Probleme trojan win32.hrup.a svp! résolu!
Forum Sécurité - Virus : Probleme trojan win32.hrup.a svp! résolu!
bonjours j'ai fait une analyse avec mbam qui ma trouvé 20 infections!!! voila le rapport:
Malwarebytes' Anti-Malware 1.37
Version de la base de données: 2232
Windows 5.1.2600 Service Pack 3
05/06/2009 08:02:06
mbam-log-2009-06-05 (08-02-06).txt
Type de recherche: Examen rapide
Eléments examinés: 77153
Temps écoulé: 8 minute(s), 29 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 3
Fichier(s) infecté(s): 12
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{86c510e9-97ef-4749-914f-0280247be3a6} (Adware.WebDir) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c
windows/downloaded program files/uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\c:\WINDOWS\downloaded program files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\Program Files\RegistrySmart (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Log (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Registry Backups (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
c:\documents and settings\julien\local settings\application data\ssycews_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\julien\local settings\application data\ssycews_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\julien\local settings\application data\ssycews.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\documents and settings\julien\local settings\application data\ssycews.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Log\log_2006_11_06_16_05_24.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Log\log_2006_11_06_16_05_44.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Log\log_2006_11_06_16_05_46.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\Log\log_2006_11_06_16_05_50.eklog (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\program files\registrysmart\registry backups\2006-11-06_16-09-13.reg (Rogue.RegistrySmart) -> Quarantined and deleted successfully.
c:\WINDOWS\downloaded program files\uninst.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecB.fon (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Fonts\acrsecI.fon (Trojan.Agent) -> Quarantined and deleted successfully.
j'ajoute un raport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:57:41, on 05/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AskBarDis\bar\bin\AskService.exe
C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.unika.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://p.gaystage.com/eg_pop_exit.htm?idw=102
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawfl [...] awflow.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - http://www.pixaco.fr/static/downlo [...] upload.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://xyphos71.spaces.live.com//P [...] nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se5036.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/s [...] TPTest.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://xyphos71.spaces.live.com/Ph [...] nPUpld.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_4_9.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadM [...] ownMan.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.ville.orange.fr/CO/ac [...] ontrol.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: bw+0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
--
End of file - 22442 bytes
et ce matin j'ai encore des alerte de se type: code dangereux detecté dans le fichier c PROGRAM.../fenunika.oxe trojan.win32.vb.fhg action: echec
c grave??? merci d'avance!
salut...en repos angeldark aujourd'hui??? 
Euh j'ai cours hein, j'ai une vie aussi 
Relance Toolbar-S&D en double-cliquant sur le raccourci.
- Choisis cette fois l'option 2 puis valide en appuyant sur Entrée.
! Ne ferme pas la fenêtre lors de la suppression !
- Un rapport sera généré, poste son contenu ici, puis un nouveau rapport HijackThis.
Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
Tapes explorer et valide. Cela te fera apparaitre ton bureau
&
Télécharge Navilog (de Il-Mafioso)
- Enregistre-le sur ton Bureau.
- Installe-le en double cliquant sur navilog.exe.
- Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
- Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
! N'utilise pas l'option 2, 3 et 4 sans notre accord !
- Patiente jusqu'à l'apparition de ce message :
*** Analyse Termine le ..... ***
- Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste le rapport ici.
- Poste le rapport généré.
Le rapport se trouve ici : C:\fixnavi.txt
Répondre à Angeldark
alors super longue analyse mai bon je sui patient...j'ai encore des fenetre d'alerte qui s'ouvre regulierement du genre: code dangereux detecté dans le fichier cprogram file.../zfbmru.oxe ou aussi csystem vol.../a0653568.oxe trojan win32.hrup.a et action:echec..... je ne sai pas si c'est le virus qui ataque???
le rapport kaspersky:
KASPERSKY ON-LINE SCANNER REPORT
Sunday, June 07, 2009 5:21:41 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 3 (Build 2600)
Kaspersky On-line Scanner version : 5.0.84.2
Dernière mise à jour de la base antivirus Kaspersky : 7/06/2009
Enregistrements dans la base antivirus Kaspersky : 2098998
-------------------------------------------------------------------------------
Paramètres d'analyse:
Analyser avec la base antivirus suivante: standard
Analyser les archives: vrai
Analyser les bases de messagerie: vrai
Cible de l'analyse - Poste de travail:
C:\
D:\
E:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse:
Total d'objets analysés: 80334
Nombre de virus trouvés: 0
Nombre d'objets infectés: 0 / 0
Nombre d'objets suspects: 0
Durée de l'analyse: 02:16:27
Nom de l'objet infecté / Nom du virus / Dernière action
C:\Documents and Settings\All Users\Application Data\F-Secure\logs\FSMA\fsma.log L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\IETldCache\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\CardSpace\CardSpace.db.shadow L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\CardSpace\CardSpaceSP2.db.shadow L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Aujourd'hui sur MSN~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\France Télévisions~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Galerie de composants Web Slice~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Actualités~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Bourse~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Horoscope~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Météo (2)~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Météo~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\MSN Vidéo~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Feeds\{5588ACFD-6436-411B-A5CE-666AE6A92D3D}~\WebSlices~\Sites suggérés~.feed-ms L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\RecoveryStore.{9CDBC5ED-535D-11DE-93DE-005070350983}.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Internet Explorer\Recovery\Active\{6E25B1FA-535F-11DE-93DE-005070350983}.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\Perflib_Perfdata_56c.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF3CDB.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF5BFB.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF5C19.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF72D3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF861B.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF87F7.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF881C.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF88A8.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF88BE.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF890A.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8920.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8A3C.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8A52.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8A9C.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8AF3.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8B3F.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8B55.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8C71.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8C87.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8D18.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8D2E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8D78.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DF8D8E.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temp\~DFBED8.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\Local Settings\Temporary Internet Files\SuggestedSites.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\julien\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Anti-Virus\dbupdate.log L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Anti-Virus\deleteme_msg.log L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe.Qrt.log L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Anti-Virus\power.dat L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Common\policy.bpf L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\Common\policy.ipf L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.dbg L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.log L'objet est verrouillé ignoré
C:\Program Files\AntivirusFirewall\FSAUA\program\fsbwupst.log L'objet est verrouillé ignoré
C:\Program Files\FenAffiche\FenUnika.0xe L'objet est verrouillé ignoré
C:\Program Files\Navilog1\Backupnavi\zfbmru.0xe L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{BE468811-B5E7-474C-BDAB-971573B8EE50}\RP1602\A0653568.0xe L'objet est verrouillé ignoré
C:\System Volume Information\_restore{BE468811-B5E7-474C-BDAB-971573B8EE50}\RP1609\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
Analyse terminée.
et le rapport hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:51, on 07/06/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE
C:\Program Files\AntivirusFirewall\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AntivirusFirewall\Common\FCH32.EXE
C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE
C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe
C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe
C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe
C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
C:\Program Files\AntivirusFirewall\FSAUA\program\fsus.exe
C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.unika.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AdobeUpdater] "C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OrangePlayer] c:\program files\orange\player orange\Orange Player.exe /systray (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/too [...] ontrol.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawfl [...] awflow.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} (CamfrogWEB Advanced Unicode Control) - http://activex.camfrogweb.com/adva [...] module.exe
O16 - DPF: {2EF3FB47-7B1E-4536-BA4D-51427BD45DFA} - http://www.pixaco.fr/static/downlo [...] upload.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www3.snapfish.fr/SnapfishActivia.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://xyphos71.spaces.live.com//P [...] nPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/r [...] se5036.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {79E0C1C0-316D-11D5-A72A-006097BFA1AC} (EPSON Web Printer-SelfTest Control Class) - http://esupport.epson-europe.com/s [...] TPTest.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://xyphos71.spaces.live.com/Ph [...] nPUpld.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com [...] _0_4_9.cab
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.virginmega.fr/DownloadM [...] ownMan.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://paris.ville.orange.fr/CO/ac [...] ontrol.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicma [...] Plugin.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://www.mypix.com/fr/fr/importer/ImageUploader4.cab
O18 - Protocol: bw+0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A7ABAC26-7F88-4034-8AD4-4B0FB45C1DFD} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\ORSP Client\fsorsp.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
--
End of file - 22051 bytes
merci!
Bonne continuation
Répondre à Angeldark
