\down\162896.exe
C:\Windows\system32\drivers\down\163707.exe
C:\Windows\system32\drivers\down\163816.exe
C:\Windows\system32\drivers\down\163832.exe
C:\Windows\system32\drivers\down\164019.exe
C:\Windows\system32\drivers\down\164144.exe
C:\Windows\system32\drivers\down\165283.exe
C:\Windows\system32\drivers\down\165953.exe
C:\Windows\system32\drivers\down\166281.exe
C:\Windows\system32\drivers\down\166375.exe
C:\Windows\system32\drivers\down\166499.exe
C:\Windows\system32\drivers\down\166889.exe
C:\Windows\system32\drivers\down\167045.exe
C:\Windows\system32\drivers\down\167389.exe
C:\Windows\system32\drivers\down\168808.exe
C:\Windows\system32\drivers\down\169697.exe
C:\Windows\system32\drivers\down\169994.exe
C:\Windows\system32\drivers\down\170150.exe
C:\Windows\system32\drivers\down\170446.exe
C:\Windows\system32\drivers\down\171523.exe
C:\Windows\system32\drivers\down\171991.exe
C:\Windows\system32\drivers\down\172069.exe
C:\Windows\system32\drivers\down\172287.exe
C:\Windows\system32\drivers\down\174565.exe
C:\Windows\system32\drivers\down\174877.exe
C:\Windows\system32\drivers\down\176203.exe
C:\Windows\system32\drivers\down\176873.exe
C:\Windows\system32\drivers\down\177981.exe
C:\Windows\system32\drivers\down\178121.exe
C:\Windows\system32\drivers\down\178168.exe
C:\Windows\system32\drivers\down\178761.exe
C:\Windows\system32\drivers\down\180243.exe
C:\Windows\system32\drivers\down\180992.exe
C:\Windows\system32\drivers\down\182115.exe
C:\Windows\system32\drivers\down\182302.exe
C:\Windows\system32\drivers\down\183316.exe
C:\Windows\system32\drivers\down\183581.exe
C:\Windows\system32\drivers\down\184081.exe
C:\Windows\system32\drivers\down\184595.exe
C:\Windows\system32\drivers\down\184970.exe
C:\Windows\system32\drivers\down\185141.exe
C:\Windows\system32\drivers\down\186389.exe
C:\Windows\system32\drivers\down\186748.exe
C:\Windows\system32\drivers\down\187482.exe
C:\Windows\system32\drivers\down\187575.exe
C:\Windows\system32\drivers\down\187903.exe
C:\Windows\system32\drivers\down\188012.exe
C:\Windows\system32\drivers\down\188433.exe
C:\Windows\system32\drivers\down\189790.exe
C:\Windows\system32\drivers\down\189868.exe
C:\Windows\system32\drivers\down\189993.exe
C:\Windows\system32\drivers\down\190196.exe
C:\Windows\system32\drivers\down\191148.exe
C:\Windows\system32\drivers\down\191553.exe
C:\Windows\system32\drivers\down\191756.exe
C:\Windows\system32\drivers\down\192068.exe
C:\Windows\system32\drivers\down\192162.exe
C:\Windows\system32\drivers\down\192177.exe
C:\Windows\system32\drivers\down\194174.exe
C:\Windows\system32\drivers\down\194876.exe
C:\Windows\system32\drivers\down\194970.exe
C:\Windows\system32\drivers\down\195874.exe
C:\Windows\system32\drivers\down\196077.exe
C:\Windows\system32\drivers\down\196311.exe
C:\Windows\system32\drivers\down\196608.exe
C:\Windows\system32\drivers\down\196826.exe
C:\Windows\system32\drivers\down\196888.exe
C:\Windows\system32\drivers\down\197778.exe
C:\Windows\system32\drivers\down\198074.exe
C:\Windows\system32\drivers\down\198121.exe
C:\Windows\system32\drivers\down\198495.exe
C:\Windows\system32\drivers\down\198838.exe
C:\Windows\system32\drivers\down\199338.exe
C:\Windows\system32\drivers\down\200024.exe
C:\Windows\system32\drivers\down\200055.exe
C:\Windows\system32\drivers\down\200133.exe
C:\Windows\system32\drivers\down\200976.exe
C:\Windows\system32\drivers\down\201678.exe
C:\Windows\system32\drivers\down\202177.exe
C:\Windows\system32\drivers\down\202692.exe
C:\Windows\system32\drivers\down\202926.exe
C:\Windows\system32\drivers\down\203565.exe
C:\Windows\system32\drivers\down\203581.exe
C:\Windows\system32\drivers\down\203768.exe
C:\Windows\system32\drivers\down\203815.exe
C:\Windows\system32\drivers\down\204314.exe
C:\Windows\system32\drivers\down\205718.exe
C:\Windows\system32\drivers\down\205936.exe
C:\Windows\system32\drivers\down\206077.exe
C:\Windows\system32\drivers\down\206732.exe
C:\Windows\system32\drivers\down\206982.exe
C:\Windows\system32\drivers\down\207028.exe
C:\Windows\system32\drivers\down\207044.exe
C:\Windows\system32\drivers\down\207231.exe
C:\Windows\system32\drivers\down\208526.exe
C:\Windows\system32\drivers\down\209041.exe
C:\Windows\system32\drivers\down\210367.exe
C:\Windows\system32\drivers\down\210476.exe
C:\Windows\system32\drivers\down\211740.exe
C:\Windows\system32\drivers\down\212161.exe
C:\Windows\system32\drivers\down\213331.exe
C:\Windows\system32\drivers\down\213752.exe
C:\Windows\system32\drivers\down\214579.exe
C:\Windows\system32\drivers\down\214860.exe
C:\Windows\system32\drivers\down\216919.exe
C:\Windows\system32\drivers\down\218510.exe
C:\Windows\system32\drivers\down\220351.exe
C:\Windows\system32\drivers\down\221615.exe
C:\Windows\system32\drivers\down\223471.exe
C:\Windows\system32\drivers\down\224064.exe
C:\Windows\system32\drivers\down\226092.exe
C:\Windows\system32\drivers\down\226451.exe
C:\Windows\system32\drivers\down\226669.exe
C:\Windows\system32\drivers\down\227059.exe
C:\Windows\system32\drivers\down\227777.exe
C:\Windows\system32\drivers\down\229087.exe
C:\Windows\system32\drivers\down\229867.exe
C:\Windows\system32\drivers\down\229961.exe
C:\Windows\system32\drivers\down\231786.exe
C:\Windows\system32\drivers\down\231989.exe
C:\Windows\system32\drivers\down\232191.exe
C:\Windows\system32\drivers\down\232628.exe
C:\Windows\system32\drivers\down\232831.exe
C:\Windows\system32\drivers\down\233939.exe
C:\Windows\system32\drivers\down\234251.exe
C:\Windows\system32\drivers\down\234407.exe
C:\Windows\system32\drivers\down\235187.exe
C:\Windows\system32\drivers\down\235452.exe
C:\Windows\system32\drivers\down\236747.exe
C:\Windows\system32\drivers\down\237121.exe
C:\Windows\system32\drivers\down\237215.exe
C:\Windows\system32\drivers\down\237371.exe
C:\Windows\system32\drivers\down\238447.exe
C:\Windows\system32\drivers\down\240600.exe
C:\Windows\system32\drivers\down\240678.exe
C:\Windows\system32\drivers\down\240756.exe
C:\Windows\system32\drivers\down\240818.exe
C:\Windows\system32\drivers\down\242378.exe
C:\Windows\system32\drivers\down\243267.exe
C:\Windows\system32\drivers\down\243377.exe
C:\Windows\system32\drivers\down\244484.exe
C:\Windows\system32\drivers\down\244859.exe
C:\Windows\system32\drivers\down\245405.exe
C:\Windows\system32\drivers\down\245498.exe
C:\Windows\system32\drivers\down\247043.exe
C:\Windows\system32\drivers\down\247604.exe
C:\Windows\system32\drivers\down\247776.exe
C:\Windows\system32\drivers\down\247869.exe
C:\Windows\system32\drivers\down\247947.exe
C:\Windows\system32\drivers\down\248790.exe
C:\Windows\system32\drivers\down\249242.exe
C:\Windows\system32\drivers\down\249507.exe
C:\Windows\system32\drivers\down\249851.exe
C:\Windows\system32\drivers\down\250756.exe
C:\Windows\system32\drivers\down\251052.exe
C:\Windows\system32\drivers\down\251988.exe
C:\Windows\system32\drivers\down\252581.exe
C:\Windows\system32\drivers\down\252924.exe
C:\Windows\system32\drivers\down\252955.exe
C:\Windows\system32\drivers\down\254063.exe
C:\Windows\system32\drivers\down\254297.exe
C:\Windows\system32\drivers\down\254468.exe
C:\Windows\system32\drivers\down\254531.exe
C:\Windows\system32\drivers\down\255124.exe
C:\Windows\system32\drivers\down\255389.exe
C:\Windows\system32\drivers\down\257526.exe
C:\Windows\system32\drivers\down\258680.exe
C:\Windows\system32\drivers\down\260225.exe
C:\Windows\system32\drivers\down\260630.exe
C:\Windows\system32\drivers\down\262300.exe
C:\Windows\system32\drivers\down\265607.exe
C:\Windows\system32\drivers\down\268774.exe
C:\Windows\system32\drivers\down\272159.exe
C:\Windows\system32\drivers\down\272408.exe
C:\Windows\system32\drivers\down\274561.exe
C:\Windows\system32\drivers\down\275918.exe
C:\Windows\system32\drivers\down\275934.exe
C:\Windows\system32\drivers\down\277057.exe
C:\Windows\system32\drivers\down\277634.exe
C:\Windows\system32\drivers\down\277790.exe
C:\Windows\system32\drivers\down\280474.exe
C:\Windows\system32\drivers\down\282221.exe
C:\Windows\system32\drivers\down\283344.exe
C:\Windows\system32\drivers\down\284093.exe
C:\Windows\system32\drivers\down\284358.exe
C:\Windows\system32\drivers\down\284701.exe
C:\Windows\system32\drivers\down\285232.exe
C:\Windows\system32\drivers\down\285388.exe
C:\Windows\system32\drivers\down\285450.exe
C:\Windows\system32\drivers\down\286854.exe
C:\Windows\system32\drivers\down\287026.exe
C:\Windows\system32\drivers\down\288711.exe
C:\Windows\system32\drivers\down\290598.exe
C:\Windows\system32\drivers\down\29167553.exe
C:\Windows\system32\drivers\down\29167974.exe
C:\Windows\system32\drivers\down\291768.exe
C:\Windows\system32\drivers\down\29177912.exe
C:\Windows\system32\drivers\down\29178068.exe
C:\Windows\system32\drivers\down\29180689.exe
C:\Windows\system32\drivers\down\29186117.exe
C:\Windows\system32\drivers\down\29207864.exe
C:\Windows\system32\drivers\down\29213199.exe
C:\Windows\system32\drivers\down\29215352.exe
C:\Windows\system32\drivers\down\29219034.exe
C:\Windows\system32\drivers\down\29228518.exe
C:\Windows\system32\drivers\down\29235663.exe
C:\Windows\system32\drivers\down\29237738.exe
C:\Windows\system32\drivers\down\29238362.exe
C:\Windows\system32\drivers\down\29241092.exe
C:\Windows\system32\drivers\down\292689.exe
C:\Windows\system32\drivers\down\29278205.exe
C:\Windows\system32\drivers\down\29282308.exe
C:\Windows\system32\drivers\down\293328.exe
C:\Windows\system32\drivers\down\294545.exe
C:\Windows\system32\drivers\down\295528.exe
C:\Windows\system32\drivers\down\295840.exe
C:\Windows\system32\drivers\down\296557.exe
C:\Windows\system32\drivers\down\296620.exe
C:\Windows\system32\drivers\down\298991.exe
C:\Windows\system32\drivers\down\299256.exe
C:\Windows\system32\drivers\down\303484.exe
C:\Windows\system32\drivers\down\304217.exe
C:\Windows\system32\drivers\down\305247.exe
C:\Windows\system32\drivers\down\309942.exe
C:\Windows\system32\drivers\down\309973.exe
C:\Windows\system32\drivers\down\311533.exe
C:\Windows\system32\drivers\down\311721.exe
C:\Windows\system32\drivers\down\312485.exe
C:\Windows\system32\drivers\down\314794.exe
C:\Windows\system32\drivers\down\314888.exe
C:\Windows\system32\drivers\down\315699.exe
C:\Windows\system32\drivers\down\316775.exe
C:\Windows\system32\drivers\down\318850.exe
C:\Windows\system32\drivers\down\320784.exe
C:\Windows\system32\drivers\down\322173.exe
C:\Windows\system32\drivers\down\323249.exe
C:\Windows\system32\drivers\down\323358.exe
C:\Windows\system32\drivers\down\326385.exe
C:\Windows\system32\drivers\down\327898.exe
C:\Windows\system32\drivers\down\330519.exe
C:\Windows\system32\drivers\down\333498.exe
C:\Windows\system32\drivers\down\337196.exe
C:\Windows\system32\drivers\down\337398.exe
C:\Windows\system32\drivers\down\338506.exe
C:\Windows\system32\drivers\down\342390.exe
C:\Windows\system32\drivers\down\343545.exe
C:\Windows\system32\drivers\down\345667.exe
C:\Windows\system32\drivers\down\346337.exe
C:\Windows\system32\drivers\down\348381.exe
C:\Windows\system32\drivers\down\350971.exe
C:\Windows\system32\drivers\down\351610.exe
C:\Windows\system32\drivers\down\351673.exe
C:\Windows\system32\drivers\down\354465.exe
C:\Windows\system32\drivers\down\356368.exe
C:\Windows\system32\drivers\down\356618.exe
C:\Windows\system32\drivers\down\365853.exe
C:\Windows\system32\drivers\down\365947.exe
C:\Windows\system32\drivers\down\366789.exe
C:\Windows\system32\drivers\down\370892.exe
C:\Windows\system32\drivers\down\371641.exe
C:\Windows\system32\drivers\down\374183.exe
C:\Windows\system32\drivers\down\387366.exe
C:\Windows\system32\drivers\down\391375.exe
C:\Windows\system32\drivers\down\396398.exe
C:\Windows\system32\drivers\down\399939.exe
C:\Windows\system32\drivers\down\400392.exe
C:\Windows\system32\drivers\down\403824.exe
C:\Windows\system32\drivers\down\409003.exe
C:\Windows\system32\drivers\down\424057.exe
C:\Windows\system32\drivers\down\42713.exe
C:\Windows\system32\drivers\down\428550.exe
C:\Windows\system32\drivers\down\43087.exe
C:\Windows\system32\drivers\down\434462.exe
C:\Windows\system32\drivers\down\439517.exe
C:\Windows\system32\drivers\down\43961.exe
C:\Windows\system32\drivers\down\443698.exe
C:\Windows\system32\drivers\down\44631.exe
C:\Windows\system32\drivers\down\446334.exe
C:\Windows\system32\drivers\down\454025.exe
C:\Windows\system32\drivers\down\46129.exe
C:\Windows\system32\drivers\down\472542.exe
C:\Windows\system32\drivers\down\47783.exe
C:\Windows\system32\drivers\down\486598.exe
C:\Windows\system32\drivers\down\491839.exe
C:\Windows\system32\drivers\down\495069.exe
C:\Windows\system32\drivers\down\497081.exe
C:\Windows\system32\drivers\down\501075.exe
C:\Windows\system32\drivers\down\51729.exe
C:\Windows\system32\drivers\down\52197.exe
C:\Windows\system32\drivers\down\53414.exe
C:\Windows\system32\drivers\down\534350.exe
C:\Windows\system32\drivers\down\538453.exe
C:\Windows\system32\drivers\down\54179.exe
C:\Windows\system32\drivers\down\54600.exe
C:\Windows\system32\drivers\down\547844.exe
C:\Windows\system32\drivers\down\551993.exe
C:\Windows\system32\drivers\down\55520.exe
C:\Windows\system32\drivers\down\56004.exe
C:\Windows\system32\drivers\down\56347.exe
C:\Windows\system32\drivers\down\56394.exe
C:\Windows\system32\drivers\down\58999.exe
C:\Windows\system32\drivers\down\59264.exe
C:\Windows\system32\drivers\down\60715.exe
C:\Windows\system32\drivers\down\63835.exe
C:\Windows\system32\drivers\down\65161.exe
C:\Windows\system32\drivers\down\66128.exe
C:\Windows\system32\drivers\down\67376.exe
C:\Windows\system32\drivers\down\67844.exe
C:\Windows\system32\drivers\down\68375.exe
C:\Windows\system32\drivers\down\69030.exe
C:\Windows\system32\drivers\down\69482.exe
C:\Windows\system32\drivers\down\69919.exe
C:\Windows\system32\drivers\down\74038.exe
C:\Windows\system32\drivers\down\74459.exe
C:\Windows\system32\drivers\down\75488.exe
C:\Windows\system32\drivers\down\76534.exe
C:\Windows\system32\drivers\down\77002.exe
C:\Windows\system32\drivers\down\78203.exe
C:\Windows\system32\drivers\down\78530.exe
C:\Windows\system32\drivers\down\78780.exe
C:\Windows\system32\drivers\down\79529.exe
C:\Windows\system32\drivers\down\79669.exe
C:\Windows\system32\drivers\down\80059.exe
C:\Windows\system32\drivers\down\80168.exe
C:\Windows\system32\drivers\down\81073.exe
C:\Windows\system32\drivers\down\81744.exe
C:\Windows\system32\drivers\down\82618.exe
C:\Windows\system32\drivers\down\83569.exe
C:\Windows\system32\drivers\down\84380.exe
C:\Windows\system32\drivers\down\85036.exe
C:\Windows\system32\drivers\down\85051.exe
C:\Windows\system32\drivers\down\85129.exe
C:\Windows\system32\drivers\down\85691.exe
C:\Windows\system32\drivers\down\86190.exe
C:\Windows\system32\drivers\down\87001.exe
C:\Windows\system32\drivers\down\87048.exe
C:\Windows\system32\drivers\down\87563.exe
C:\Windows\system32\drivers\down\87734.exe
C:\Windows\system32\drivers\down\88530.exe
C:\Windows\system32\drivers\down\88764.exe
C:\Windows\system32\drivers\down\89372.exe
C:\Windows\system32\drivers\down\90230.exe
C:\Windows\system32\drivers\down\90589.exe
C:\Windows\system32\drivers\down\91229.exe
C:\Windows\system32\drivers\down\93241.exe
C:\Windows\system32\drivers\down\93304.exe
C:\Windows\system32\drivers\down\94365.exe
C:\Windows\system32\drivers\down\94723.exe
C:\Windows\system32\drivers\down\95800.exe
C:\Windows\system32\drivers\down\96003.exe
C:\Windows\system32\drivers\down\968064.exe
C:\Windows\system32\drivers\down\971855.exe
C:\Windows\system32\drivers\down\972806.exe
C:\Windows\system32\drivers\down\979171.exe
C:\Windows\system32\drivers\down\98779.exe
C:\Windows\system32\drivers\down\98967.exe
C:\Windows\system32\drivers\down\99871.exe
C:\Windows\system32\drivers\down\99934.exe
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SROSA
-------\Service_srosa
((((((((((((((((((((((((( Files Created from 2008-02-22 to 2008-03-22 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-22 15:22 262,144 ----a-w C:\ntuser.dat
2008-03-19 15:31 --------- d-----w C:\Program Files\Windows Mail
2008-03-19 15:31 --------- d-----w C:\Program Files\Norton Internet Security
2008-03-19 15:31 --------- d-----w C:\Program Files\Microsoft Works
2008-03-19 15:31 --------- d-----w C:\Program Files\Finance 2002
2008-03-19 15:31 --------- d-----w C:\Program Files\Disc2Phone
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-19 14:20 --------- d-----w C:\PROGRA~2\Symantec
2008-03-19 13:44 --------- d-----w C:\Program Files\Alwil Software
2008-03-08 08:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 12:40 13,035 ----a-w C:\Windows\system32\drivers\SymRedir.cat
2008-03-07 12:40 1,358 ----a-w C:\Windows\system32\drivers\SymRedir.inf
2008-03-07 12:39 39,984 ----a-w C:\Windows\system32\drivers\symids.sys
2008-03-07 12:39 37,936 ----a-w C:\Windows\system32\drivers\symndisv.sys
2008-03-07 12:39 27,696 ----a-w C:\Windows\system32\drivers\symredrv.sys
2008-03-07 12:39 191,536 ----a-w C:\Windows\system32\drivers\symtdi.sys
2008-03-07 12:39 145,968 ----a-w C:\Windows\system32\drivers\symfw.sys
2008-03-07 12:39 12,848 ----a-w C:\Windows\system32\drivers\symdns.sys
2008-02-29 21:47 --------- d-----w C:\Users\r3no\AppData\Roaming\Skype
2008-02-17 08:09 --------- d-----w C:\Users\r3no\AppData\Roaming\OpenOffice.org2
2008-02-13 09:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 09:10 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-13 09:10 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-13 09:10 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-13 09:10 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys
2008-02-13 09:09 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 09:09 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 09:09 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 09:09 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 09:09 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 09:08 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 09:08 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 09:08 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 09:08 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 09:08 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 09:08 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 09:06 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-01-26 04:43 --------- d-----w C:\Program Files\World of Warcraft
2008-01-25 15:26 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-25 14:50 --------- d-----w C:\Program Files\Windows Live
2008-01-25 14:49 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-25 14:43 --------- d-----w C:\PROGRA~2\WLInstaller
2007-08-30 08:10 174 --sha-w C:\Program Files\desktop.ini
2007-07-07 06:37 0 ----a-w C:\Users\r3no\AppData\Roaming\wklnhst.dat
2007-07-06 17:54 22 --sha-w C:\Windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 00:52 1232896]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-07 12:38 32768]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 14:42 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 12:34 155648]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 12:39 151552]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 15:46 4349952 C:\Windows\RtHDVCpl.exe]
"CCUTRAYICON"="FactoryMode" []
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-03-22 18:10 115816]
"osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2008-03-22 18:10 22696]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\Windows\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-07 02:05 1006264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-07 12:38:59 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-07 13:20:04 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-245561791-3675916137-1691796862-1001]
"EnableNotificationsRef"=dword:00000004
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{883DCC1A-57B0-40D9-8214-1886E9CE8414}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{F467BD2A-C293-4A5B-9A98-C5C9AEE30806}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{90952649-CC5E-4979-8CD9-CA4A4464B720}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{52A9CE63-F748-4024-8DBA-D7961AC308A5}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{11261E0B-0FCB-4503-BF57-790417B99912}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{154DF8FC-0B53-4A18-882A-9CCE3E476512}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{78520819-0ED9-4172-A85D-C8F6DBAC6A22}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{28118C03-69B4-4411-BD2F-FAC843BA6437}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{290C6F34-F75F-49B9-86A4-BD9B2CF63E86}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{853F23DD-CCA8-4C7A-A3C4-4C59FEB09D74}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{404438DA-0F0C-46AA-B488-83962673511C}"= Disabled:UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{0349D75A-3641-4425-9C22-699000257C65}"= Disabled:TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{EB65C428-A5EC-41DA-A408-0F8868EDF7C3}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44BA32EB-D00D-41F8-9AA9-94044341EDEB}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{1034DDDA-73FA-49BB-8E05-C50353381670}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{BC57958B-47EF-4DA3-B592-8F91FA46465E}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{AA8B48B2-05B4-4CEA-9CD0-7BAF873F8381}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{14A48264-8BEE-45AB-946B-66F23B5694F5}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{BE332459-66F8-4E1E-83E2-87976F8816FA}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{76C3FD81-7041-437E-B36C-9B23609D9114}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{D10746C0-8F8E-4EA7-AF3F-77D5C51BE236}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{85094C99-BEA8-40E9-B2BE-E686ADF548AE}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{FE0FD6AD-4CFE-406D-AB4D-920B1F12C4E0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{327C7031-9895-4CCB-A461-0C67FCA53AA6}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{50CE5DD2-D625-49B2-BB2F-BA1B53BD64A4}C:\\users\\r3no\\programmes\\emule\\emule.exe"= UDP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"UDP Query User{5980A0E1-0324-4EDA-817E-CD0323E9739D}C:\\users\\r3no\\programmes\\emule\\emule.exe"= TCP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"TCP Query User{66A7AE08-E58C-4F49-B29D-A64827EFDAB4}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{0437D87B-B51B-4DD6-8726-A66FF0552F72}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{3A88F224-9BA8-4EE9-93C6-26F044B8BFD7}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{F94685BC-935D-4F8D-A062-9BF30139D629}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{E0811EE4-416B-4121-85F9-3DF9FEC91F91}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{77A176D0-9442-42AE-A989-5D71F2DDCF5B}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"{A6CEAC16-DD4B-4F44-AC36-30ABCAC60FD4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080305.002\IDSvix86.sys [2008-02-13 17:18]
R2 DQLWinService;DQLWinService;"C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe" [2006-09-03 10:32]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-12-28 01:11]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-13 12:09]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 13:16]
S2 IntelDHSvcConf;Intel DH Service;"C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe" [2006-05-10 09:13]
S3 Symantec RemoteAssist;Symantec RemoteAssist;"C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe" [2008-01-29 16:09]
S3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-03-07 13:39]
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {E505DA68-3442-5D45-2BD4-1AF0B6312E53} /qb
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-22 18:13:10
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\conime.exe
.
**************************************************************************
.
Completion time: 2008-03-22 18:15:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-22 17:14:57
.
2008-03-07 17:25:51 --- E O F ---
ComboFix 08-03-22.1 - r3no 2008-03-22 18:08:25.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1241 [GMT 1:00]
Endroit: C:\Users\r3no\Desktop\killbagle.exe
* Création d'un nouveau point de restauration
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Windows\System32\1.exe
C:\Windows\system32\drivers\down
C:\Windows\system32\drivers\down\101088.exe
C:\Windows\system32\drivers\down\101478.exe
C:\Windows\system32\drivers\down\101681.exe
C:\Windows\system32\drivers\down\102617.exe
C:\Windows\system32\drivers\down\102945.exe
C:\Windows\system32\drivers\down\103740.exe
C:\Windows\system32\drivers\down\1041135.exe
C:\Windows\system32\drivers\down\106829.exe
C:\Windows\system32\drivers\down\1078887.exe
C:\Windows\system32\drivers\down\108139.exe
C:\Windows\system32\drivers\down\1092412.exe
C:\Windows\system32\drivers\down\1095158.exe
C:\Windows\system32\drivers\down\1097950.exe
C:\Windows\system32\drivers\down\109902.exe
C:\Windows\system32\drivers\down\110199.exe
C:\Windows\system32\drivers\down\111244.exe
C:\Windows\system32\drivers\down\111915.exe
C:\Windows\system32\drivers\down\112539.exe
C:\Windows\system32\drivers\down\113194.exe
C:\Windows\system32\drivers\down\1133206.exe
C:\Windows\system32\drivers\down\1137746.exe
C:\Windows\system32\drivers\down\1140336.exe
C:\Windows\system32\drivers\down\1141396.exe
C:\Windows\system32\drivers\down\1144111.exe
C:\Windows\system32\drivers\down\114520.exe
C:\Windows\system32\drivers\down\114613.exe
C:\Windows\system32\drivers\down\11656254.exe
C:\Windows\system32\drivers\down\11659483.exe
C:\Windows\system32\drivers\down\11661995.exe
C:\Windows\system32\drivers\down\11684303.exe
C:\Windows\system32\drivers\down\11689841.exe
C:\Windows\system32\drivers\down\11714177.exe
C:\Windows\system32\drivers\down\11719918.exe
C:\Windows\system32\drivers\down\11722757.exe
C:\Windows\system32\drivers\down\11726017.exe
C:\Windows\system32\drivers\down\11729091.exe
C:\Windows\system32\drivers\down\11754659.exe
C:\Windows\system32\drivers\down\11758154.exe
C:\Windows\system32\drivers\down\11760275.exe
C:\Windows\system32\drivers\down\11764612.exe
C:\Windows\system32\drivers\down\1179632.exe
C:\Windows\system32\drivers\down\118014.exe
C:\Windows\system32\drivers\down\1184328.exe
C:\Windows\system32\drivers\down\119215.exe
C:\Windows\system32\drivers\down\119980.exe
C:\Windows\system32\drivers\down\120027.exe
C:\Windows\system32\drivers\down\121009.exe
C:\Windows\system32\drivers\down\12465306.exe
C:\Windows\system32\drivers\down\12468520.exe
C:\Windows\system32\drivers\down\124863.exe
C:\Windows\system32\drivers\down\12490781.exe
C:\Windows\system32\drivers\down\12493652.exe
C:\Windows\system32\drivers\down\12496272.exe
C:\Windows\system32\drivers\down\126548.exe
C:\Windows\system32\drivers\down\126704.exe
C:\Windows\system32\drivers\down\127062.exe
C:\Windows\system32\drivers\down\127125.exe
C:\Windows\system32\drivers\down\127733.exe
C:\Windows\system32\drivers\down\128513.exe
C:\Windows\system32\drivers\down\128778.exe
C:\Windows\system32\drivers\down\129137.exe
C:\Windows\system32\drivers\down\129980.exe
C:\Windows\system32\drivers\down\130058.exe
C:\Windows\system32\drivers\down\131352.exe
C:\Windows\system32\drivers\down\131836.exe
C:\Windows\system32\drivers\down\132039.exe
C:\Windows\system32\drivers\down\132772.exe
C:\Windows\system32\drivers\down\132959.exe
C:\Windows\system32\drivers\down\133178.exe
C:\Windows\system32\drivers\down\133318.exe
C:\Windows\system32\drivers\down\133427.exe
C:\Windows\system32\drivers\down\133926.exe
C:\Windows\system32\drivers\down\134504.exe
C:\Windows\system32\drivers\down\135003.exe
C:\Windows\system32\drivers\down\135081.exe
C:\Windows\system32\drivers\down\135689.exe
C:\Windows\system32\drivers\down\138076.exe
C:\Windows\system32\drivers\down\138450.exe
C:\Windows\system32\drivers\down\138856.exe
C:\Windows\system32\drivers\down\139355.exe
C:\Windows\system32\drivers\down\139386.exe
C:\Windows\system32\drivers\down\139464.exe
C:\Windows\system32\drivers\down\140759.exe
C:\Windows\system32\drivers\down\140931.exe
C:\Windows\system32\drivers\down\141477.exe
C:\Windows\system32\drivers\down\141960.exe
C:\Windows\system32\drivers\down\142475.exe
C:\Windows\system32\drivers\down\142553.exe
C:\Windows\system32\drivers\down\143224.exe
C:\Windows\system32\drivers\down\143240.exe
C:\Windows\system32\drivers\down\143879.exe
C:\Windows\system32\drivers\down\144254.exe
C:\Windows\system32\drivers\down\145626.exe
C:\Windows\system32\drivers\down\14620694.exe
C:\Windows\system32\drivers\down\14623034.exe
C:\Windows\system32\drivers\down\14623206.exe
C:\Windows\system32\drivers\down\14627106.exe
C:\Windows\system32\drivers\down\14629212.exe
C:\Windows\system32\drivers\down\14629383.exe
C:\Windows\system32\drivers\down\14633502.exe
C:\Windows\system32\drivers\down\14643267.exe
C:\Windows\system32\drivers\down\14643720.exe
C:\Windows\system32\drivers\down\146516.exe
C:\Windows\system32\drivers\down\14653548.exe
C:\Windows\system32\drivers\down\14653719.exe
C:\Windows\system32\drivers\down\14656387.exe
C:\Windows\system32\drivers\down\14662003.exe
C:\Windows\system32\drivers\down\14678446.exe
C:\Windows\system32\drivers\down\146843.exe
C:\Windows\system32\drivers\down\14684561.exe
C:\Windows\system32\drivers\down\14685606.exe
C:\Windows\system32\drivers\down\14688040.exe
C:\Windows\system32\drivers\down\14688851.exe
C:\Windows\system32\drivers\down\14691066.exe
C:\Windows\system32\drivers\down\14691113.exe
C:\Windows\system32\drivers\down\14694030.exe
C:\Windows\system32\drivers\down\14694498.exe
C:\Windows\system32\drivers\down\14694826.exe
C:\Windows\system32\drivers\down\14702220.exe
C:\Windows\system32\drivers\down\14707415.exe
C:\Windows\system32\drivers\down\14707431.exe
C:\Windows\system32\drivers\down\14708117.exe
C:\Windows\system32\drivers\down\14709334.exe
C:\Windows\system32\drivers\down\14711752.exe
C:\Windows\system32\drivers\down\14712563.exe
C:\Windows\system32\drivers\down\14712984.exe
C:\Windows\system32\drivers\down\14713140.exe
C:\Windows\system32\drivers\down\14715933.exe
C:\Windows\system32\drivers\down\14742515.exe
C:\Windows\system32\drivers\down\14742999.exe
C:\Windows\system32\drivers\down\147436.exe
C:\Windows\system32\drivers\down\14748911.exe
C:\Windows\system32\drivers\down\14750144.exe
C:\Windows\system32\drivers\down\14753264.exe
C:\Windows\system32\drivers\down\14753451.exe
C:\Windows\system32\drivers\down\14753638.exe
C:\Windows\system32\drivers\down\14754434.exe
C:\Windows\system32\drivers\down\14756321.exe
C:\Windows\system32\drivers\down\14766867.exe
C:\Windows\system32\drivers\down\147779.exe
C:\Windows\system32\drivers\down\14790626.exe
C:\Windows\system32\drivers\down\14797615.exe
C:\Windows\system32\drivers\down\14800173.exe
C:\Windows\system32\drivers\down\14803418.exe
C:\Windows\system32\drivers\down\14806288.exe
C:\Windows\system32\drivers\down\148341.exe
C:\Windows\system32\drivers\down\14836724.exe
C:\Windows\system32\drivers\down\14837941.exe
C:\Windows\system32\drivers\down\14838300.exe
C:\Windows\system32\drivers\down\14841217.exe
C:\Windows\system32\drivers\down\14877284.exe
C:\Windows\system32\drivers\down\14881746.exe
C:\Windows\system32\drivers\down\149667.exe
C:\Windows\system32\drivers\down\150977.exe
C:\Windows\system32\drivers\down\151554.exe
C:\Windows\system32\drivers\down\151648.exe
C:\Windows\system32\drivers\down\151664.exe
C:\Windows\system32\drivers\down\152147.exe
C:\Windows\system32\drivers\down\152459.exe
C:\Windows\system32\drivers\down\152693.exe
C:\Windows\system32\drivers\down\152740.exe
C:\Windows\system32\drivers\down\153005.exe
C:\Windows\system32\drivers\down\153270.exe
C:\Windows\system32\drivers\down\153879.exe
C:\Windows\system32\drivers\down\154331.exe
C:\Windows\system32\drivers\down\154986.exe
C:\Windows\system32\drivers\down\155345.exe
C:\Windows\system32\drivers\down\155470.exe
C:\Windows\system32\drivers\down\156188.exe
C:\Windows\system32\drivers\down\156671.exe
C:\Windows\system32\drivers\down\157186.exe
C:\Windows\system32\drivers\down\157280.exe
C:\Windows\system32\drivers\down\157342.exe
C:\Windows\system32\drivers\down\157763.exe
C:\Windows\system32\drivers\down\157935.exe
C:\Windows\system32\drivers\down\158309.exe
C:\Windows\system32\drivers\down\158559.exe
C:\Windows\system32\drivers\down\158621.exe
C:\Windows\system32\drivers\down\159230.exe
C:\Windows\system32\drivers\down\159479.exe
C:\Windows\system32\drivers\down\159713.exe
C:\Windows\system32\drivers\down\160322.exe
C:\Windows\system32\drivers\down\160462.exe
C:\Windows\system32\drivers\down\160634.exe
C:\Windows\system32\drivers\down\160868.exe
C:\Windows\system32\drivers\down\161008.exe
C:\Windows\system32\drivers\down\161570.exe
C:\Windows\system32\drivers\down\162007.exe
C:\Windows\system32\drivers\down\162272.exe
C:\Windows\system32\drivers\down\162896.exe
C:\Windows\system32\drivers\down\163707.exe
C:\Windows\system32\drivers\down\163816.exe
C:\Windows\system32\drivers\down\163832.exe
C:\Windows\system32\drivers\down\164019.exe
C:\Windows\system32\drivers\down\164144.exe
C:\Windows\system32\drivers\down\165283.exe
C:\Windows\system32\drivers\down\165953.exe
C:\Windows\system32\drivers\down\166281.exe
C:\Windows\system32\drivers\down\166375.exe
C:\Windows\system32\drivers\down\166499.exe
C:\Windows\system32\drivers\down\166889.exe
C:\Windows\system32\drivers\down\167045.exe
C:\Windows\system32\drivers\down\167389.exe
C:\Windows\system32\drivers\down\168808.exe
C:\Windows\system32\drivers\down\169697.exe
C:\Windows\system32\drivers\down\169994.exe
C:\Windows\system32\drivers\down\170150.exe
C:\Windows\system32\drivers\down\170446.exe
C:\Windows\system32\drivers\down\171523.exe
C:\Windows\system32\drivers\down\171991.exe
C:\Windows\system32\drivers\down\172069.exe
C:\Windows\system32\drivers\down\172287.exe
C:\Windows\system32\drivers\down\174565.exe
C:\Windows\system32\drivers\down\174877.exe
C:\Windows\system32\drivers\down\176203.exe
C:\Windows\system32\drivers\down\176873.exe
C:\Windows\system32\drivers\down\177981.exe
C:\Windows\system32\drivers\down\178121.exe
C:\Windows\system32\drivers\down\178168.exe
C:\Windows\system32\drivers\down\178761.exe
C:\Windows\system32\drivers\down\180243.exe
C:\Windows\system32\drivers\down\180992.exe
C:\Windows\system32\drivers\down\182115.exe
C:\Windows\system32\drivers\down\182302.exe
C:\Windows\system32\drivers\down\183316.exe
C:\Windows\system32\drivers\down\183581.exe
C:\Windows\system32\drivers\down\184081.exe
C:\Windows\system32\drivers\down\184595.exe
C:\Windows\system32\drivers\down\184970.exe
C:\Windows\system32\drivers\down\185141.exe
C:\Windows\system32\drivers\down\186389.exe
C:\Windows\system32\drivers\down\186748.exe
C:\Windows\system32\drivers\down\187482.exe
C:\Windows\system32\drivers\down\187575.exe
C:\Windows\system32\drivers\down\187903.exe
C:\Windows\system32\drivers\down\188012.exe
C:\Windows\system32\drivers\down\188433.exe
C:\Windows\system32\drivers\down\189790.exe
C:\Windows\system32\drivers\down\189868.exe
C:\Windows\system32\drivers\down\189993.exe
C:\Windows\system32\drivers\down\190196.exe
C:\Windows\system32\drivers\down\191148.exe
C:\Windows\system32\drivers\down\191553.exe
C:\Windows\system32\drivers\down\191756.exe
C:\Windows\system32\drivers\down\192068.exe
C:\Windows\system32\drivers\down\192162.exe
C:\Windows\system32\drivers\down\192177.exe
C:\Windows\system32\drivers\down\194174.exe
C:\Windows\system32\drivers\down\194876.exe
C:\Windows\system32\drivers\down\194970.exe
C:\Windows\system32\drivers\down\195874.exe
C:\Windows\system32\drivers\down\196077.exe
C:\Windows\system32\drivers\down\196311.exe
C:\Windows\system32\drivers\down\196608.exe
C:\Windows\system32\drivers\down\196826.exe
C:\Windows\system32\drivers\down\196888.exe
C:\Windows\system32\drivers\down\197778.exe
C:\Windows\system32\drivers\down\198074.exe
C:\Windows\system32\drivers\down\198121.exe
C:\Windows\system32\drivers\down\198495.exe
C:\Windows\system32\drivers\down\198838.exe
C:\Windows\system32\drivers\down\199338.exe
C:\Windows\system32\drivers\down\200024.exe
C:\Windows\system32\drivers\down\200055.exe
C:\Windows\system32\drivers\down\200133.exe
C:\Windows\system32\drivers\down\200976.exe
C:\Windows\system32\drivers\down\201678.exe
C:\Windows\system32\drivers\down\202177.exe
C:\Windows\system32\drivers\down\202692.exe
C:\Windows\system32\drivers\down\202926.exe
C:\Windows\system32\drivers\down\203565.exe
C:\Windows\system32\drivers\down\203581.exe
C:\Windows\system32\drivers\down\203768.exe
C:\Windows\system32\drivers\down\203815.exe
C:\Windows\system32\drivers\down\204314.exe
C:\Windows\system32\drivers\down\205718.exe
C:\Windows\system32\drivers\down\205936.exe
C:\Windows\system32\drivers\down\206077.exe
C:\Windows\system32\drivers\down\206732.exe
C:\Windows\system32\drivers\down\206982.exe
C:\Windows\system32\drivers\down\207028.exe
C:\Windows\system32\drivers\down\207044.exe
C:\Windows\system32\drivers\down\207231.exe
C:\Windows\system32\drivers\down\208526.exe
C:\Windows\system32\drivers\down\209041.exe
C:\Windows\system32\drivers\down\210367.exe
C:\Windows\system32\drivers\down\210476.exe
C:\Windows\system32\drivers\down\211740.exe
C:\Windows\system32\drivers\down\212161.exe
C:\Windows\system32\drivers\down\213331.exe
C:\Windows\system32\drivers\down\213752.exe
C:\Windows\system32\drivers\down\214579.exe
C:\Windows\system32\drivers\down\214860.exe
C:\Windows\system32\drivers\down\216919.exe
C:\Windows\system32\drivers\down\218510.exe
C:\Windows\system32\drivers\down\220351.exe
C:\Windows\system32\drivers\down\221615.exe
C:\Windows\system32\drivers\down\223471.exe
C:\Windows\system32\drivers\down\224064.exe
C:\Windows\system32\drivers\down\226092.exe
C:\Windows\system32\drivers\down\226451.exe
C:\Windows\system32\drivers\down\226669.exe
C:\Windows\system32\drivers\down\227059.exe
C:\Windows\system32\drivers\down\227777.exe
C:\Windows\system32\drivers\down\229087.exe
C:\Windows\system32\drivers\down\229867.exe
C:\Windows\system32\drivers\down\229961.exe
C:\Windows\system32\drivers\down\231786.exe
C:\Windows\system32\drivers\down\231989.exe
C:\Windows\system32\drivers\down\232191.exe
C:\Windows\system32\drivers\down\232628.exe
C:\Windows\system32\drivers\down\232831.exe
C:\Windows\system32\drivers\down\233939.exe
C:\Windows\system32\drivers\down\234251.exe
C:\Windows\system32\drivers\down\234407.exe
C:\Windows\system32\drivers\down\235187.exe
C:\Windows\system32\drivers\down\235452.exe
C:\Windows\system32\drivers\down\236747.exe
C:\Windows\system32\drivers\down\237121.exe
C:\Windows\system32\drivers\down\237215.exe
C:\Windows\system32\drivers\down\237371.exe
C:\Windows\system32\drivers\down\238447.exe
C:\Windows\system32\drivers\down\240600.exe
C:\Windows\system32\drivers\down\240678.exe
C:\Windows\system32\drivers\down\240756.exe
C:\Windows\system32\drivers\down\240818.exe
C:\Windows\system32\drivers\down\242378.exe
C:\Windows\system32\drivers\down\243267.exe
C:\Windows\system32\drivers\down\243377.exe
C:\Windows\system32\drivers\down\244484.exe
C:\Windows\system32\drivers\down\244859.exe
C:\Windows\system32\drivers\down\245405.exe
C:\Windows\system32\drivers\down\245498.exe
C:\Windows\system32\drivers\down\247043.exe
C:\Windows\system32\drivers\down\247604.exe
C:\Windows\system32\drivers\down\247776.exe
C:\Windows\system32\drivers\down\247869.exe
C:\Windows\system32\drivers\down\247947.exe
C:\Windows\system32\drivers\down\248790.exe
C:\Windows\system32\drivers\down\249242.exe
C:\Windows\system32\drivers\down\249507.exe
C:\Windows\system32\drivers\down\249851.exe
C:\Windows\system32\drivers\down\250756.exe
C:\Windows\system32\drivers\down\251052.exe
C:\Windows\system32\drivers\down\251988.exe
C:\Windows\system32\drivers\down\252581.exe
C:\Windows\system32\drivers\down\252924.exe
C:\Windows\system32\drivers\down\252955.exe
C:\Windows\system32\drivers\down\254063.exe
C:\Windows\system32\drivers\down\254297.exe
C:\Windows\system32\drivers\down\254468.exe
C:\Windows\system32\drivers\down\254531.exe
C:\Windows\system32\drivers\down\255124.exe
C:\Windows\system32\drivers\down\255389.exe
C:\Windows\system32\drivers\down\257526.exe
C:\Windows\system32\drivers\down\258680.exe
C:\Windows\system32\drivers\down\260225.exe
C:\Windows\system32\drivers\down\260630.exe
C:\Windows\system32\drivers\down\262300.exe
C:\Windows\system32\drivers\down\265607.exe
C:\Windows\system32\drivers\down\268774.exe
C:\Windows\system32\drivers\down\272159.exe
C:\Windows\system32\drivers\down\272408.exe
C:\Windows\system32\drivers\down\274561.exe
C:\Windows\system32\drivers\down\275918.exe
C:\Windows\system32\drivers\down\275934.exe
C:\Windows\system32\drivers\down\277057.exe
C:\Windows\system32\drivers\down\277634.exe
C:\Windows\system32\drivers\down\277790.exe
C:\Windows\system32\drivers\down\280474.exe
C:\Windows\system32\drivers\down\282221.exe
C:\Windows\system32\drivers\down\283344.exe
C:\Windows\system32\drivers\down\284093.exe
C:\Windows\system32\drivers\down\284358.exe
C:\Windows\system32\drivers\down\284701.exe
C:\Windows\system32\drivers\down\285232.exe
C:\Windows\system32\drivers\down\285388.exe
C:\Windows\system32\drivers\down\285450.exe
C:\Windows\system32\drivers\down\286854.exe
C:\Windows\system32\drivers\down\287026.exe
C:\Windows\system32\drivers\down\288711.exe
C:\Windows\system32\drivers\down\290598.exe
C:\Windows\system32\drivers\down\29167553.exe
C:\Windows\system32\drivers\down\29167974.exe
C:\Windows\system32\drivers\down\291768.exe
C:\Windows\system32\drivers\down\29177912.exe
C:\Windows\system32\drivers\down\29178068.exe
C:\Windows\system32\drivers\down\29180689.exe
C:\Windows\system32\drivers\down\29186117.exe
C:\Windows\system32\drivers\down\29207864.exe
C:\Windows\system32\drivers\down\29213199.exe
C:\Windows\system32\drivers\down\29215352.exe
C:\Windows\system32\drivers\down\29219034.exe
C:\Windows\system32\drivers\down\29228518.exe
C:\Windows\system32\drivers\down\29235663.exe
C:\Windows\system32\drivers\down\29237738.exe
C:\Windows\system32\drivers\down\29238362.exe
C:\Windows\system32\drivers\down\29241092.exe
C:\Windows\system32\drivers\down\292689.exe
C:\Windows\system32\drivers\down\29278205.exe
C:\Windows\system32\drivers\down\29282308.exe
C:\Windows\system32\drivers\down\293328.exe
C:\Windows\system32\drivers\down\294545.exe
C:\Windows\system32\drivers\down\295528.exe
C:\Windows\system32\drivers\down\295840.exe
C:\Windows\system32\drivers\down\296557.exe
C:\Windows\system32\drivers\down\296620.exe
C:\Windows\system32\drivers\down\298991.exe
C:\Windows\system32\drivers\down\299256.exe
C:\Windows\system32\drivers\down\303484.exe
C:\Windows\system32\drivers\down\304217.exe
C:\Windows\system32\drivers\down\305247.exe
C:\Windows\system32\drivers\down\309942.exe
C:\Windows\system32\drivers\down\309973.exe
C:\Windows\system32\drivers\down\311533.exe
C:\Windows\system32\drivers\down\311721.exe
C:\Windows\system32\drivers\down\312485.exe
C:\Windows\system32\drivers\down\314794.exe
C:\Windows\system32\drivers\down\314888.exe
C:\Windows\system32\drivers\down\315699.exe
C:\Windows\system32\drivers\down\316775.exe
C:\Windows\system32\drivers\down\318850.exe
C:\Windows\system32\drivers\down\320784.exe
C:\Windows\system32\drivers\down\322173.exe
C:\Windows\system32\drivers\down\323249.exe
C:\Windows\system32\drivers\down\323358.exe
C:\Windows\system32\drivers\down\326385.exe
C:\Windows\system32\drivers\down\327898.exe
C:\Windows\system32\drivers\down\330519.exe
C:\Windows\system32\drivers\down\333498.exe
C:\Windows\system32\drivers\down\337196.exe
C:\Windows\system32\drivers\down\337398.exe
C:\Windows\system32\drivers\down\338506.exe
C:\Windows\system32\drivers\down\342390.exe
C:\Windows\system32\drivers\down\343545.exe
C:\Windows\system32\drivers\down\345667.exe
C:\Windows\system32\drivers\down\346337.exe
C:\Windows\system32\drivers\down\348381.exe
C:\Windows\system32\drivers\down\350971.exe
C:\Windows\system32\drivers\down\351610.exe
C:\Windows\system32\drivers\down\351673.exe
C:\Windows\system32\drivers\down\354465.exe
C:\Windows\system32\drivers\down\356368.exe
C:\Windows\system32\drivers\down\356618.exe
C:\Windows\system32\drivers\down\365853.exe
C:\Windows\system32\drivers\down\365947.exe
C:\Windows\system32\drivers\down\366789.exe
C:\Windows\system32\drivers\down\370892.exe
C:\Windows\system32\drivers\down\371641.exe
C:\Windows\system32\drivers\down\374183.exe
C:\Windows\system32\drivers\down\387366.exe
C:\Windows\system32\drivers\down\391375.exe
C:\Windows\system32\drivers\down\396398.exe
C:\Windows\system32\drivers\down\399939.exe
C:\Windows\system32\drivers\down\400392.exe
C:\Windows\system32\drivers\down\403824.exe
C:\Windows\system32\drivers\down\409003.exe
C:\Windows\system32\drivers\down\424057.exe
C:\Windows\system32\drivers\down\42713.exe
C:\Windows\system32\drivers\down\428550.exe
C:\Windows\system32\drivers\down\43087.exe
C:\Windows\system32\drivers\down\434462.exe
C:\Windows\system32\drivers\down\439517.exe
C:\Windows\system32\drivers\down\43961.exe
C:\Windows\system32\drivers\down\443698.exe
C:\Windows\system32\drivers\down\44631.exe
C:\Windows\system32\drivers\down\446334.exe
C:\Windows\system32\drivers\down\454025.exe
C:\Windows\system32\drivers\down\46129.exe
C:\Windows\system32\drivers\down\472542.exe
C:\Windows\system32\drivers\down\47783.exe
C:\Windows\system32\drivers\down\486598.exe
C:\Windows\system32\drivers\down\491839.exe
C:\Windows\system32\drivers\down\495069.exe
C:\Windows\system32\drivers\down\497081.exe
C:\Windows\system32\drivers\down\501075.exe
C:\Windows\system32\drivers\down\51729.exe
C:\Windows\system32\drivers\down\52197.exe
C:\Windows\system32\drivers\down\53414.exe
C:\Windows\system32\drivers\down\534350.exe
C:\Windows\system32\drivers\down\538453.exe
C:\Windows\system32\drivers\down\54179.exe
C:\Windows\system32\drivers\down\54600.exe
C:\Windows\system32\drivers\down\547844.exe
C:\Windows\system32\drivers\down\551993.exe
C:\Windows\system32\drivers\down\55520.exe
C:\Windows\system32\drivers\down\56004.exe
C:\Windows\system32\drivers\down\56347.exe
C:\Windows\system32\drivers\down\56394.exe
C:\Windows\system32\drivers\down\58999.exe
C:\Windows\system32\drivers\down\59264.exe
C:\Windows\system32\drivers\down\60715.exe
C:\Windows\system32\drivers\down\63835.exe
C:\Windows\system32\drivers\down\65161.exe
C:\Windows\system32\drivers\down\66128.exe
C:\Windows\system32\drivers\down\67376.exe
C:\Windows\system32\drivers\down\67844.exe
C:\Windows\system32\drivers\down\68375.exe
C:\Windows\system32\drivers\down\69030.exe
C:\Windows\system32\drivers\down\69482.exe
C:\Windows\system32\drivers\down\69919.exe
C:\Windows\system32\drivers\down\74038.exe
C:\Windows\system32\drivers\down\74459.exe
C:\Windows\system32\drivers\down\75488.exe
C:\Windows\system32\drivers\down\76534.exe
C:\Windows\system32\drivers\down\77002.exe
C:\Windows\system32\drivers\down\78203.exe
C:\Windows\system32\drivers\down\78530.exe
C:\Windows\system32\drivers\down\78780.exe
C:\Windows\system32\drivers\down\79529.exe
C:\Windows\system32\drivers\down\79669.exe
C:\Windows\system32\drivers\down\80059.exe
C:\Windows\system32\drivers\down\80168.exe
C:\Windows\system32\drivers\down\81073.exe
C:\Windows\system32\drivers\down\81744.exe
C:\Windows\system32\drivers\down\82618.exe
C:\Windows\system32\drivers\down\83569.exe
C:\Windows\system32\drivers\down\84380.exe
C:\Windows\system32\drivers\down\85036.exe
C:\Windows\system32\drivers\down\85051.exe
C:\Windows\system32\drivers\down\85129.exe
C:\Windows\system32\drivers\down\85691.exe
C:\Windows\system32\drivers\down\86190.exe
C:\Windows\system32\drivers\down\87001.exe
C:\Windows\system32\drivers\down\87048.exe
C:\Windows\system32\drivers\down\87563.exe
C:\Windows\system32\drivers\down\87734.exe
C:\Windows\system32\drivers\down\88530.exe
C:\Windows\system32\drivers\down\88764.exe
C:\Windows\system32\drivers\down\89372.exe
C:\Windows\system32\drivers\down\90230.exe
C:\Windows\system32\drivers\down\90589.exe
C:\Windows\system32\drivers\down\91229.exe
C:\Windows\system32\drivers\down\93241.exe
C:\Windows\system32\drivers\down\93304.exe
C:\Windows\system32\drivers\down\94365.exe
C:\Windows\system32\drivers\down\94723.exe
C:\Windows\system32\drivers\down\95800.exe
C:\Windows\system32\drivers\down\96003.exe
C:\Windows\system32\drivers\down\968064.exe
C:\Windows\system32\drivers\down\971855.exe
C:\Windows\system32\drivers\down\972806.exe
C:\Windows\system32\drivers\down\979171.exe
C:\Windows\system32\drivers\down\98779.exe
C:\Windows\system32\drivers\down\98967.exe
C:\Windows\system32\drivers\down\99871.exe
C:\Windows\system32\drivers\down\99934.exe
C:\Windows\system32\drivers\hldrrr.exe
C:\Windows\system32\drivers\srosa.sys
C:\Windows\system32\mdelk.exe
C:\Windows\system32\wintems.exe
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_SROSA
-------\Service_srosa
((((((((((((((((((((((((( Files Created from 2008-02-22 to 2008-03-22 )))))))))))))))))))))))))))))))
.
No new files created in this timespan
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-22 15:22 262,144 ----a-w C:\ntuser.dat
2008-03-19 15:31 --------- d-----w C:\Program Files\Windows Mail
2008-03-19 15:31 --------- d-----w C:\Program Files\Norton Internet Security
2008-03-19 15:31 --------- d-----w C:\Program Files\Microsoft Works
2008-03-19 15:31 --------- d-----w C:\Program Files\Finance 2002
2008-03-19 15:31 --------- d-----w C:\Program Files\Disc2Phone
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2008-03-19 15:31 --------- d-----w C:\Program Files\Common Files\Skype
2008-03-19 14:20 --------- d-----w C:\PROGRA~2\Symantec
2008-03-19 13:44 --------- d-----w C:\Program Files\Alwil Software
2008-03-08 08:18 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 12:40 13,035 ----a-w C:\Windows\system32\drivers\SymRedir.cat
2008-03-07 12:40 1,358 ----a-w C:\Windows\system32\drivers\SymRedir.inf
2008-03-07 12:39 39,984 ----a-w C:\Windows\system32\drivers\symids.sys
2008-03-07 12:39 37,936 ----a-w C:\Windows\system32\drivers\symndisv.sys
2008-03-07 12:39 27,696 ----a-w C:\Windows\system32\drivers\symredrv.sys
2008-03-07 12:39 191,536 ----a-w C:\Windows\system32\drivers\symtdi.sys
2008-03-07 12:39 145,968 ----a-w C:\Windows\system32\drivers\symfw.sys
2008-03-07 12:39 12,848 ----a-w C:\Windows\system32\drivers\symdns.sys
2008-02-29 21:47 --------- d-----w C:\Users\r3no\AppData\Roaming\Skype
2008-02-17 08:09 --------- d-----w C:\Users\r3no\AppData\Roaming\OpenOffice.org2
2008-02-13 09:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 09:10 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-13 09:10 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-13 09:10 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-13 09:10 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-13 09:10 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\mouhid.sys
2008-02-13 09:10 15,872 ----a-w C:\Windows\system32\drivers\kbdhid.sys
2008-02-13 09:09 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 09:09 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 09:09 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-13 09:09 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 09:09 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 09:08 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 09:08 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 09:08 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 09:08 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 09:08 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 09:08 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 09:06 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-01-26 04:43 --------- d-----w C:\Program Files\World of Warcraft
2008-01-25 15:26 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-25 14:50 --------- d-----w C:\Program Files\Windows Live
2008-01-25 14:49 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-01-25 14:43 --------- d-----w C:\PROGRA~2\WLInstaller
2007-08-30 08:10 174 --sha-w C:\Program Files\desktop.ini
2007-07-07 06:37 0 ----a-w C:\Users\r3no\AppData\Roaming\wklnhst.dat
2007-07-06 17:54 22 --sha-w C:\Windows\SMINST\HPCD.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 00:52 1232896]
"StartCCC"="c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [ ]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-07 12:38 32768]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 14:42 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 16:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 12:34 155648]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-09-29 12:39 151552]
"RtHDVCpl"="RtHDVCpl.exe" [2007-01-18 15:46 4349952 C:\Windows\RtHDVCpl.exe]
"CCUTRAYICON"="FactoryMode" []
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"ccApp"="c:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2008-03-22 18:10 115816]
"osCheck"="c:\Program Files\Norton Internet Security\osCheck.exe" [2008-03-22 18:10 22696]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 09:22 517768]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 14:32 56080 C:\Windows\KHALMNPR.Exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"NeroFilterCheck"="C:\Windows\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-07-07 02:05 1006264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="%WINDIR%\SMINST\launcher.exe" [ ]
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-07 12:38:59 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-07 13:20:04 692224]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
"AntiSpywareOverride"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-245561791-3675916137-1691796862-1001]
"EnableNotificationsRef"=dword:00000004
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{883DCC1A-57B0-40D9-8214-1886E9CE8414}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{F467BD2A-C293-4A5B-9A98-C5C9AEE30806}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe:SPCM
"{90952649-CC5E-4979-8CD9-CA4A4464B720}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{52A9CE63-F748-4024-8DBA-D7961AC308A5}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe:Intel(R) Viiv(TM) Media Server
"{11261E0B-0FCB-4503-BF57-790417B99912}"= UDP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{154DF8FC-0B53-4A18-882A-9CCE3E476512}"= TCP:C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe:Intel(R) Remoting Service
"{78520819-0ED9-4172-A85D-C8F6DBAC6A22}"= TCP:9442:127.0.0.1:Intel(R) Viiv(TM) Media Server Discovery
"{28118C03-69B4-4411-BD2F-FAC843BA6437}"= TCP:1900:LocalSubnet:LocalSubnet:Intel(R) Viiv(TM) Media Server UPnP Discovery
"{290C6F34-F75F-49B9-86A4-BD9B2CF63E86}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{853F23DD-CCA8-4C7A-A3C4-4C59FEB09D74}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{404438DA-0F0C-46AA-B488-83962673511C}"= Disabled:UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{0349D75A-3641-4425-9C22-699000257C65}"= Disabled:TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:Logitech Desktop Messenger
"{EB65C428-A5EC-41DA-A408-0F8868EDF7C3}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{44BA32EB-D00D-41F8-9AA9-94044341EDEB}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"TCP Query User{1034DDDA-73FA-49BB-8E05-C50353381670}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{BC57958B-47EF-4DA3-B592-8F91FA46465E}C:\\program files\\world of warcraft\\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{AA8B48B2-05B4-4CEA-9CD0-7BAF873F8381}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= UDP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"UDP Query User{14A48264-8BEE-45AB-946B-66F23B5694F5}C:\\program files\\world of warcraft\\backgrounddownloader.exe"= TCP:C:\program files\world of warcraft\backgrounddownloader.exe:Blizzard Downloader
"TCP Query User{BE332459-66F8-4E1E-83E2-87976F8816FA}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{76C3FD81-7041-437E-B36C-9B23609D9114}C:\\program files\\world of warcraft\\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{D10746C0-8F8E-4EA7-AF3F-77D5C51BE236}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{85094C99-BEA8-40E9-B2BE-E686ADF548AE}C:\\program files\\world of warcraft\\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.0.7272-to-2.2.2.7318-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{FE0FD6AD-4CFE-406D-AB4D-920B1F12C4E0}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{327C7031-9895-4CCB-A461-0C67FCA53AA6}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{50CE5DD2-D625-49B2-BB2F-BA1B53BD64A4}C:\\users\\r3no\\programmes\\emule\\emule.exe"= UDP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"UDP Query User{5980A0E1-0324-4EDA-817E-CD0323E9739D}C:\\users\\r3no\\programmes\\emule\\emule.exe"= TCP:C:\users\r3no\programmes\emule\emule.exe:emule.exe
"TCP Query User{66A7AE08-E58C-4F49-B29D-A64827EFDAB4}C:\\program files\\real\\realplayer\\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"UDP Query User{0437D87B-B51B-4DD6-8726-A66FF0552F72}C:\\program files\\real\\realplayer\\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer
"TCP Query User{3A88F224-9BA8-4EE9-93C6-26F044B8BFD7}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= UDP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"UDP Query User{F94685BC-935D-4F8D-A062-9BF30139D629}C:\\program files\\world of warcraft\\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe"= TCP:C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-frfr-downloader.exe:Blizzard Downloader
"TCP Query User{E0811EE4-416B-4121-85F9-3DF9FEC91F91}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{77A176D0-9442-42AE-A989-5D71F2DDCF5B}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"{A6CEAC16-DD4B-4F44-AC36-30ABCAC60FD4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080305.002\IDSvix86.sys [2008-02-13 17:18]
R2 DQLWinService;DQLWinService;"C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe" [2006-09-03 10:32]
R3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-12-28 01:11]
R3 athr;Atheros Extensible Wireless LAN device driver;C:\Windows\system32\DRIVERS\athr.sys [2006-11-13 12:09]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-08 13:16]
S2 IntelDHSvcConf;Intel DH Service;"C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe" [2006-05-10 09:13]
S3 Symantec RemoteAssist;Symantec RemoteAssist;"C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe" [2008-01-29 16:09]
S3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-03-07 13:39]
*Newly Created Service* - COMHOST
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {E505DA68-3442-5D45-2BD4-1AF0B6312E53} /qb
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-22 18:13:10
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\system32\Ati2evxx.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\conime.exe
.
**************************************************************************
.
Completion time: 2008-03-22 18:15:00 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-22 17:14:57
.
2008-03-07 17:25:51 --- E O F ---
Re,
Fais un scan en ligne Kaspersky avec Internet Explorer :
Clique sur ![]()
Clique maintenant sur J'accepte.
Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
Patiente pendant l'installation des Mises à jour.
Choisis par la suite l'analyse du Poste de travail
Sauvegarde puis colle le rapport généré en fin d'analyse.
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
![;)]( ";)")
AIDE : Tuto sur le scan en ligne
NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
...
Bizarre![:)]( ":)")
Refais-moi un scan ELIBAGLA.
Puis essaye ce scan en ligne :
- Fais un nano/total scan avec panda en désactivant ton antivirus pendant le scan!
- Enregitre toi sur le site en créant un compte à partir du bouton Register Free à droite.
- Après avoir indiqué une adresse mail valide et un mot de passe.. tu vas recevoir un mail.. clic sur le lien pour activer ton compte
- Retourne sur le site et identifie toi dans la partie droite en indiquant ton adresse mail et ton mot de passe
- Coche au milieu l'option Full Scan puis clic sur le bouton Scan now
- Le site va te demander d'accepter l'installation du contrôle Activex.. accepte en cliquant sur le bouton Oui.
- Le programme va télécharger les mises à jour puis le scan va se faire.. Il peut durer une heure.
- Une fois le scan terminé.. clic en bas de la page de rapport sur le bouton Desinfect
- Ensuite dans la partie haute, clic sur le petit bouton Save.. Cela va te permettre d'enregistrer un rapport sur ton bureau.
- Ouvre ce rapport et Copie/colle le rapport panda ici
AIDE : Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)
![;)]( ";)")
Bizarre
Refais-moi un scan ELIBAGLA.
Puis essaye ce scan en ligne :
- Fais un nano/total scan avec panda en désactivant ton antivirus pendant le scan!
- Enregitre toi sur le site en créant un compte à partir du bouton Register Free à droite.
- Après avoir indiqué une adresse mail valide et un mot de passe.. tu vas recevoir un mail.. clic sur le lien pour activer ton compte
- Retourne sur le site et identifie toi dans la partie droite en indiquant ton adresse mail et ton mot de passe
- Coche au milieu l'option Full Scan puis clic sur le bouton Scan now
- Le site va te demander d'accepter l'installation du contrôle Activex.. accepte en cliquant sur le bouton Oui.
- Le programme va télécharger les mises à jour puis le scan va se faire.. Il peut durer une heure.
- Une fois le scan terminé.. clic en bas de la page de rapport sur le bouton Desinfect
- Ensuite dans la partie haute, clic sur le petit bouton Save.. Cela va te permettre d'enregistrer un rapport sur ton bureau.
- Ouvre ce rapport et Copie/colle le rapport panda ici
AIDE : Si tu es perdu, tu peux suivre cette aide pour les scans en ligne)
voila le 2° rapport eliblaga
Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sat Mar 22 18:07:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 18:13:09 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sat Mar 22 19:20:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sat Mar 22 19:20:23 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102945.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\133926.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146516.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14653719.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14753638.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\149667.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\153005.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\156188.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\167045.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\169697.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29178068.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\366789.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\56394.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\80168.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85691.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\90589.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\972806.EXE.VIR --> Eliminado Bagle
Nº Total de Directorios: 15673
Nº Total de Ficheros: 92516
Nº de Ficheros Analizados: 15874
Nº de Ficheros Infectados: 17
Nº de Ficheros Limpiados: 17
Sat Mar 22 17:18:15 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 17:18:44 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
Nº Total de Directorios: 15700
Nº Total de Ficheros: 92281
Nº de Ficheros Analizados: 16004
Nº de Ficheros Infectados: 0
Nº de Ficheros Limpiados: 0
Sat Mar 22 18:07:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Por favor, envienos una muestra del fichero
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
a "virus@satinfo.es". Gracias.
C:\WINDOWS\SYSTEM32\WINTEMS.EXE --> Bagle Acceso Denegado.
C:\WINDOWS\SYSTEM32\BAN_LIST.TXT --> Eliminado Bagle
C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Bagle (rootkit) Acceso Denegado.
C:\WINDOWS\SYSTEM32\DRIVERS\HLDRRR.EXE --> Bagle.dldr Acceso Denegado.
Reinicie para Completar la Limpieza.
Sat Mar 22 18:13:09 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sat Mar 22 19:20:19 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Acción Directa):
Sat Mar 22 19:20:23 2008
EliBagle v11.18 (c)2008 S.G.H. / Satinfo S.L.
----------------------------------------------
Lista de Acciones (por Exploración):
Explorando Unidad C:\
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\102945.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\133926.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\146516.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14653719.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14753638.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\149667.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\153005.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\156188.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\167045.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\169697.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29178068.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\366789.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\56394.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\80168.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85691.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\90589.EXE.VIR --> Eliminado Bagle
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\972806.EXE.VIR --> Eliminado Bagle
Nº Total de Directorios: 15673
Nº Total de Ficheros: 92516
Nº de Ficheros Analizados: 15874
Nº de Ficheros Infectados: 17
Nº de Ficheros Limpiados: 17
Re, bonne nouvelle mais ce n'est pas fini ! ![:)]( ":)")
Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software
Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.
Télécharge et installe Antivir. (tuto)
Pourquoi changer ? Avast vs Antivir
Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.
Bonne soirée![:hello:]( ":hello:")
Désinstalle avast, redémarre et supprime ~~>C:\Program Files\Alwil Software
Télécharge ccleaner (>>tuto à lire !<<), tu download «the latest version » puis installe le en décochant - Ajouter la Barre d'Outils Yahoo! CCleaner
Puis lance le nettoyage, puis fais chercher des erreurs et sauvegardes si tu le souhaites.
Télécharge et installe Antivir. (tuto)
Pourquoi changer ? Avast vs Antivir
Vérifie qu’il soit bien à jour ! Fais une analyse complète en mode sans échec, sauvegarde le rapport et poste le moi.
Bonne soirée
voila easy cleaner et passer ainsi que antivir en mode sans échec voila le rapport
AntiVir PersonalEdition Classic
Report file date: 2008-03-22 22:56
Scanning for 1161960 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: r3no
Computer name: PC-DE-R3NO
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 21:45:26
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 2008-03-21 21:45:26
ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 2008-03-22 21:45:26
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 2008-03-22 21:45:26
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-03-22 21:45:26
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-03-22 22:56
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
16 processes with 16 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '15' files ).
Starting the file scan:
Begin scan in 'C:\' <HP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\catchme2008-03-22_181310.28.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.LC
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\1.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\101681.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\108139.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\112539.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\113194.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\121009.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\12468520.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\127733.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\135003.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\142475.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14623206.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c4.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14629383.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c5.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14643720.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4ab0f7e6.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\192177.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\216919.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4a8dbf1e.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\247776.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481c83c9.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29167974.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481683cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\333498.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481883ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\43961.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44631.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481b83cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59264.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783d1.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\69919.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481e83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\79669.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81073.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481583ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81744.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83cb.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85051.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481583cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\88764.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\98967.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83d3.qua'!
Begin scan in 'D:\' <Recovery>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: 2008-03-22 23:22
Used time: 26:23 min
The scan has been done completely.
16016 Scanning directories
307886 Files were scanned
37 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
16 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
307849 Files not concerned
2359 Archives were scanned
1 Warnings
12 Notes
AntiVir PersonalEdition Classic
Report file date: 2008-03-22 22:56
Scanning for 1161960 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows Vista
Windows version: (plain) [6.0.6000]
Username: r3no
Computer name: PC-DE-R3NO
Version information:
BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:15
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 21:45:26
ANTIVIR2.VDF : 7.0.3.62 337408 Bytes 2008-03-21 21:45:26
ANTIVIR3.VDF : 7.0.3.64 16384 Bytes 2008-03-22 21:45:26
AVEWIN32.DLL : 7.6.0.75 3334656 Bytes 2008-03-22 21:45:26
AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-03-22 21:45:26
AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:21
Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: E:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium
Start of the scan: 2008-03-22 22:56
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
16 processes with 16 modules were scanned
Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'D:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] In the drive 'F:\' no data medium is inserted!
Boot sector 'G:\'
[NOTE] In the drive 'G:\' no data medium is inserted!
Boot sector 'H:\'
[NOTE] In the drive 'H:\' no data medium is inserted!
Boot sector 'I:\'
[NOTE] In the drive 'I:\' no data medium is inserted!
Starting to scan the registry.
The registry was scanned ( '15' files ).
Starting the file scan:
Begin scan in 'C:\' <HP>
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Muestras\WINTEMS.EXE.Muestra EliBagle v11.18
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\catchme2008-03-22_181310.28.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> hldrrr.exe
[DETECTION] Is the Trojan horse TR/Dldr.Bagle.LC
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\1.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\srosa.sys.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\101681.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\108139.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\112539.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\113194.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\121009.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\12468520.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\127733.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\135003.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\142475.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was deleted!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14623206.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c4.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14629383.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83c5.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\14643720.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4ab0f7e6.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\192177.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\216919.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '4a8dbf1e.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\247776.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481c83c9.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\29167974.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481683cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\333498.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481883ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\43961.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\44631.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481b83cc.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\59264.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481783d1.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\69919.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481e83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\79669.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481b83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81073.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481583ca.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\81744.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83cb.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\85051.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481583cf.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\88764.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '481c83d2.qua'!
C:\QooBox\Quarantine\C\Windows\System32\drivers\down\98967.exe.vir
[DETECTION] Contains detection pattern of the worm WORM/Bagle.Gen
[INFO] The file was moved to '481e83d3.qua'!
Begin scan in 'D:\' <Recovery>
Begin scan in 'F:\'
Search path F:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'G:\'
Search path G:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'H:\'
Search path H:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'I:\'
Search path I:\ could not be opened!
Le périphérique n'est pas prêt.
Begin scan in 'E:\'
Search path E:\ could not be opened!
Le périphérique n'est pas prêt.
End of the scan: 2008-03-22 23:22
Used time: 26:23 min
The scan has been done completely.
16016 Scanning directories
307886 Files were scanned
37 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
16 files were deleted
0 files were repaired
18 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
307849 Files not concerned
2359 Archives were scanned
1 Warnings
12 Notes
Re,
Une dernière vérification![;)]( ";)")
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Une dernière vérification
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
ok voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:28, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 20450 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:07:28, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec RemoteAssist - Symantec, Inc. - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 20450 bytes
1) Afficher les dossiers cachés : http://www.micro-astuce.com/Forum/topic1607.html
2) Rends toi sur ce lien : Virus Total
c:\windows\sminst\launcher.exe
Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.
OK merci.. voila le résultat de l'analyse
Fichier Launcher.exe reçu le 2008.02.18 20:48:16 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -
Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -
Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -
Fichier Launcher.exe reçu le 2008.02.18 20:48:16 (CET)Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -
Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.2.18.0 2008.02.18 -
AntiVir 7.6.0.67 2008.02.18 -
Authentium 4.93.8 2008.02.17 -
Avast 4.7.1098.0 2008.02.18 -
AVG 7.5.0.516 2008.02.18 -
BitDefender 7.2 2008.02.18 -
CAT-QuickHeal 9.50 2008.02.16 -
ClamAV 0.92.1 2008.02.18 -
DrWeb 4.44.0.09170 2008.02.18 -
eSafe 7.0.15.0 2008.02.17 -
eTrust-Vet 31.3.5546 2008.02.18 -
Ewido 4.0 2008.02.18 -
FileAdvisor 1 2008.02.18 -
Fortinet 3.14.0.0 2008.02.18 -
F-Prot 4.4.2.54 2008.02.17 -
F-Secure 6.70.13260.0 2008.02.18 -
Ikarus T3.1.1.20 2008.02.18 -
Kaspersky 7.0.0.125 2008.02.18 -
McAfee 5232 2008.02.18 -
Microsoft 1.3204 2008.02.18 -
NOD32v2 2883 2008.02.18 -
Norman 5.80.02 2008.02.15 -
Panda 9.0.0.4 2008.02.18 -
Prevx1 V2 2008.02.18 -
Rising 20.32.02.00 2008.02.18 -
Sophos 4.26.0 2008.02.18 -
Sunbelt 3.0.884.0 2008.02.18 -
Symantec 10 2008.02.18 -
TheHacker 6.2.9.223 2008.02.18 -
VBA32 3.12.6.1 2008.02.17 -
VirusBuster 4.3.26:9 2008.02.18 -
Webwasher-Gateway 6.6.2 2008.02.18 -
Information additionnelle
File size: 44136 bytes
MD5: dbeb9ee2a13d9aa0d5f180757b5a2c26
SHA1: 5400a2b2ade9d78630e0aed1c88a284a2da18835
PEiD: -
Re,
1) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
2) Tu as des restes de Norton :
Désinstalle Symantec, Norton ..
Désinstallation Norton :
Télécharge et exécute : http://service1.symantec.com/SUPPORT/INTER/tsgeninfoint...
Une fois cela fait, redémarre l'ordinateur et poste-moi un nouveau rapport hijackthis et dis-moi comment va le PC![;)]( ";)")
1) Relance HijackThis, clique sur "do a system scan only", coche ces lignes puis clique sur "Fix Checked" et referme HijackThis :
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
2) Tu as des restes de Norton :
Désinstalle Symantec, Norton ..
Désinstallation Norton :
Télécharge et exécute : http://service1.symantec.com/SUPPORT/INTER/tsgeninfoint...
Une fois cela fait, redémarre l'ordinateur et poste-moi un nouveau rapport hijackthis et dis-moi comment va le PC
Re,
Essaye de supprimer les restes de Norton Manuellement en t'aidant de ce petit utilitaire.
http://www.01net.com/telecharger/windows/Utilitaire/man...
Tuto : http://www.cave-a-yoyo.com/forum/tutoriel-effacer-un-fi...
N.B : fais-le en mode sans échec pour plus d'efficacité.
Essaye de supprimer les restes de Norton Manuellement en t'aidant de ce petit utilitaire.
http://www.01net.com/telecharger/windows/Utilitaire/man...
Tuto : http://www.cave-a-yoyo.com/forum/tutoriel-effacer-un-fi...
N.B : fais-le en mode sans échec pour plus d'efficacité.
oui c'est ce que j'ai fait en lisant qq trucs par ci par la ... lol voila le rapport hijackthis après la suppression manuelle de tous les fichiers norton/symantec :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:47, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20431 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:04:47, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20431 bytes
j'ai refais la manip et redémarrer et voila le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:55, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20569 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:55, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\r3no\Fany\INFECTION VIRUS 22-03-08\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20569 bytes
impossible en mode sans échec il me met une erreur, j'ai tout de meme refait une tentative en mode normal mais je crois que rien n'y fait voici le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:35, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\r3no\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20454 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:58:35, on 23/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\userinit.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\r3no\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/cert...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O18 - Protocol: bw+0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D93DCB1B-C6E4-4A6E-869E-BA2B2F2FFF47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Intel(R) Alert Service (AlertService) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: COM Host (comHost) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)
O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Unknown owner - c:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing)
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Viiv(TM) Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel(R) Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Symantec AppCore Service (SymAppCore) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (file missing)
--
End of file - 20454 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumW32.spybot.worm aidez moi svp
- ForumInternet sur la wii , aidez moi svp
- ForumAidez moi svp nfs shift
- ForumTrojan downloader.keenval.c aidez moi svp
- ForumChanson sans titre aidez moi svp
- ForumAidez moi svp email-worm.win32.bagle.g
- ForumInfection tazebama.dl aidez moi svp
- ForumTrojan-psw.win32.kates.c aidez moi svp
- solutionsAidez moi svp compte facebook verrouille
- ForumAlerte virus aidez moi svp
- Voir plus
