Gros probleme avec Internet explorer
Dernière réponse : dans Sécurité
Bonjour ![:hello:]( ":hello:")
Alors j'ai un gros probleme avec IE : voila il y a un an j'ai décidé d'installer mozilla firefox pour eviter les maudites pub d'IE de mes deux donc ca a bien marché pendant un mois plus aucune pub .
Ensuite j'ai eu des pub d'IE qui arrivé malgrés que je ne navigué plus sur IE ... J'ai donc décidé de désinstaller IE pensant que je n'aurai plu a faire a ces pub !
Mais malheuresement elles sont toujours la ! Je n'est plus IE dans mon ordinateur je l'est désinstallé a l'aide de la disquette fourni quand on achete l'ordinateur ... Ce ne sont meme pas des pub ce sont des fenétres imtempestives : "impossible d'afficher la page" !!
Aidez moi s'il vous plait ca devient vraiment pompant surtout lorsque je regarde un film ou quoi en plein ecran et que ca revient sans cesse en petite taille a cause de l'apparition des pub ! Merci![:)]( ":)")
Alors j'ai un gros probleme avec IE : voila il y a un an j'ai décidé d'installer mozilla firefox pour eviter les maudites pub d'IE de mes deux donc ca a bien marché pendant un mois plus aucune pub .Ensuite j'ai eu des pub d'IE qui arrivé malgrés que je ne navigué plus sur IE ... J'ai donc décidé de désinstaller IE pensant que je n'aurai plu a faire a ces pub !
Mais malheuresement elles sont toujours la ! Je n'est plus IE dans mon ordinateur je l'est désinstallé a l'aide de la disquette fourni quand on achete l'ordinateur ... Ce ne sont meme pas des pub ce sont des fenétres imtempestives : "impossible d'afficher la page" !!
Aidez moi s'il vous plait ca devient vraiment pompant surtout lorsque je regarde un film ou quoi en plein ecran et que ca revient sans cesse en petite taille a cause de l'apparition des pub ! Merci
Autres pages sur : gros probleme internet explorer
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Voila le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:08, on 05/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\win3206767613422.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: 0 - {38EC607D-4778-4873-1695-A431BD447844} - C:\Program Files\Intel\wohutaju.dll (file missing)
O2 - BHO: CFG32S - {7564B020-44E8-4c9b-A887-C6EC41AC67DA} - C:\WINDOWS\cfg32r.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C8F626CC-AF19-54D3-C3A7-A17F6426843A} - C:\WINDOWS\Jctqbora.dll (file missing)
O2 - BHO: (no name) - {E4A08C51-CE2B-4EA5-BD39-EA122E9A930D} - C:\Program Files\Synaptics\kymarixa777444.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [clock type idle once] C:\Documents and Settings\All Users\Application Data\Longidolclocktype\corn once.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Sloopy7.exe
O4 - HKLM\..\Run: [{ZN}] C:\WINDOWS\sys067676134222007.exe SKY003
O4 - HKLM\..\Run: [sady] C:\Program Files\CONEXANT\sady77798.exe
O4 - HKLM\..\Run: [win3206767613422] C:\WINDOWS\win3206767613422.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [sys_up1] C:\Program Files\Common Files\svchostsys\svchostsys.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [HoleBib] C:\DOCUME~1\ABRUZZ~1\APPLIC~1\FACEJU~1\BodyBendTick.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [PaSystem] "C:\Program Files\pasystem\pasystem.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Policies\Explorer\Run: [{249016AF-0BB0-1036-0920-050502210021}] "C:\Program Files\Fichiers communs\{249016AF-0BB0-1036-0920-050502210021}\Update.exe" mc-58-12-0000106
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bw+0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Net Agent - Unknown owner - C:\WINDOWS\dls0523pmw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Intel\baqyjyce.html
--
End of file - 25559 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:08, on 05/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Common\FCH32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FAMEH32.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\WINDOWS\win3206767613422.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&lo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: 0 - {38EC607D-4778-4873-1695-A431BD447844} - C:\Program Files\Intel\wohutaju.dll (file missing)
O2 - BHO: CFG32S - {7564B020-44E8-4c9b-A887-C6EC41AC67DA} - C:\WINDOWS\cfg32r.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {C8F626CC-AF19-54D3-C3A7-A17F6426843A} - C:\WINDOWS\Jctqbora.dll (file missing)
O2 - BHO: (no name) - {E4A08C51-CE2B-4EA5-BD39-EA122E9A930D} - C:\Program Files\Synaptics\kymarixa777444.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [clock type idle once] C:\Documents and Settings\All Users\Application Data\Longidolclocktype\corn once.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TheMonitor] C:\WINDOWS\Sloopy7.exe
O4 - HKLM\..\Run: [{ZN}] C:\WINDOWS\sys067676134222007.exe SKY003
O4 - HKLM\..\Run: [sady] C:\Program Files\CONEXANT\sady77798.exe
O4 - HKLM\..\Run: [win3206767613422] C:\WINDOWS\win3206767613422.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [sys_up1] C:\Program Files\Common Files\svchostsys\svchostsys.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [HoleBib] C:\DOCUME~1\ABRUZZ~1\APPLIC~1\FACEJU~1\BodyBendTick.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 - HKCU\..\Run: [PaSystem] "C:\Program Files\pasystem\pasystem.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Policies\Explorer\Run: [{249016AF-0BB0-1036-0920-050502210021}] "C:\Program Files\Fichiers communs\{249016AF-0BB0-1036-0920-050502210021}\Update.exe" mc-58-12-0000106
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ShopperReports - Compare product prices - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bw+0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Net Agent - Unknown owner - C:\WINDOWS\dls0523pmw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Intel\baqyjyce.html
--
End of file - 25559 bytes
Re,
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer
Ok voila le rapport :
ComboFix 08-11-04.02 - ABRUZZESE Nicolas 2008-11-05 21:16:07.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.564 [GMT 1:00]
Lancé depuis: c:\documents and settings\ABRUZZESE Nicolas\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\ABRUZZ~1\LOCALS~1\Temp\NNBar_VCSetup_876056.exe
c:\documents and settings\ABRUZZESE Nicolas\Application Data\Dxcdmns.dll
c:\documents and settings\ABRUZZESE Nicolas\Application Data\Dxcknwrd.dll
c:\documents and settings\ABRUZZESE Nicolas\Application Data\WinAntiVirus Pro 2006
c:\documents and settings\ABRUZZESE Nicolas\Local Settings\Temporary Internet Files\Dxc.log
c:\documents and settings\All Users\Application Data\WinAntiVirus Pro 2006
c:\documents and settings\Caroline\Local Settings\Temporary Internet Files\Dxc.log
c:\program files\fcadvice
c:\program files\fcadvice\patterns.dat
c:\program files\Fichiers communs\{24901~1
c:\program files\Fichiers communs\inetget
c:\program files\Fichiers communs\winantivirus pro 2006
c:\program files\Fichiers communs\winantivirus pro 2006\WapCHK.dll
c:\program files\Hotbar
c:\program files\Intel\baqyjyce.html
c:\program files\ipwins
c:\program files\ipwins\count.dat
c:\program files\ipwins\data.dat
c:\program files\ipwins\date.dat
c:\program files\ipwins\s13k.dat
c:\program files\ipwins\s17c.3.dat
c:\program files\ipwins\s180.2.dat
c:\program files\ipwins\s190.dat
c:\program files\ipwins\s1bo.dat
c:\program files\ipwins\s1bs.dat
c:\program files\ipwins\s1ps.6.dat
c:\program files\ipwins\s1s8.4.dat
c:\program files\ipwins\s21c.2.dat
c:\program files\ipwins\s23g.3.dat
c:\program files\ipwins\s26g.1.dat
c:\program files\ipwins\s270.dat
c:\program files\ipwins\s29o.2.dat
c:\program files\ipwins\s29o.dat
c:\program files\ipwins\s2a0.dat
c:\program files\ipwins\s2ag.a.dat
c:\program files\ipwins\s2e4.dat
c:\program files\ipwins\s2f0.dat
c:\program files\ipwins\s2fg.dat
c:\program files\ipwins\s2i0.dat
c:\program files\ipwins\s2ic.d.dat
c:\program files\ipwins\s2ik.2.dat
c:\program files\ipwins\s2ik.dat
c:\program files\ipwins\s2is.dat
c:\program files\ipwins\s2k0.dat
c:\program files\ipwins\s2ko.e.dat
c:\program files\ipwins\s2qk.1.dat
c:\program files\ipwins\s2rc.d.dat
c:\program files\ipwins\s2s8.c.dat
c:\program files\ipwins\s2sk.4.dat
c:\program files\ipwins\s2t8.1.dat
c:\program files\ipwins\s2u8.dat
c:\program files\ipwins\s2uo.dat
c:\program files\ipwins\s2v4.3.dat
c:\program files\ipwins\s31s.dat
c:\program files\ipwins\s324.dat
c:\program files\ipwins\s32c.dat
c:\program files\ipwins\s32s.1.dat
c:\program files\ipwins\s330.f.dat
c:\program files\ipwins\s3a0.6.dat
c:\program files\ipwins\s3ak.1.dat
c:\program files\ipwins\s3bc.9.dat
c:\program files\ipwins\s3bg.3.dat
c:\program files\ipwins\s3bo.1.dat
c:\program files\ipwins\s3bs.4.dat
c:\program files\ipwins\s3g0.dat
c:\program files\ipwins\s3ic.dat
c:\program files\ipwins\s3io.2.dat
c:\program files\ipwins\s3jc.13.dat
c:\program files\ipwins\s3ko.dat
c:\program files\ipwins\s3lo.dat
c:\program files\ipwins\s3ng.1.dat
c:\program files\ipwins\s3qs.2.dat
c:\program files\ipwins\s3r8.dat
c:\program files\ipwins\s3sg.dat
c:\program files\ipwins\s3sk.1.dat
c:\program files\ipwins\s3ss.dat
c:\program files\ipwins\s3u4.dat
c:\program files\ipwins\s3u8.3.dat
c:\program files\ipwins\s3v0.dat
c:\program files\ipwins\s3vo.6.dat
c:\program files\ipwins\s4qk.2.dat
c:\program files\ipwins\s504.6.dat
c:\program files\ipwins\s6hg.dat
c:\program files\ipwins\sac.k.dat
c:\program files\ipwins\scs.1.dat
c:\program files\ipwins\sek.dat
c:\program files\ipwins\ses.dat
c:\program files\ipwins\settings.dat
c:\program files\ipwins\settingsDate.dat
c:\program files\ipwins\sf0.1.dat
c:\program files\ipwins\sg4.dat
c:\program files\ipwins\sh0.dat
c:\program files\ipwins\skc.1.dat
c:\program files\ipwins\spo.3.dat
c:\program files\ipwins\sq4.dat
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\Cache\0009D66E.bin
c:\program files\myglobalsearch\bar\Cache\000CA9E1
c:\program files\myglobalsearch\bar\Cache\000CE063
c:\program files\myglobalsearch\bar\Cache\0010DE3C.A
c:\program files\myglobalsearch\bar\Cache\0010EBE8.bin
c:\program files\myglobalsearch\bar\Cache\0010F34B.bin
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\program files\pasystem
c:\program files\pasystem\PASYSTEM.0XE
c:\program files\pasystem\support.dat
c:\program files\pasystem\Uninstall.exe
c:\program files\snowball wars
c:\program files\snowball wars\License.txt
c:\program files\winantivirus pro 2006
c:\program files\winantivirus pro 2006\history.db
c:\program files\windows
c:\windows\cfg32a.exe
c:\windows\cs_cache.ini
c:\windows\IE4 Error Log.txt
c:\windows\itpb_4.exe
c:\windows\libbz2.dll
c:\windows\system32\battyrun.dll
c:\windows\system32\drivers\core.cache.dsk
c:\windows\system32\drivers\core.sys
c:\windows\system32\stera.job
c:\windows\system32\stera.log
c:\windows\system32\unsvchosts.lzma
c:\windows\system32\winnb58.dll
c:\windows\system32\winnb69.dll
c:\windows\uninst2.htm
c:\windows\unist1.htm
c:\windows\win3206767613422.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CORE
-------\Legacy_FOPN
-------\Legacy_NET_AGENT
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_core
-------\Service_Net Agent
-------\Service_vspf
-------\Service_vspf_hk
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-05 au 2008-11-05 ))))))))))))))))))))))))))))))))))))
.
2008-11-05 14:46 . 2008-11-05 14:46 <REP> d-------- c:\program files\Trend Micro
2008-10-24 14:04 . 2008-10-24 14:10 <REP> d-------- c:\program files\Paint.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 20:17 --------- d-----w c:\program files\Intel
2008-11-03 00:00 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\uTorrent
2008-10-30 17:32 --------- d-----w c:\program files\Easy Internet signup
2008-10-29 10:03 51,072 ----a-w c:\windows\system32\drivers\fsdfw.sys
2008-10-29 10:03 30,016 ----a-w c:\windows\system32\drivers\fsndis5.sys
2008-10-24 18:19 7,160 ----a-w c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
2008-10-18 17:05 --------- d-----w c:\program files\LimeWire
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-09-27 19:57 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\F-Secure
2008-09-25 18:11 --------- d-----w c:\program files\iTunes
2008-09-25 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 18:10 --------- d-----w c:\program files\iPod
2008-09-25 18:08 --------- d-----w c:\program files\QuickTime
2008-09-25 18:08 --------- d-----w c:\program files\Bonjour
2008-09-25 18:07 --------- d-----w c:\program files\Fichiers communs\Apple
2008-09-25 18:04 --------- d-----w c:\program files\Apple Software Update
2008-09-25 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 14:45 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2008-05-17 17:18 0 ----a-w c:\program files\temp01
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4A08C51-CE2B-4EA5-BD39-EA122E9A930D}]
2008-02-28 02:54 217088 --a------ c:\program files\Synaptics\kymarixa777444.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-26 36864]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-11-06 190024]
"msnmsgr"="c:\progra~1\MSNMES~1\msnmsgr.exe" [2007-01-19 5674352]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 794624]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-08 339968]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"News Service"="c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 372736]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"sady"="c:\program files\CONEXANT\sady77798.exe" [2007-08-07 163840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 53248]
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-26 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm "= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\lphant\\eLePhantClient.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-29 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\Av_Fw\HIPS\fshs.sys [2008-10-29 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\Av_Fw\Anti-Virus\minifilter\fsgk.sys [2008-04-23 62048]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2008-04-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2008-04-23 25184]
.
Contenu du dossier 'Tâches planifiées'
2008-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-30 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-03 10:04]
2008-11-05 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]
2008-11-05 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{38EC607D-4778-4873-1695-A431BD447844} - c:\program files\Intel\wohutaju.dll
BHO-{C8F626CC-AF19-54D3-C3A7-A17F6426843A} - c:\windows\Jctqbora.dll
HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\GestMaj.exe
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
HKCU-Run-HoleBib - c:\docume~1\ABRUZZ~1\APPLIC~1\FACEJU~1\BodyBendTick.exe
HKCU-Run-WhenUSave - c:\program files\Save\Save.exe
HKCU-Run-PaSystem - c:\program files\pasystem\pasystem.exe
HKLM-Run-clock type idle once - c:\documents and settings\All Users\Application Data\Longidolclocktype\corn once.exe
HKLM-Run-win3206767613422 - c:\windows\win3206767613422.exe
HKCU-Explorer_Run-{249016AF-0BB0-1036-0920-050502210021} - c:\program files\Fichiers communs\{249016AF-0BB0-1036-0920-050502210021}\Update.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\ABRUZZESE Nicolas\Application Data\Mozilla\Firefox\Profiles\ipfbmvhc.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.wanadoo.fr/
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-05 21:25:40
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????8?2?0?0??????? ???B?????????????H<C? ??????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsgk32.exe
c:\program files\Securitoo\Av_Fw\Common\FSMA32.EXE
c:\program files\Securitoo\Av_Fw\Common\FSMB32.EXE
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Securitoo\Av_Fw\Common\FCH32.EXE
c:\program files\Securitoo\Av_Fw\Common\FAMEH32.EXE
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
c:\program files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
c:\program files\Securitoo\Av_Fw\FWES\program\fsdfwd.exe
c:\program files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
c:\program files\Java\jre1.5.0_02\bin\jucheck.exe
c:\program files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\HPQ\Shared\hpqwmi.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hp\Digital Imaging\bin\hpqgalry.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Heure de fin: 2008-11-05 21:32:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-05 20:32:21
Avant-CF: 18 035 474 432 octets libres
Après-CF: 19,938,656,256 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
356 --- E O F --- 2008-10-24 22:32:15
ComboFix 08-11-04.02 - ABRUZZESE Nicolas 2008-11-05 21:16:07.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.564 [GMT 1:00]
Lancé depuis: c:\documents and settings\ABRUZZESE Nicolas\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\docume~1\ABRUZZ~1\LOCALS~1\Temp\NNBar_VCSetup_876056.exe
c:\documents and settings\ABRUZZESE Nicolas\Application Data\Dxcdmns.dll
c:\documents and settings\ABRUZZESE Nicolas\Application Data\Dxcknwrd.dll
c:\documents and settings\ABRUZZESE Nicolas\Application Data\WinAntiVirus Pro 2006
c:\documents and settings\ABRUZZESE Nicolas\Local Settings\Temporary Internet Files\Dxc.log
c:\documents and settings\All Users\Application Data\WinAntiVirus Pro 2006
c:\documents and settings\Caroline\Local Settings\Temporary Internet Files\Dxc.log
c:\program files\fcadvice
c:\program files\fcadvice\patterns.dat
c:\program files\Fichiers communs\{24901~1
c:\program files\Fichiers communs\inetget
c:\program files\Fichiers communs\winantivirus pro 2006
c:\program files\Fichiers communs\winantivirus pro 2006\WapCHK.dll
c:\program files\Hotbar
c:\program files\Intel\baqyjyce.html
c:\program files\ipwins
c:\program files\ipwins\count.dat
c:\program files\ipwins\data.dat
c:\program files\ipwins\date.dat
c:\program files\ipwins\s13k.dat
c:\program files\ipwins\s17c.3.dat
c:\program files\ipwins\s180.2.dat
c:\program files\ipwins\s190.dat
c:\program files\ipwins\s1bo.dat
c:\program files\ipwins\s1bs.dat
c:\program files\ipwins\s1ps.6.dat
c:\program files\ipwins\s1s8.4.dat
c:\program files\ipwins\s21c.2.dat
c:\program files\ipwins\s23g.3.dat
c:\program files\ipwins\s26g.1.dat
c:\program files\ipwins\s270.dat
c:\program files\ipwins\s29o.2.dat
c:\program files\ipwins\s29o.dat
c:\program files\ipwins\s2a0.dat
c:\program files\ipwins\s2ag.a.dat
c:\program files\ipwins\s2e4.dat
c:\program files\ipwins\s2f0.dat
c:\program files\ipwins\s2fg.dat
c:\program files\ipwins\s2i0.dat
c:\program files\ipwins\s2ic.d.dat
c:\program files\ipwins\s2ik.2.dat
c:\program files\ipwins\s2ik.dat
c:\program files\ipwins\s2is.dat
c:\program files\ipwins\s2k0.dat
c:\program files\ipwins\s2ko.e.dat
c:\program files\ipwins\s2qk.1.dat
c:\program files\ipwins\s2rc.d.dat
c:\program files\ipwins\s2s8.c.dat
c:\program files\ipwins\s2sk.4.dat
c:\program files\ipwins\s2t8.1.dat
c:\program files\ipwins\s2u8.dat
c:\program files\ipwins\s2uo.dat
c:\program files\ipwins\s2v4.3.dat
c:\program files\ipwins\s31s.dat
c:\program files\ipwins\s324.dat
c:\program files\ipwins\s32c.dat
c:\program files\ipwins\s32s.1.dat
c:\program files\ipwins\s330.f.dat
c:\program files\ipwins\s3a0.6.dat
c:\program files\ipwins\s3ak.1.dat
c:\program files\ipwins\s3bc.9.dat
c:\program files\ipwins\s3bg.3.dat
c:\program files\ipwins\s3bo.1.dat
c:\program files\ipwins\s3bs.4.dat
c:\program files\ipwins\s3g0.dat
c:\program files\ipwins\s3ic.dat
c:\program files\ipwins\s3io.2.dat
c:\program files\ipwins\s3jc.13.dat
c:\program files\ipwins\s3ko.dat
c:\program files\ipwins\s3lo.dat
c:\program files\ipwins\s3ng.1.dat
c:\program files\ipwins\s3qs.2.dat
c:\program files\ipwins\s3r8.dat
c:\program files\ipwins\s3sg.dat
c:\program files\ipwins\s3sk.1.dat
c:\program files\ipwins\s3ss.dat
c:\program files\ipwins\s3u4.dat
c:\program files\ipwins\s3u8.3.dat
c:\program files\ipwins\s3v0.dat
c:\program files\ipwins\s3vo.6.dat
c:\program files\ipwins\s4qk.2.dat
c:\program files\ipwins\s504.6.dat
c:\program files\ipwins\s6hg.dat
c:\program files\ipwins\sac.k.dat
c:\program files\ipwins\scs.1.dat
c:\program files\ipwins\sek.dat
c:\program files\ipwins\ses.dat
c:\program files\ipwins\settings.dat
c:\program files\ipwins\settingsDate.dat
c:\program files\ipwins\sf0.1.dat
c:\program files\ipwins\sg4.dat
c:\program files\ipwins\sh0.dat
c:\program files\ipwins\skc.1.dat
c:\program files\ipwins\spo.3.dat
c:\program files\ipwins\sq4.dat
c:\program files\myglobalsearch
c:\program files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
c:\program files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
c:\program files\myglobalsearch\bar\Cache\0009D66E.bin
c:\program files\myglobalsearch\bar\Cache\000CA9E1
c:\program files\myglobalsearch\bar\Cache\000CE063
c:\program files\myglobalsearch\bar\Cache\0010DE3C.A
c:\program files\myglobalsearch\bar\Cache\0010EBE8.bin
c:\program files\myglobalsearch\bar\Cache\0010F34B.bin
c:\program files\myglobalsearch\bar\Cache\files.ini
c:\program files\myglobalsearch\bar\History\search
c:\program files\myglobalsearch\bar\Settings\prevcfg.htm
c:\program files\pasystem
c:\program files\pasystem\PASYSTEM.0XE
c:\program files\pasystem\support.dat
c:\program files\pasystem\Uninstall.exe
c:\program files\snowball wars
c:\program files\snowball wars\License.txt
c:\program files\winantivirus pro 2006
c:\program files\winantivirus pro 2006\history.db
c:\program files\windows
c:\windows\cfg32a.exe
c:\windows\cs_cache.ini
c:\windows\IE4 Error Log.txt
c:\windows\itpb_4.exe
c:\windows\libbz2.dll
c:\windows\system32\battyrun.dll
c:\windows\system32\drivers\core.cache.dsk
c:\windows\system32\drivers\core.sys
c:\windows\system32\stera.job
c:\windows\system32\stera.log
c:\windows\system32\unsvchosts.lzma
c:\windows\system32\winnb58.dll
c:\windows\system32\winnb69.dll
c:\windows\uninst2.htm
c:\windows\unist1.htm
c:\windows\win3206767613422.exe
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_CORE
-------\Legacy_FOPN
-------\Legacy_NET_AGENT
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_core
-------\Service_Net Agent
-------\Service_vspf
-------\Service_vspf_hk
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-05 au 2008-11-05 ))))))))))))))))))))))))))))))))))))
.
2008-11-05 14:46 . 2008-11-05 14:46 <REP> d-------- c:\program files\Trend Micro
2008-10-24 14:04 . 2008-10-24 14:10 <REP> d-------- c:\program files\Paint.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-05 20:17 --------- d-----w c:\program files\Intel
2008-11-03 00:00 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\uTorrent
2008-10-30 17:32 --------- d-----w c:\program files\Easy Internet signup
2008-10-29 10:03 51,072 ----a-w c:\windows\system32\drivers\fsdfw.sys
2008-10-29 10:03 30,016 ----a-w c:\windows\system32\drivers\fsndis5.sys
2008-10-24 18:19 7,160 ----a-w c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
2008-10-18 17:05 --------- d-----w c:\program files\LimeWire
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-09-27 19:57 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\F-Secure
2008-09-25 18:11 --------- d-----w c:\program files\iTunes
2008-09-25 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 18:10 --------- d-----w c:\program files\iPod
2008-09-25 18:08 --------- d-----w c:\program files\QuickTime
2008-09-25 18:08 --------- d-----w c:\program files\Bonjour
2008-09-25 18:07 --------- d-----w c:\program files\Fichiers communs\Apple
2008-09-25 18:04 --------- d-----w c:\program files\Apple Software Update
2008-09-25 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 14:45 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2008-05-17 17:18 0 ----a-w c:\program files\temp01
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4A08C51-CE2B-4EA5-BD39-EA122E9A930D}]
2008-02-28 02:54 217088 --a------ c:\program files\Synaptics\kymarixa777444.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-26 36864]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-11-06 190024]
"msnmsgr"="c:\progra~1\MSNMES~1\msnmsgr.exe" [2007-01-19 5674352]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 794624]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-08 339968]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"News Service"="c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 372736]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"sady"="c:\program files\CONEXANT\sady77798.exe" [2007-08-07 163840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 53248]
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-26 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm "= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\lphant\\eLePhantClient.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-29 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\Av_Fw\HIPS\fshs.sys [2008-10-29 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\Av_Fw\Anti-Virus\minifilter\fsgk.sys [2008-04-23 62048]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2008-04-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2008-04-23 25184]
.
Contenu du dossier 'Tâches planifiées'
2008-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-30 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-03 10:04]
2008-11-05 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]
2008-11-05 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
- - - - ORPHELINS SUPPRIMES - - - -
BHO-{38EC607D-4778-4873-1695-A431BD447844} - c:\program files\Intel\wohutaju.dll
BHO-{C8F626CC-AF19-54D3-C3A7-A17F6426843A} - c:\windows\Jctqbora.dll
HKCU-Run-WOOKIT - c:\progra~1\Wanadoo\GestMaj.exe
HKCU-Run-swg - c:\program files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
HKCU-Run-HoleBib - c:\docume~1\ABRUZZ~1\APPLIC~1\FACEJU~1\BodyBendTick.exe
HKCU-Run-WhenUSave - c:\program files\Save\Save.exe
HKCU-Run-PaSystem - c:\program files\pasystem\pasystem.exe
HKLM-Run-clock type idle once - c:\documents and settings\All Users\Application Data\Longidolclocktype\corn once.exe
HKLM-Run-win3206767613422 - c:\windows\win3206767613422.exe
HKCU-Explorer_Run-{249016AF-0BB0-1036-0920-050502210021} - c:\program files\Fichiers communs\{249016AF-0BB0-1036-0920-050502210021}\Update.exe
.
------- Examen supplémentaire -------
.
FireFox -: Profile - c:\documents and settings\ABRUZZESE Nicolas\Application Data\Mozilla\Firefox\Profiles\ipfbmvhc.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.wanadoo.fr/
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-05 21:25:40
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????8?2?0?0??????? ???B?????????????H<C? ??????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\ati2evxx.exe
c:\program files\Lavasoft\Ad-Aware 2007\aawservice.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\CTSVCCDA.EXE
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsgk32.exe
c:\program files\Securitoo\Av_Fw\Common\FSMA32.EXE
c:\program files\Securitoo\Av_Fw\Common\FSMB32.EXE
c:\program files\Fichiers communs\LightScribe\LSSrvc.exe
c:\windows\system32\wdfmgr.exe
c:\program files\Securitoo\Av_Fw\Common\FCH32.EXE
c:\program files\Securitoo\Av_Fw\Common\FAMEH32.EXE
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsqh.exe
c:\program files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
c:\program files\Securitoo\Av_Fw\FWES\program\fsdfwd.exe
c:\program files\Securitoo\Av_Fw\FSAUA\program\fsus.exe
c:\windows\system32\ati2evxx.exe
c:\program files\Securitoo\Av_Fw\Anti-Virus\fsav32.exe
c:\program files\Java\jre1.5.0_02\bin\jucheck.exe
c:\program files\Securitoo\Av_Fw\FSGUI\fsguidll.exe
c:\program files\Fichiers communs\Teleca Shared\CapabilityManager.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\Logitech\Video\FxSvr2.exe
c:\program files\HPQ\Shared\hpqwmi.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\Hp\Digital Imaging\bin\hpqgalry.exe
c:\program files\Fichiers communs\Teleca Shared\Generic.exe
c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
c:\program files\Internet Explorer\iexplore.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Heure de fin: 2008-11-05 21:32:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-05 20:32:21
Avant-CF: 18 035 474 432 octets libres
Après-CF: 19,938,656,256 octets libres
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
356 --- E O F --- 2008-10-24 22:32:15
! Apparament je n'ai plus de fenêtres imtempestives de IE ! Grace a toi lol donc un grand merci a toi
ok voila :
Fichier kymarixa777444.dll reçu le 2008.05.21 08:12:46 (CET)
Situation actuelle: terminé
Résultat: 20/32 (62.50%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - ADSPY/TTC.E.1
Authentium - - -
Avast - - Win32:Adware-gen
AVG - - Adware Generic2.ACQG
BitDefender - - Trojan.Generic.241118
CAT-QuickHeal - - AdWare.TTC.e (Not a Virus)
ClamAV - - -
DrWeb - - Adware.Ttc.4
eSafe - - -
eTrust-Vet - - -
Ewido - - Not-A-Virus.Adware.TTC
F-Prot - - -
F-Secure - - -
Fortinet - - Adware/TTC
GData - - Win32:Adware-gen
Ikarus - - not-a-virus:AdWare.Win32.TTC.e
Kaspersky - - not-a-virus:AdWare.Win32.TTC.e
McAfee - - Downloader-BEC
Microsoft - - -
NOD32v2 - - -
Norman - - W32/TTC.FN
Panda - - Adware/TTC
Prevx1 - - Adware
Rising - - -
Sophos - - AdMoke
Sunbelt - - Adware.TTC
Symantec - - -
TheHacker - - Adware/TTC.e
VBA32 - - AdWare.Win32.TTC.e
VirusBuster - - -
Webwasher-Gateway - - Ad-Spyware.TTC.E.1
Information additionnelle
MD5: 417444e8f07f46a6e582df2fdd63ef61
SHA1: 7f4899e300dbecd375433606ed1fb2063ee199ea
SHA256: 9c660472033c9f71dcba598f2ad38c12fa7138c1bab847ee816d182083109aec
SHA512: 11b18b4a2ffa1aa220a237f611f947988fba7c7a6f9ad3f1ebc5cd1998289de237f36231cefa4851e3e41e8c2e6eec5f3394426787dcc984653b3502c4930ca2
ATENTION
Fichier kymarixa777444.dll reçu le 2008.05.21 08:12:46 (CET)
Situation actuelle: terminé
Résultat: 20/32 (62.50%)
Formaté Formaté
Impression des résultats Impression des résultats
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - ADSPY/TTC.E.1
Authentium - - -
Avast - - Win32:Adware-gen
AVG - - Adware Generic2.ACQG
BitDefender - - Trojan.Generic.241118
CAT-QuickHeal - - AdWare.TTC.e (Not a Virus)
ClamAV - - -
DrWeb - - Adware.Ttc.4
eSafe - - -
eTrust-Vet - - -
Ewido - - Not-A-Virus.Adware.TTC
F-Prot - - -
F-Secure - - -
Fortinet - - Adware/TTC
GData - - Win32:Adware-gen
Ikarus - - not-a-virus:AdWare.Win32.TTC.e
Kaspersky - - not-a-virus:AdWare.Win32.TTC.e
McAfee - - Downloader-BEC
Microsoft - - -
NOD32v2 - - -
Norman - - W32/TTC.FN
Panda - - Adware/TTC
Prevx1 - - Adware
Rising - - -
Sophos - - AdMoke
Sunbelt - - Adware.TTC
Symantec - - -
TheHacker - - Adware/TTC.e
VBA32 - - AdWare.Win32.TTC.e
VirusBuster - - -
Webwasher-Gateway - - Ad-Spyware.TTC.E.1
Information additionnelle
MD5: 417444e8f07f46a6e582df2fdd63ef61
SHA1: 7f4899e300dbecd375433606ed1fb2063ee199ea
SHA256: 9c660472033c9f71dcba598f2ad38c12fa7138c1bab847ee816d182083109aec
SHA512: 11b18b4a2ffa1aa220a237f611f947988fba7c7a6f9ad3f1ebc5cd1998289de237f36231cefa4851e3e41e8c2e6eec5f3394426787dcc984653b3502c4930ca2
ATENTION
Apparament les fenétres imtempestives IE n'était pas responsables du probleme que j'avais et que j'ai donc toujour quand je regarde un film sur megavideo par exemple et bien quand je suis en mode plein ecran il s'annule tout seul c'est a dire que la vidéo repasse en petite taille toute seule lol et c'est déprimant ^^
Re,
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].
Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :
![]()
Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
* le nom de la partition peut changer
[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
File::
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
Dirlook::
c:\program files\Synaptics
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4A08C51-CE2B-4EA5-BD39-EA122E9A930D}]
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
Dirlook::
c:\program files\Synaptics
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E4A08C51-CE2B-4EA5-BD39-EA122E9A930D}]
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].
Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :
Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
* le nom de la partition peut changer
Re ok alor voila le rapport combofix :
ComboFix 08-11-04.02 - ABRUZZESE Nicolas 2008-11-06 21:44:18.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.566 [GMT 1:00]
Lancé depuis: c:\documents and settings\ABRUZZESE Nicolas\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\ABRUZZESE Nicolas\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-06 au 2008-11-06 ))))))))))))))))))))))))))))))))))))
.
2008-11-05 14:46 . 2008-11-05 14:46 <REP> d-------- c:\program files\Trend Micro
2008-10-24 14:04 . 2008-10-24 14:10 <REP> d-------- c:\program files\Paint.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 20:44 --------- d-----w c:\program files\Synaptics
2008-11-05 20:17 --------- d-----w c:\program files\Intel
2008-11-03 00:00 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\uTorrent
2008-10-30 17:32 --------- d-----w c:\program files\Easy Internet signup
2008-10-29 10:03 51,072 ----a-w c:\windows\system32\drivers\fsdfw.sys
2008-10-29 10:03 30,016 ----a-w c:\windows\system32\drivers\fsndis5.sys
2008-10-18 17:05 --------- d-----w c:\program files\LimeWire
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-09-27 19:57 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\F-Secure
2008-09-25 18:11 --------- d-----w c:\program files\iTunes
2008-09-25 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 18:10 --------- d-----w c:\program files\iPod
2008-09-25 18:08 --------- d-----w c:\program files\QuickTime
2008-09-25 18:08 --------- d-----w c:\program files\Bonjour
2008-09-25 18:07 --------- d-----w c:\program files\Fichiers communs\Apple
2008-09-25 18:04 --------- d-----w c:\program files\Apple Software Update
2008-09-25 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 14:45 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2008-05-17 17:18 0 ----a-w c:\program files\temp01
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\Synaptics ----
2008-02-28 02:54 217088 --a------ c:\program files\Synaptics\kymarixa777444.dll
2005-03-10 11:23 13242 --a------ c:\program files\Synaptics\SynTP\Media\SP29913.cva
2005-03-10 03:49 17800 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.cat
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\SynUnst.ini
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\Media\SynUnst.ini
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\Media\SynPD.inf
2005-02-02 13:23 536 --a------ c:\program files\Synaptics\SynTP\Media\layout.bin
2005-02-02 13:23 512 --a------ c:\program files\Synaptics\SynTP\Media\data2.cab
2005-02-02 13:23 4654 --a------ c:\program files\Synaptics\SynTP\Media\SynHid.inf
2005-02-02 13:23 3966 --a------ c:\program files\Synaptics\SynTP\Media\US\ReadMe.txt
2005-02-02 13:23 3966 --a------ c:\program files\Synaptics\SynTP\Media\ReadMe.txt
2005-02-02 13:23 384 --a------ c:\program files\Synaptics\SynTP\Media\Setup.ini
2005-02-02 13:23 2720 --a------ c:\program files\Synaptics\SynTP\Media\IT\ReadMe.txt
2005-02-02 13:23 27170 --a------ c:\program files\Synaptics\SynTP\Media\data1.hdr
2005-02-02 13:23 2693 --a------ c:\program files\Synaptics\SynTP\Media\FR\ReadMe.txt
2005-02-02 13:23 2685 --a------ c:\program files\Synaptics\SynTP\Media\GR\ReadMe.txt
2005-02-02 13:23 2673 --a------ c:\program files\Synaptics\SynTP\Media\NL\ReadMe.txt
2005-02-02 13:23 2655 --a------ c:\program files\Synaptics\SynTP\Media\LS\ReadMe.txt
2005-02-02 13:23 2552 --a------ c:\program files\Synaptics\SynTP\Media\BP\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\NO\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\FI\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\DK\ReadMe.txt
2005-02-02 13:23 2465 --a------ c:\program files\Synaptics\SynTP\Media\SE\ReadMe.txt
2005-02-02 13:23 2199 --a------ c:\program files\Synaptics\SynTP\Media\TH\ReadMe.txt
2005-02-02 13:23 2111 --a------ c:\program files\Synaptics\SynTP\Media\JP\ReadMe.txt
2005-02-02 13:23 2039 --a------ c:\program files\Synaptics\SynTP\Media\KR\ReadMe.txt
2005-02-02 13:23 2033 --a------ c:\program files\Synaptics\SynTP\Media\SC\ReadMe.txt
2005-02-02 13:23 1778218 --a------ c:\program files\Synaptics\SynTP\Media\data1.cab
2005-02-02 13:23 161950 --a------ c:\program files\Synaptics\SynTP\Media\setup.inx
2005-02-02 13:23 1523 --a------ c:\program files\Synaptics\SynTP\Media\TC\ReadMe.txt
2005-02-02 13:23 124469 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.ini
2005-02-02 13:14 81920 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCo2.dll
2005-02-02 13:14 69632 --a------ c:\program files\Synaptics\SynTP\Media\InstNT.exe
2005-02-02 13:14 69632 --a------ c:\program files\Synaptics\SynTP\InstNT.exe
2005-02-02 13:13 548864 --a------ c:\program files\Synaptics\SynTP\SynISDLL.dll
2005-02-02 13:13 548864 --a------ c:\program files\Synaptics\SynTP\Media\SynISDLL.dll
2005-02-02 13:12 8646 --a------ c:\program files\Synaptics\SynTP\SynTPEnh.ini
2005-02-02 13:12 8646 --a------ c:\program files\Synaptics\SynTP\Media\SynTPEnh.ini
2005-02-02 13:12 69724 --a------ c:\program files\Synaptics\SynTP\Media\SynTPFcs.dll
2005-02-02 13:12 212992 --a------ c:\program files\Synaptics\SynTP\Tutorial.exe
2005-02-02 13:12 212992 --a------ c:\program files\Synaptics\SynTP\Media\Tutorial.exe
2005-02-02 13:12 102492 --a------ c:\program files\Synaptics\SynTP\SynTPLpr.exe
2005-02-02 13:12 102492 --a------ c:\program files\Synaptics\SynTP\Media\SynTPLpr.exe
2005-02-02 13:11 692316 --a------ c:\program files\Synaptics\SynTP\SynTPEnh.exe
2005-02-02 13:11 692316 --a------ c:\program files\Synaptics\SynTP\Media\SynTPEnh.exe
2005-02-02 13:03 5947484 --a------ c:\program files\Synaptics\SynTP\SynTPCpl.dll
2005-02-02 13:03 5947484 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCpl.dll
2005-02-02 13:02 41065 --a------ c:\program files\Synaptics\SynTP\SynTPCOM.dll
2005-02-02 13:02 41065 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCOM.dll
2005-02-02 13:02 3524721 --a------ c:\program files\Synaptics\SynTP\SynCntxt.rtf
2005-02-02 13:02 3524721 --a------ c:\program files\Synaptics\SynTP\Media\SynCntxt.rtf
2005-02-02 13:01 90204 --a------ c:\program files\Synaptics\SynTP\Media\SynTPAPI.dll
2005-02-02 13:01 82015 --a------ c:\program files\Synaptics\SynTP\Media\SynCom.dll
2005-02-02 13:01 114688 --a------ c:\program files\Synaptics\SynTP\Media\SynCtrl.dll
2005-02-02 12:58 191456 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.sys
2005-02-02 12:58 163840 --a------ c:\program files\Synaptics\SynTP\SynZMetr.exe
2005-02-02 12:58 163840 --a------ c:\program files\Synaptics\SynTP\Media\SynZMetr.exe
2005-02-02 12:57 147456 --a------ c:\program files\Synaptics\SynTP\SynMood.exe
2005-02-02 12:57 147456 --a------ c:\program files\Synaptics\SynTP\Media\SynMood.exe
2003-08-15 14:21 792 --a------ c:\program files\Synaptics\SynTP\Media\setup.iss
2003-06-18 17:24 168448 --a------ c:\program files\Synaptics\SynTP\Media\Setup.exe
2001-09-05 04:24 344923 --a------ c:\program files\Synaptics\SynTP\Media\ikernel.ex_
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-26 36864]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-11-06 190024]
"msnmsgr"="c:\progra~1\MSNMES~1\msnmsgr.exe" [2007-01-19 5674352]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 794624]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-08 339968]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"News Service"="c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 372736]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"sady"="c:\program files\CONEXANT\sady77798.exe" [2007-08-07 163840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 53248]
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-26 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm "= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\lphant\\eLePhantClient.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-29 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\Av_Fw\HIPS\fshs.sys [2008-10-29 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\Av_Fw\Anti-Virus\minifilter\fsgk.sys [2008-04-23 62048]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2008-04-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2008-04-23 25184]
.
Contenu du dossier 'Tâches planifiées'
2008-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-30 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-03 10:04]
2008-11-06 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]
2008-11-06 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 21:47:00
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????8?2?0?0??????? ???B?????????????H<C? ??????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-06 21:49:00
ComboFix-quarantined-files.txt 2008-11-06 20:48:26
ComboFix2.txt 2008-11-05 20:32:34
Avant-CF: 19 928 817 664 octets libres
Après-CF: 19,917,725,696 octets libres
222 --- E O F --- 2008-10-24 22:32:15
Voila le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:14, on 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\CONEXANT\sady77798.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSLAUNCHER0.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [sady] C:\Program Files\CONEXANT\sady77798.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bw+0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 22841 bytes
ComboFix 08-11-04.02 - ABRUZZESE Nicolas 2008-11-06 21:44:18.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.566 [GMT 1:00]
Lancé depuis: c:\documents and settings\ABRUZZESE Nicolas\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\ABRUZZESE Nicolas\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé
FILE ::
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\ABRUZZESE Nicolas\Application Data\wklnhst.dat
c:\program files\Synaptics\kymarixa777444.dll
.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-06 au 2008-11-06 ))))))))))))))))))))))))))))))))))))
.
2008-11-05 14:46 . 2008-11-05 14:46 <REP> d-------- c:\program files\Trend Micro
2008-10-24 14:04 . 2008-10-24 14:10 <REP> d-------- c:\program files\Paint.NET
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 20:44 --------- d-----w c:\program files\Synaptics
2008-11-05 20:17 --------- d-----w c:\program files\Intel
2008-11-03 00:00 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\uTorrent
2008-10-30 17:32 --------- d-----w c:\program files\Easy Internet signup
2008-10-29 10:03 51,072 ----a-w c:\windows\system32\drivers\fsdfw.sys
2008-10-29 10:03 30,016 ----a-w c:\windows\system32\drivers\fsndis5.sys
2008-10-18 17:05 --------- d-----w c:\program files\LimeWire
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-09-27 19:57 --------- d-----w c:\documents and settings\ABRUZZESE Nicolas\Application Data\F-Secure
2008-09-25 18:11 --------- d-----w c:\program files\iTunes
2008-09-25 18:11 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 18:10 --------- d-----w c:\program files\iPod
2008-09-25 18:08 --------- d-----w c:\program files\QuickTime
2008-09-25 18:08 --------- d-----w c:\program files\Bonjour
2008-09-25 18:07 --------- d-----w c:\program files\Fichiers communs\Apple
2008-09-25 18:04 --------- d-----w c:\program files\Apple Software Update
2008-09-25 18:03 --------- d-----w c:\documents and settings\All Users\Application Data\Apple
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-09-10 14:45 32,000 ----a-w c:\windows\system32\drivers\usbaapl.sys
2008-08-29 08:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-08-29 07:53 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
2008-08-14 13:44 2,182,400 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:44 2,138,112 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:44 2,059,776 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:44 2,017,792 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2008-05-17 17:18 0 ----a-w c:\program files\temp01
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\Synaptics ----
2008-02-28 02:54 217088 --a------ c:\program files\Synaptics\kymarixa777444.dll
2005-03-10 11:23 13242 --a------ c:\program files\Synaptics\SynTP\Media\SP29913.cva
2005-03-10 03:49 17800 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.cat
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\SynUnst.ini
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\Media\SynUnst.ini
2005-02-02 17:02 43208 --a------ c:\program files\Synaptics\SynTP\Media\SynPD.inf
2005-02-02 13:23 536 --a------ c:\program files\Synaptics\SynTP\Media\layout.bin
2005-02-02 13:23 512 --a------ c:\program files\Synaptics\SynTP\Media\data2.cab
2005-02-02 13:23 4654 --a------ c:\program files\Synaptics\SynTP\Media\SynHid.inf
2005-02-02 13:23 3966 --a------ c:\program files\Synaptics\SynTP\Media\US\ReadMe.txt
2005-02-02 13:23 3966 --a------ c:\program files\Synaptics\SynTP\Media\ReadMe.txt
2005-02-02 13:23 384 --a------ c:\program files\Synaptics\SynTP\Media\Setup.ini
2005-02-02 13:23 2720 --a------ c:\program files\Synaptics\SynTP\Media\IT\ReadMe.txt
2005-02-02 13:23 27170 --a------ c:\program files\Synaptics\SynTP\Media\data1.hdr
2005-02-02 13:23 2693 --a------ c:\program files\Synaptics\SynTP\Media\FR\ReadMe.txt
2005-02-02 13:23 2685 --a------ c:\program files\Synaptics\SynTP\Media\GR\ReadMe.txt
2005-02-02 13:23 2673 --a------ c:\program files\Synaptics\SynTP\Media\NL\ReadMe.txt
2005-02-02 13:23 2655 --a------ c:\program files\Synaptics\SynTP\Media\LS\ReadMe.txt
2005-02-02 13:23 2552 --a------ c:\program files\Synaptics\SynTP\Media\BP\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\NO\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\FI\ReadMe.txt
2005-02-02 13:23 2471 --a------ c:\program files\Synaptics\SynTP\Media\DK\ReadMe.txt
2005-02-02 13:23 2465 --a------ c:\program files\Synaptics\SynTP\Media\SE\ReadMe.txt
2005-02-02 13:23 2199 --a------ c:\program files\Synaptics\SynTP\Media\TH\ReadMe.txt
2005-02-02 13:23 2111 --a------ c:\program files\Synaptics\SynTP\Media\JP\ReadMe.txt
2005-02-02 13:23 2039 --a------ c:\program files\Synaptics\SynTP\Media\KR\ReadMe.txt
2005-02-02 13:23 2033 --a------ c:\program files\Synaptics\SynTP\Media\SC\ReadMe.txt
2005-02-02 13:23 1778218 --a------ c:\program files\Synaptics\SynTP\Media\data1.cab
2005-02-02 13:23 161950 --a------ c:\program files\Synaptics\SynTP\Media\setup.inx
2005-02-02 13:23 1523 --a------ c:\program files\Synaptics\SynTP\Media\TC\ReadMe.txt
2005-02-02 13:23 124469 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.ini
2005-02-02 13:14 81920 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCo2.dll
2005-02-02 13:14 69632 --a------ c:\program files\Synaptics\SynTP\Media\InstNT.exe
2005-02-02 13:14 69632 --a------ c:\program files\Synaptics\SynTP\InstNT.exe
2005-02-02 13:13 548864 --a------ c:\program files\Synaptics\SynTP\SynISDLL.dll
2005-02-02 13:13 548864 --a------ c:\program files\Synaptics\SynTP\Media\SynISDLL.dll
2005-02-02 13:12 8646 --a------ c:\program files\Synaptics\SynTP\SynTPEnh.ini
2005-02-02 13:12 8646 --a------ c:\program files\Synaptics\SynTP\Media\SynTPEnh.ini
2005-02-02 13:12 69724 --a------ c:\program files\Synaptics\SynTP\Media\SynTPFcs.dll
2005-02-02 13:12 212992 --a------ c:\program files\Synaptics\SynTP\Tutorial.exe
2005-02-02 13:12 212992 --a------ c:\program files\Synaptics\SynTP\Media\Tutorial.exe
2005-02-02 13:12 102492 --a------ c:\program files\Synaptics\SynTP\SynTPLpr.exe
2005-02-02 13:12 102492 --a------ c:\program files\Synaptics\SynTP\Media\SynTPLpr.exe
2005-02-02 13:11 692316 --a------ c:\program files\Synaptics\SynTP\SynTPEnh.exe
2005-02-02 13:11 692316 --a------ c:\program files\Synaptics\SynTP\Media\SynTPEnh.exe
2005-02-02 13:03 5947484 --a------ c:\program files\Synaptics\SynTP\SynTPCpl.dll
2005-02-02 13:03 5947484 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCpl.dll
2005-02-02 13:02 41065 --a------ c:\program files\Synaptics\SynTP\SynTPCOM.dll
2005-02-02 13:02 41065 --a------ c:\program files\Synaptics\SynTP\Media\SynTPCOM.dll
2005-02-02 13:02 3524721 --a------ c:\program files\Synaptics\SynTP\SynCntxt.rtf
2005-02-02 13:02 3524721 --a------ c:\program files\Synaptics\SynTP\Media\SynCntxt.rtf
2005-02-02 13:01 90204 --a------ c:\program files\Synaptics\SynTP\Media\SynTPAPI.dll
2005-02-02 13:01 82015 --a------ c:\program files\Synaptics\SynTP\Media\SynCom.dll
2005-02-02 13:01 114688 --a------ c:\program files\Synaptics\SynTP\Media\SynCtrl.dll
2005-02-02 12:58 191456 --a------ c:\program files\Synaptics\SynTP\Media\SynTP.sys
2005-02-02 12:58 163840 --a------ c:\program files\Synaptics\SynTP\SynZMetr.exe
2005-02-02 12:58 163840 --a------ c:\program files\Synaptics\SynTP\Media\SynZMetr.exe
2005-02-02 12:57 147456 --a------ c:\program files\Synaptics\SynTP\SynMood.exe
2005-02-02 12:57 147456 --a------ c:\program files\Synaptics\SynTP\Media\SynMood.exe
2003-08-15 14:21 792 --a------ c:\program files\Synaptics\SynTP\Media\setup.iss
2003-06-18 17:24 168448 --a------ c:\program files\Synaptics\SynTP\Media\Setup.exe
2001-09-05 04:24 344923 --a------ c:\program files\Synaptics\SynTP\Media\ikernel.ex_
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2006-07-26 36864]
"LogitechSoftwareUpdate"="c:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]
"Creative Detector"="c:\program files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 102400]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2006-11-06 190024]
"msnmsgr"="c:\progra~1\MSNMES~1\msnmsgr.exe" [2007-01-19 5674352]
"Veoh"="c:\program files\Veoh Networks\Veoh\VeohClient.exe" [2008-08-28 3660848]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_02\bin\jusched.exe" [2005-03-04 36975]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-04-01 794624]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-03-08 339968]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2005-02-02 102492]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-02-02 692316]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 49152]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2004-10-22 229438]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"eabconfg.cpl"="c:\program files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 290816]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="c:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="c:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"F-Secure Manager"="c:\program files\Securitoo\Av_Fw\Common\FSM32.EXE" [2008-04-23 182936]
"F-Secure TNB"="c:\program files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" [2008-04-23 744032]
"News Service"="c:\program files\Securitoo\Av_Fw\FSGUI\ispnews.exe" [2004-05-06 372736]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744]
"Adobe Photo Downloader"="c:\program files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 57344]
"sady"="c:\program files\CONEXANT\sady77798.exe" [2007-08-07 163840]
"PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-03-15 233472]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-09-10 289576]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]
c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
D‚marrage rapide du logiciel HP Image Zone.lnk - c:\program files\Hp\Digital Imaging\bin\hpqthb08.exe [2004-11-04 53248]
HP Digital Imaging Monitor.lnk - c:\program files\Hp\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2006-07-26 196608]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= c:\progra~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm
"msacm.ulmp3acm"= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm
"msacm.mpegacm "= c:\progra~1\FICHIE~1\ULEADS~1\MPEG\mpegacm.acm
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"c:\\Program Files\\lphant\\eLePhantClient.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\VirtualDJ\\virtualdj_trial.exe"=
"c:\\Program Files\\TVAnts\\Tvants.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
R0 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2008-10-29 51072]
R1 F-Secure HIPS;F-Secure HIPS;c:\program files\Securitoo\Av_Fw\HIPS\fshs.sys [2008-10-29 41184]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\Securitoo\Av_Fw\Anti-Virus\minifilter\fsgk.sys [2008-04-23 62048]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSfilter.sys [2008-04-23 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\Securitoo\Av_Fw\Anti-Virus\Win2K\FSrec.sys [2008-04-23 25184]
.
Contenu du dossier 'Tâches planifiées'
2008-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]
2008-10-30 c:\windows\Tasks\Connexion facile à Internet.job
- c:\program files\Easy Internet signup\HPSdpApp.exe [2005-03-03 10:04]
2008-11-06 c:\windows\Tasks\HPpromotions journeysoftware.job
- c:\program files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [2005-04-22 17:36]
2008-11-06 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~1\SECURI~1\Av_Fw\ANTI-V~1\fsav.exe [2008-04-23 17:11]
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 21:47:00
Windows 5.1.2600 Service Pack 2 NTFS
Recherche de processus cachés ...
Recherche d'éléments en démarrage automatique cachés ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe????????8?2?0?0??????? ???B?????????????H<C? ??????
Recherche de fichiers cachés ...
Scan terminé avec succès
Fichiers cachés: 0
**************************************************************************
.
Heure de fin: 2008-11-06 21:49:00
ComboFix-quarantined-files.txt 2008-11-06 20:48:26
ComboFix2.txt 2008-11-05 20:32:34
Avant-CF: 19 928 817 664 octets libres
Après-CF: 19,917,725,696 octets libres
222 --- E O F --- 2008-10-24 22:32:15
Voila le rapport hijackthis :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:54:14, on 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\FSGK32.EXE
C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_02\bin\jucheck.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\CONEXANT\sady77798.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HPQ\SHARED\HPQWMI.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Securitoo\Av_Fw\Common\FSLAUNCHER0.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Securitoo\Av_Fw\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Securitoo\Av_Fw\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Securitoo\Av_Fw\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [sady] C:\Program Files\CONEXANT\sady77798.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRA~1\MSNMES~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDown...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bw+0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2A6593E3-083B-4DCA-8521-F2290B477916} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Securitoo\Av_Fw\Common\FSMA32.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
--
End of file - 22841 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumFenetres intepestives sur internet
- ForumProbleme windows internet explorer
- ForumInternet explorer rame grave
- ForumInternet explorer avertissement de sécurité
- ForumConnexion orange internet explorer
- ForumDésactiver sécurité internet explorer
- ForumFenêtre intempestive internet explorer
- ForumOuverture intempestive internet explorer windows
- ForumMon internet explorer ferme tout seul
- ForumMicrosoft internet explorer ne repond pas
- Voir plus
