Se connecter / S'enregistrer
Votre question

Keylogger probable... [Résolu]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Octobre 2008 19:00:56

Salut, je viens vers vous car ce site m'a deja aidé à resoudre des problemes de virus.

Cette fois, le probleme est tout autre.
Je vous explique : j'ai cliquer sur un lien alors que j'étais sur le forum de WoW et là mon antivirus (Antivir) s'est enclenché pour que je choisisse une action et j'ai choisis supprimer. Quelques minutes plus tard, un mec post ceci: "ne cliquez surtout pas sur le lien ci dessus, c'est un keylogger !"
Cela est assez contraignant sachant que celui qui a fait ça le fait pour hacker des comptes et que j'ai cliquer comme un idiot.

Apres un scan de Malwarebytes' Anti-Malware j'ai vu que j'avais 4 dossiers infectés...je les ai supprimé.
Ensuite avec Antivir, 2 virus ont été trouvé, je les ai mis en quarantaine.
Depuis j'ai scané encore une fois avec chacun des 2 programmes et je n'ai rien trouvé.

Mais j'ai toujours peur que ce keylogger soit present sur mon PC.
J'ai alors telecharger un peu tout et n'importe quoi (Anti-keylogger ; Keylogger Detector) mais je ne comprends pas trop l'utilité de ces programmes.
Par exemple, avec Keylogger Director, il y a des petites icones noir qui s'affichent. Peut etre sont-elles censées représenter les programmes malveillant...seulement ces programmes sont parfois des programme indispensable au bon fonctionnement de mon PC (comme le volume si je me souviens bien).

Enfin voila, ma 1ere question serait la suivante : comment puis-je etre sur de la presence d'un keylogger sur mon ordinateur ?
Ma seconde question (si la 1ere se confirme) est la suivante : comment puis-je detruire ce keylogger et etre enfin tranquille ?

Autres pages sur : keylogger probable resolu

9 Octobre 2008 19:43:49

bonsoir

Citation :
comment puis-je etre sur de la presence d'un keylogger sur mon ordinateur ?

il faut le chercher :) 


Citation :
comment puis-je detruire ce keylogger et etre enfin tranquille ?

il faut trouver :) 

++++++++++++++

1
Télécharge puis installe Hijackthis (Trend Micro)
AIDE : Comment utiliser Hijackthis v2.0.2

pas la peine de poster un rapport, il sera généré par l'outil suivant. :) 

2

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.
  • Double-clique sur RSIT.exe afin de lancer RSIT.
  • Clique Continue à l'écran Disclaimer.
  • Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera (autorise l'accès dans ton pare-feu, si demandé) et tu devras accepter la licence.
  • Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
    ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  • NB : Les rapports sont sauvegardés dans le dossier C:\rsit
  • Veille bien à me poster l'intégralité des rapports, vérifie qu'ils soient complets une fois que tu les as postés.
    9 Octobre 2008 20:03:00

    Héhé, à question bête réponse bête hein ^^.
    Plus serieusement, merci beaucoup pour la reactivité.
    Je viens de suivre les instructions.

    Le rapport log.txt :
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by pragot at 2008-10-09 19:57:09
    Microsoft Windows XP Édition familiale Service Pack 3
    System drive C: has 169 GB (71%) free of 238 GB
    Total RAM: 2046 MB (17% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:57:21, on 09/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\system32\lvcomsx.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Anti-keylogger\Anti-keylogger.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Warhammer Online - Age of Reckoning\WAR.exe
    C:\Documents and Settings\pragot\Bureau\RSIT.exe
    C:\Documents and Settings\pragot\Bureau\pragot.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Anti-keylogger] C:\Program Files\Anti-keylogger\Anti-keylogger.exe /autorun
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/curre...
    O18 - Protocol: bw+0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 21721 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-06-23 2582136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll [2008-09-11 737776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-06-23 2582136]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-12-05 8523776]
    "nwiz"=nwiz.exe /install []
    "NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-12-05 81920]
    "KBD"=C:\HP\KBD\KBD.EXE [2005-02-02 61440]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-05-11 49152]
    "LogitechCameraAssistant"=C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-12-07 489472]
    "LogitechVideo[inspector]"=C:\Program Files\Logitech\Video\InstallHelper.exe [2005-12-07 73728]
    "LogitechCameraService(E)"=C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144]
    "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
    "SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2008-06-18 77824]
    "AlcWzrd"=C:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
    "Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
    "AppleSyncNotifier"=C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-07-10 116040]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
    "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-07-10 289064]
    "LVCOMSX"=C:\WINDOWS\system32\LVCOMSX.EXE [2005-12-09 225280]
    "avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
    "Anti-keylogger"=C:\Program Files\Anti-keylogger\Anti-keylogger.exe [2008-08-11 279040]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-06-23 68856]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "LDM"=C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-07-04 32768]
    "BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2008-10-02 289088]

    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage
    Démarrage rapide du logiciel HP Image Zone.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    TV Remote Control.lnk - C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe

    C:\Documents and Settings\pragot\Menu Démarrer\Programmes\Démarrage
    OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.12.0-frFR-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe"="C:\Program Files\World of Warcraft\WoW-1.12.x-to-2.0.1-frFR-patch-downloader.exe:*:Enabled:Blizzard Downloader"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
    "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
    "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:D isabled:Logitech Desktop Messenger"
    "C:\Program Files\ma-config.com\maconfservice.exe"="C:\Program Files\ma-config.com\maconfservice.exe:LocalSubNet:Enabled:maconfservice"
    "C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
    "C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:Exécuter une DLL en tant qu'application"
    "C:\Program Files\Steam\SteamApps\stixteamakira\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\stixteamakira\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
    "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\Steam\SteamApps\the_demon_king\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\the_demon_king\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\TVUPlayer\TVUPlayer.exe"="C:\Program Files\TVUPlayer\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
    "C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:D isabled:NetXfer Download Manager"
    "C:\Program Files\Steam\SteamApps\nico_l_asdu24\counter-strike source\hl2.exe"="C:\Program Files\Steam\SteamApps\nico_l_asdu24\counter-strike source\hl2.exe:*:Enabled:hl2"
    "C:\Program Files\SopCast\adv\SopAdver.exe"="C:\Program Files\SopCast\adv\SopAdver.exe:*:Enabled:SopCast Adver"
    "C:\Program Files\SopCast\SopCast.exe"="C:\Program Files\SopCast\SopCast.exe:*:Enabled:SopCast Main Application"
    "C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
    "C:\Program Files\Steam\SteamApps\nico_l_asdu24\source dedicated server\srcds.exe"="C:\Program Files\Steam\SteamApps\nico_l_asdu24\source dedicated server\srcds.exe:*:Enabled:srcds"
    "C:\srcds\srcds.exe"="C:\srcds\srcds.exe:*:Enabled:srcds"
    "C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:D NA"
    "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
    "C:\Program Files\Deep Silver\Sacred 2 - Demo\system\s2gs.exe"="C:\Program Files\Deep Silver\Sacred 2 - Demo\system\s2gs.exe:*:Enabled:Sacred 2 Game Server"
    "C:\Program Files\Deep Silver\Sacred 2 - Demo\system\sacred2.exe"="C:\Program Files\Deep Silver\Sacred 2 - Demo\system\sacred2.exe:*:Enabled:Sacred 2"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
    "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

    ======List of files/folders created in the last 1 months======

    2008-10-09 19:57:09 ----D---- C:\rsit
    2008-10-09 12:11:57 ----D---- C:\Program Files\Anti-keylogger
    2008-10-09 12:01:20 ----D---- C:\Program Files\Flyos
    2008-10-08 22:40:44 ----D---- C:\Documents and Settings\pragot\Application Data\Malwarebytes
    2008-10-08 22:40:40 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-08 22:40:39 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-02 18:37:38 ----A---- C:\WINDOWS\system32\CmdLineExt.dll
    2008-10-02 18:36:39 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
    2008-10-02 18:36:39 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
    2008-10-02 18:36:38 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
    2008-10-02 18:36:38 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
    2008-10-02 18:36:38 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
    2008-10-02 18:36:37 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
    2008-10-02 18:36:36 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
    2008-10-02 18:36:36 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
    2008-10-02 18:36:36 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
    2008-10-02 18:36:35 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
    2008-10-02 18:36:35 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
    2008-10-02 18:36:35 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
    2008-10-02 18:36:34 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
    2008-10-02 18:35:44 ----D---- C:\WINDOWS\Logs
    2008-10-02 18:35:44 ----A---- C:\WINDOWS\system32\wrap_oal.dll
    2008-10-02 18:35:44 ----A---- C:\WINDOWS\system32\OpenAL32.dll
    2008-10-02 18:30:39 ----D---- C:\WINDOWS\system32\AGEIA
    2008-10-02 18:30:37 ----D---- C:\Program Files\AGEIA Technologies
    2008-10-02 18:30:27 ----D---- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-10-02 16:25:58 ----D---- C:\Program Files\DNA
    2008-10-02 16:25:58 ----D---- C:\Documents and Settings\pragot\Application Data\DNA
    2008-09-27 14:57:09 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
    2008-09-27 14:57:08 ----D---- C:\Program Files\Avira
    2008-09-26 22:24:44 ----A---- C:\cleannavi.txt
    2008-09-26 22:23:19 ----D---- C:\Program Files\Navilog1
    2008-09-26 19:39:14 ----D---- C:\Documents and Settings\pragot\Application Data\Mozilla
    2008-09-21 17:11:39 ----D---- C:\Program Files\Valve
    2008-09-18 12:24:35 ----D---- C:\Warhammer Online - Age of Reckoning
    2008-09-18 12:24:07 ----D---- C:\Program Files\Fichiers communs\SWF Studio
    2008-09-18 12:24:06 ----SHD---- C:\Documents and Settings\pragot\Application Data\.#

    ======List of files/folders modified in the last 1 months======

    2008-10-09 18:46:36 ----D---- C:\WINDOWS\Temp
    2008-10-09 16:39:15 ----D---- C:\Documents and Settings\pragot\Application Data\OpenOffice.org2
    2008-10-09 16:39:14 ----D---- C:\WINDOWS
    2008-10-09 16:38:50 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-09 12:58:34 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-10-09 12:11:58 ----D---- C:\WINDOWS\system32\drivers
    2008-10-09 12:11:57 ----RD---- C:\Program Files
    2008-10-09 12:11:52 ----D---- C:\WINDOWS\system32
    2008-10-09 12:04:47 ----D---- C:\WINDOWS\Prefetch
    2008-10-09 12:01:22 ----SHD---- C:\WINDOWS\Installer
    2008-10-09 12:01:22 ----HD---- C:\Config.Msi
    2008-10-09 09:42:37 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-10-08 21:05:45 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-08 13:51:25 ----D---- C:\Program Files\Steam
    2008-10-06 16:51:30 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-02 18:36:41 ----D---- C:\WINDOWS\system32\DirectX
    2008-10-02 18:36:39 ----HD---- C:\WINDOWS\inf
    2008-10-02 18:36:19 ----RSD---- C:\WINDOWS\assembly
    2008-10-02 18:31:31 ----D---- C:\WINDOWS\WinSxS
    2008-10-02 18:30:51 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-10-02 18:30:27 ----D---- C:\Program Files\Fichiers communs
    2008-10-02 16:37:53 ----D---- C:\Documents and Settings\pragot\Application Data\LimeWire
    2008-10-02 10:52:09 ----D---- C:\Program Files\World of Warcraft
    2008-09-27 14:54:25 ----D---- C:\Program Files\Alwil Software
    2008-09-24 14:10:13 ----D---- C:\WINDOWS\network diagnostic

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
    R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
    R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 40576]
    R1 krnl_akl;krnl_akl; \??\C:\WINDOWS\system32\drivers\krnl_akl.sys []
    R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
    R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
    R3 3xHybrid;ASUSTek SAA713x PCI Card; C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-12-28 2831616]
    R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-06-13 507424]
    R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
    R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-12-11 242320]
    R3 EnumHook2;Enumerate Global Windows Service 2; \??\C:\WINDOWS\system32\drivers\dHook.sys []
    R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
    R3 HDAudBus;Pilote de bus Microsoft UAA pour High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
    R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys []
    R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-12-05 7435392]
    R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-12 19072]
    R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S2 ASInsHelp;ASInsHelp; \??\C:\WINDOWS\system32\drivers\AsInsHelp32.sys []
    S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 driverhardwarev2;driverhardwarev2; \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys []
    S3 EagleNT;EagleNT; \??\C:\WINDOWS\system32\drivers\EagleNT.sys []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744]
    S3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys []
    S3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys []
    S3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-12-06 39424]
    S3 MPE;Filtre BDA MPE; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-13 15232]
    S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 pepifilter;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2005-12-06 7136]
    S3 PID_08A0;QuickCam IM(PID_08A0); C:\WINDOWS\system32\DRIVERS\LV302AV.SYS [2005-12-06 916096]
    S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2007-07-03 80552]
    S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2007-07-03 11944]
    S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2007-07-03 106792]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 WN5301;LIteon Wireless PCI Network Adapter Service; C:\WINDOWS\system32\DRIVERS\wn5301.sys [2005-10-05 468768]
    S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
    R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-07-10 116040]
    R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2007-07-24 229376]
    R2 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-23 137200]
    R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-12-09 81920]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-12-05 155716]
    R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
    R3 iPod Service;Service de l'iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-07-10 532264]
    S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
    S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
    S3 maconfservice;Ma-Config Service; C:\Program Files\ma-config.com\maconfservice.exe [2008-06-26 576680]
    S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe [2007-05-08 271920]
    S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

    -----------------EOF-----------------


    Le rapport info.txt :
    info.txt logfile of random's system information tool 1.04 2008-10-09 19:57:25

    ======Uninstall list======

    -->C:\Program Files\Nero\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
    -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
    -->MsiExec /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
    Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Age of Conan : Hyborian Adventures-->"C:\Program Files\Funcom\Age of Conan\unins000.exe"
    AGEIA PhysX v7.11.13-->MsiExec.exe /X{95FC26FB-19FD-4A96-BBB1-B1062E8648F5}
    ALUpdate-->"C:\Program Files\ESTsoft\ALUpdate\unins000.exe"
    Anti-keylogger-->C:\Program Files\Anti-keylogger\Anti-keylogger.exe /uninstall
    Apple Mobile Device Support-->MsiExec.exe /I{35B91753-5789-4517-9CF1-2CCE3A8CF4F1}
    Apple Software Update-->MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
    Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
    ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}\setup.exe" -l0x40c -uninst
    Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    ASUS Hybrid Capture Device-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6FB17451-D5A4-4651-AC17-A6713F7234BA}\Setup.exe" -l0x9
    AusLogics Disk Defrag-->"C:\Program Files\AusLogics Disk Defrag\unins000.exe"
    Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
    Bonjour-->MsiExec.exe /I{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}
    CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
    Counter-Strike: Source-->"C:\Program Files\Steam\steam.exe" steam://uninstall/240
    Counter-Strike: Source-->MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
    DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DVD Suite-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
    Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
    EVEREST Ultimate Edition v4.50-->"C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"
    Favorit-->"c:\documents and settings\nicolas\local settings\application data\ugqsw.exe" -uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
    Guitar Pro 4.0-->C:\PROGRA~1\GUITAR~1\UNWISE.EXE C:\PROGRA~1\GUITAR~1\INSTALL.LOG
    Guitar Pro 5.0-->"C:\Program Files\Guitar Pro 5\unins000.exe"
    Half-Life Dedicated Server Update Tool-->C:\srcds\UNWISE.EXE C:\srcds\INSTALL.LOG
    High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
    HijackThis 2.0.2-->"C:\Documents and Settings\Nicolas\Bureau\HijackThis.exe" /uninstall
    HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
    HP Image Zone 5.3-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
    HP Imaging Device Functions 5.3-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
    HP Product Detection-->MsiExec.exe /X{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}
    HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat
    HP Software Update-->MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
    HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
    Intel(R) Network Connections Drivers-->Prounstl.exe
    iTunes-->MsiExec.exe /I{EF6C4600-306D-4F6A-A119-C2A877D25B4A}
    Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Keylogger Detector-->MsiExec.exe /I{D24F284E-5542-4B39-803C-EEA9449A179E}
    Lecteur Windows Media 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
    Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C191BE7C-8542-4A61-973A-714EF76C5995}\setup.exe" -l0x40c
    Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x40c UNINSTALL
    Ma-Config.com-->MsiExec.exe /X{06526E3A-92DD-4F45-90CD-902953F1A8D2}
    MainConcept for Software Encoder-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{E7A02A01-C75A-4490-A168-5CA709A3D862}
    Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
    Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700}
    Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
    Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
    Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
    Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
    Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
    Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
    Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
    Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
    Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSI 8624 BDA Driver-->C:\WINDOWS\p3xunist.exe
    MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    Navilog1 3.6.5-->"C:\Program Files\Navilog1\unins000.exe"
    Nero 7 Essentials-->MsiExec.exe /X{8046A32C-88A7-45DA-B6D7-B6191E261036}
    neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
    NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
    OpenOffice.org 2.3-->MsiExec.exe /I{417E90DF-A9C4-43C4-90D9-FD7F107B68DB}
    Outil de mise à jour Google-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
    PowerDVD-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -uninstall
    PowerProducer-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
    Programme de gestion Camera de Logitech®-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
    QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
    Rappelz-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{01A8838A-9469-425F-A5FB-FC14D4CF93B9}\setup.exe" -l0x40c -removeonly
    Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x40c -removeonly
    Sacred 2 Demo-->MsiExec.exe /I{4636E701-5410-4231-BF83-6B99DE575149}
    SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
    SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
    SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
    Samsung PC Studio 3 USB Driver Installer-->"C:\Program Files\InstallShield Installation Information\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}\setup.exe" -runfromtemp -l0x040c -removeonly
    Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x040c -removeonly
    Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
    Steam(TM)-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
    TeamSpeak 2 RC2-->"C:\Program Files\Teamspeak2_RC2\unins000.exe"
    TV@Anywhere Utilities-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{477AB148-138C-46D2-820B-0DBFA744CEE8}\setup.exe" -l0x40c -uninst
    TVUPlayer 2.3.7.1-->C:\Program Files\TVUPlayer\uninst.exe
    VideoLAN VLC media player 0.8.6i-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    Warhammer Online: Age of Reckoning-->"C:\Warhammer Online - Age of Reckoning\unins000.exe"
    Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
    Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390}
    Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
    Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
    Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
    Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
    Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
    World of Warcraft-->C:\Program Files\Fichiers communs\Blizzard Entertainment\World of Warcraft\Uninstall.exe
    Wow Cartographe 1.08-->C:\Program Files\WowCartographe\uninst.exe
    XviD MPEG-4 Video Codec-->"C:\Program Files\XviD\unins000.exe"

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: Avira AntiVir PersonalEdition

    ======Environment variables======

    "ComSpec"=%SystemRoot%\system32\cmd.exe
    "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Samsung\Samsung PC Studio 3;C:\Program Files\QuickTime\QTSystem
    "windir"=%SystemRoot%
    "FP_NO_HOST_CHECK"=NO
    "OS"=Windows_NT
    "PROCESSOR_ARCHITECTURE"=x86
    "PROCESSOR_LEVEL"=6
    "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 6, GenuineIntel
    "PROCESSOR_REVISION"=0f06
    "NUMBER_OF_PROCESSORS"=2
    "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP"=%SystemRoot%\TEMP
    "TMP"=%SystemRoot%\TEMP
    "CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA"=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
    Contenus similaires
    9 Octobre 2008 21:21:08

    re
    Turel a dit :
    Héhé, à question bête réponse bête hein ^^.

    c'était un trait d'humour ;O)

    désinstalle via ajout/suppression de programmes: C:\Program Files\Anti-keylogger
    supprime le dossier:
    C:\Program Files\Anti-keylogger



    Rends toi sur ce lien : Virus Total
  • Clique sur Parcourir
  • Rends toi jusque sur ce fichier si tu le trouves :

    C:\Documents and Settings\pragot\Bureau\pragot.exe

  • Clique sur Envoyer le fichier et laisse travailler tant que "Situation actuelle : en cours d'analyse" est affiché.
  • Il est possible que le fichier soit mis en file d'attente en raison d'un grand nombre de demandes d'analyses. En ce cas, il te faudra patienter sans actualiser la page.
  • Lorsque l'analyse est terminée ("Situation actuelle: terminé"), clique sur Formaté
  • Une nouvelle fenêtre de ton navigateur va apparaître
  • Clique alors sur cette image :
  • Fais un clic droit sur la page, et choisis Sélectionner tout, puis copier
  • Enfin colle le résultat dans ta prochaine réponse.
    Note : Peu importe le résultat, il est important de me communiquer le résultat de toute l'analyse.
    Il est possible que tes outils de sécurité réagissent à l'envoi du fichier, en ce cas il te faudra ignorer les alertes.

    9 Octobre 2008 21:42:16

    Ok, je viens de faire ça.
    J'ai eu de la chance, c'est allé tres vite, sans file d'attente.
    Voila donc le rapport :

    Fichier pragot.exe reçu le 2008.10.09 21:38:19 (CET)Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.10.10.0 2008.10.09 -
    AntiVir 7.8.1.34 2008.10.09 -
    Authentium 5.1.0.4 2008.10.09 -
    Avast 4.8.1248.0 2008.10.09 -
    AVG 8.0.0.161 2008.10.09 -
    BitDefender 7.2 2008.10.09 -
    CAT-QuickHeal 9.50 2008.10.08 -
    ClamAV 0.93.1 2008.10.09 -
    DrWeb 4.44.0.09170 2008.10.09 -
    eSafe 7.0.17.0 2008.10.08 Suspicious File
    eTrust-Vet 31.6.6137 2008.10.09 -
    Ewido 4.0 2008.10.09 -
    F-Prot 4.4.4.56 2008.10.08 -
    F-Secure 8.0.14332.0 2008.10.09 -
    Fortinet 3.113.0.0 2008.10.09 -
    GData 19 2008.10.09 -
    Ikarus T3.1.1.34.0 2008.10.09 -
    K7AntiVirus 7.10.489 2008.10.09 -
    Kaspersky 7.0.0.125 2008.10.09 -
    McAfee 5402 2008.10.09 -
    Microsoft 1.4005 2008.10.09 -
    NOD32 3507 2008.10.09 -
    Norman 5.80.02 2008.10.09 -
    Panda 9.0.0.4 2008.10.09 Suspicious file
    PCTools 4.4.2.0 2008.10.09 -
    Prevx1 V2 2008.10.09 -
    Rising 20.65.32.00 2008.10.09 -
    SecureWeb-Gateway 6.7.6 2008.10.09 -
    Sophos 4.34.0 2008.10.09 -
    Sunbelt 3.1.1708.1 2008.10.09 -
    Symantec 10 2008.10.09 -
    TheHacker 6.3.1.0.103 2008.10.07 -
    TrendMicro 8.700.0.1004 2008.10.09 -
    VBA32 3.12.8.6 2008.10.09 -
    ViRobot 2008.10.9.1414 2008.10.09 -
    VirusBuster 4.5.11.0 2008.10.09 -

    Information additionnelle
    File size: 401720 bytes
    MD5...: e8269245566be948f6a219135b434160
    SHA1..: 1ac255b76ef692ea6c09d4840dcd28c67c5d6bfe
    SHA256: 3c253bfd385c7f245f3c6131e58cbe22c0d03073a828b9938f923f00562d7c2d
    SHA512: bed5aa905b0b940e99489c19835c1c199878ab7455bff84748b94a0577db8d8e<BR>ebd66c96a3fc6db110bb6fde95947837860eb701c01cb65cb73488c7a464bae8
    PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
    TrID..: File type identification<BR>UPX compressed Win32 Executable (39.5%)<BR>Win32 EXE Yoda's Crypter (34.3%)<BR>Win32 Executable Generic (11.0%)<BR>Win32 Dynamic Link Library (generic) (9.8%)<BR>Generic Win/DOS Executable (2.5%)
    PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x542830<BR>timedatestamp.....: 0x466838c1 (Thu Jun 07 16:56:33 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>UPX0 0x1000 0xfc000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>UPX1 0xfd000 0x46000 0x45a00 7.93 8764d7eac0301131e6c79e4aa30317bf<BR>.rsrc 0x143000 0x1b000 0x1ae00 4.69 5f1a0873640fcdb4a281dbf91049814f<BR><BR>( 2 imports ) <BR>> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess<BR>> MSVBVM60.DLL: -<BR><BR>( 0 exports ) <BR>
    ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=e8269245566...
    packers (Kaspersky): PE_Patch.UPX, UPX
    packers (F-Prot): UPX

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.10.10.0 2008.10.09 -
    AntiVir 7.8.1.34 2008.10.09 -
    Authentium 5.1.0.4 2008.10.09 -
    Avast 4.8.1248.0 2008.10.09 -
    AVG 8.0.0.161 2008.10.09 -
    BitDefender 7.2 2008.10.09 -
    CAT-QuickHeal 9.50 2008.10.08 -
    ClamAV 0.93.1 2008.10.09 -
    DrWeb 4.44.0.09170 2008.10.09 -
    eSafe 7.0.17.0 2008.10.08 Suspicious File
    eTrust-Vet 31.6.6137 2008.10.09 -
    Ewido 4.0 2008.10.09 -
    F-Prot 4.4.4.56 2008.10.08 -
    F-Secure 8.0.14332.0 2008.10.09 -
    Fortinet 3.113.0.0 2008.10.09 -
    GData 19 2008.10.09 -
    Ikarus T3.1.1.34.0 2008.10.09 -
    K7AntiVirus 7.10.489 2008.10.09 -
    Kaspersky 7.0.0.125 2008.10.09 -
    McAfee 5402 2008.10.09 -
    Microsoft 1.4005 2008.10.09 -
    NOD32 3507 2008.10.09 -
    Norman 5.80.02 2008.10.09 -
    Panda 9.0.0.4 2008.10.09 Suspicious file
    PCTools 4.4.2.0 2008.10.09 -
    Prevx1 V2 2008.10.09 -
    Rising 20.65.32.00 2008.10.09 -
    SecureWeb-Gateway 6.7.6 2008.10.09 -
    Sophos 4.34.0 2008.10.09 -
    Sunbelt 3.1.1708.1 2008.10.09 -
    Symantec 10 2008.10.09 -
    TheHacker 6.3.1.0.103 2008.10.07 -
    TrendMicro 8.700.0.1004 2008.10.09 -
    VBA32 3.12.8.6 2008.10.09 -
    ViRobot 2008.10.9.1414 2008.10.09 -
    VirusBuster 4.5.11.0 2008.10.09 -

    Information additionnelle
    File size: 401720 bytes
    MD5...: e8269245566be948f6a219135b434160
    SHA1..: 1ac255b76ef692ea6c09d4840dcd28c67c5d6bfe
    SHA256: 3c253bfd385c7f245f3c6131e58cbe22c0d03073a828b9938f923f00562d7c2d
    SHA512: bed5aa905b0b940e99489c19835c1c199878ab7455bff84748b94a0577db8d8e<BR>ebd66c96a3fc6db110bb6fde95947837860eb701c01cb65cb73488c7a464bae8
    PEiD..: UPX 2.90 [LZMA] -> Markus Oberhumer, Laszlo Molnar & John Reiser
    TrID..: File type identification<BR>UPX compressed Win32 Executable (39.5%)<BR>Win32 EXE Yoda's Crypter (34.3%)<BR>Win32 Executable Generic (11.0%)<BR>Win32 Dynamic Link Library (generic) (9.8%)<BR>Generic Win/DOS Executable (2.5%)
    PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x542830<BR>timedatestamp.....: 0x466838c1 (Thu Jun 07 16:56:33 2007)<BR>machinetype.......: 0x14c (I386)<BR><BR>( 3 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>UPX0 0x1000 0xfc000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e<BR>UPX1 0xfd000 0x46000 0x45a00 7.93 8764d7eac0301131e6c79e4aa30317bf<BR>.rsrc 0x143000 0x1b000 0x1ae00 4.69 5f1a0873640fcdb4a281dbf91049814f<BR><BR>( 2 imports ) <BR>> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, ExitProcess<BR>> MSVBVM60.DLL: -<BR><BR>( 0 exports ) <BR>
    ThreatExpert info: http://www.threatexpert.com/report.aspx?md5=e8269245566...
    packers (Kaspersky): PE_Patch.UPX, UPX
    packers (F-Prot): UPX
    9 Octobre 2008 21:43:52

    re

    tu sais ce que c'est?
    le fichier est sur ton bureau...

    +++++++++++++++

    ~Fais une analyse antivirus en ligne sur le site de Kaspersky
    http://www.kaspersky.com/kos/eng/partner/default/kavweb...

    * Clique sur Accept
    * Une barre jaune va te demander si tu acceptes d'installer le Kavwebscan_Unicode.cab, installe l'Active X.
    * clique une nouvelle fois sur "Accept"
    * Les bases de mises à jour vont s'installer, patiente un moment
    * Clique sur Next.
    * Clique sur My Computer, le scan se met en route; attends la fin du scan sans fermer la fenêtre sinon il s'arrêtera.
    * Poste le rapport de scan.
    10 Octobre 2008 00:04:30

    Le fichier Pragot est bien sur mon bureau. C'est en fait un fichier HiJackThis renommé avec mon nom de famille (mal ecrit en plus)...je sais pas comment ça se fait.

    Voila le rapport Kapersky :
    Friday, October 10, 2008
    Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
    Kaspersky Online Scanner 7 version: 7.0.25.0
    Program database last update: Thursday, October 09, 2008 20:21:30
    Records in database: 1301985


    Scan settings
    Scan using the following database extended
    Scan archives yes
    Scan mail databases yes

    Scan area My Computer
    C:\
    D:\
    E:\
    F:\
    G:\
    H:\

    Scan statistics
    Files scanned 119192
    Threat name 0
    Infected objects 0
    Suspicious objects 0
    Duration of the scan 01:13:53

    No malware has been detected. The scan area is clean.
    The selected area was scanned.
    10 Octobre 2008 18:14:59

    bonsoir

    ~Lance Hijackthis.exe "do a system scan & save log file",et fais un copier coller du rapport généré dans ton prochain post.

    il faut que je vérifie un truc...
    10 Octobre 2008 19:39:48

    Bonsoir, voci le rapport demandé :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:39:04, on 10/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Logitech\Video\CameraAssistant.exe
    C:\WINDOWS\system32\ElkCtrl.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\DNA\btdna.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\pragot\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
    O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
    O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: TV Remote Control.lnk = C:\Program Files\MSI\TV@Anywhere Utilities\P3XRCtl.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProduct...
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.c...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flashplayer/curre...
    O18 - Protocol: bw+0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: offline-8876480 - {EF907C15-646D-4B1B-825B-B2BF6D90CCB2} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

    --
    End of file - 21528 bytes
    10 Octobre 2008 22:34:25

    re
    ça me semble propre.
    pas de keylogger en vue. :) 
    11 Octobre 2008 00:01:35

    Ah bon ? Et bien ça me rassure beaucoup je dois dire.
    J'aurais juste un derniere petite question : sais tu s'il y a eu ou non presence d'un keylogger sur mon ordinateur ou si j'ai juste paniquer pour rien depuis le debut ?

    Et bien à part ça, je te remercie d'avoir pris le temps de m'aider.
    Encore une fois, tres bon site avec de vrais pros. Ca fait plaisir.
    11 Octobre 2008 00:11:16

    tu as eu raison de t'inquiéter... mais non, pas de keylogger, à moins que tu l'ai viré tout seul avant de venir ici...

    Supprime tous les programmes installés pour la désinfection.


    Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



    Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

    Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

    ~Edite ton premier message (en cliquant sur la gomme) et marque [résolu] dans le titre.

    :hello: 
    19 Octobre 2008 11:26:27

    Salut, alors que j'avais marqué [résolu] et que j'etais rassuré je suis redevenu parano xD.
    J'ai fais quelques scans avec divers programmes et voila ce qu'il en ressort :
    - avec Antivir, il me trouve assez souvent 1 fichier infecté que je supprime.
    - avec RootkitRevealer, il me trouve "360 discrepancies found"
    - avec Panda, j'ai pu voir 63 fichiers infectés
    - enfin avec F-secure, il a trouvé 1 virus et 17 logiciels espions (ainsi que 6 fichiers ignorés, je ne sais pas si c'est important).

    Laplupart de ces scans sont des scans online. Je n'ai donc pas pu supprimer les fichiers marqués infectés. Sur mon PC, seuls Antivir et RootkitRevealer sont present.
    Et je precise que F-secure n'a pas encore fini son scan à l'heure où j'ecris ces lignes donc je serai amené à editer ce message ou a reposter pour ecrire ce qu'il en a été de ce scan une fois terminé.

    Comme je viens de reprendre mon abonnement à WoW et que je viens donc d'utiliser ma carte bleue, j'aimerais pouvoir etre certains que je ne risque pas de me faire voler (argent et compte WoW) à cause de la presence d'une de ces saletés de keylogger.

    Voila, je vous remercie d'avance et j'attends vos instructions.

    édit : Le scan F-secure vient de s'achever. Peut etre que j'interprete mal mais je crois que les virus et autres espions n'ont pas été désinfectés...
    Voila le rapport terminé de F-secure :

    Scanning Report
    Sunday, October 19, 2008 10:38:36 - 11:39:27
    Computer name: PRAGOUT-FD34886
    Scanning type: Scan system for malware, rootkits
    Target: C:\


    --------------------------------------------------------------------------------

    Result: 18 malware found
    TrackingCookie.2o7 (spyware)
    System
    TrackingCookie.Adbrite (spyware)
    System
    TrackingCookie.Adinterax (spyware)
    System
    TrackingCookie.Adrevolver (spyware)
    System
    TrackingCookie.Adtech (spyware)
    System
    TrackingCookie.Advertising (spyware)
    System
    TrackingCookie.Atdmt (spyware)
    System
    TrackingCookie.Doubleclick (spyware)
    System
    TrackingCookie.Emediate (spyware)
    System
    TrackingCookie.Mediaplex (spyware)
    System
    TrackingCookie.Questionmarket (spyware)
    System
    TrackingCookie.Revsci (spyware)
    System
    TrackingCookie.Tradedoubler (spyware)
    System
    TrackingCookie.Webtrends (spyware)
    System
    TrackingCookie.Xiti (spyware)
    System
    TrackingCookie.Yieldmanager (spyware)
    System
    TrackingCookie.Zanox (spyware)
    System
    W32/Packed/FSG_2.A (virus)
    C:\PROGRAM FILES\NAVILOG1\GNC.EXE (Submitted)

    --------------------------------------------------------------------------------

    Statistics
    Scanned:
    Files: 64396
    System: 4968
    Not scanned: 6
    Actions:
    Disinfected: 0
    Renamed: 0
    Deleted: 0
    None: 18
    Submitted: 1
    Files not scanned:
    C:\PAGEFILE.SYS
    C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
    C:\WINDOWS\SYSTEM32\CONFIG\SAM
    C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
    C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
    C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
    19 Octobre 2008 13:30:51

    bonjour
    rien dans ces rapports
    ce sont des cookies, c'est normal

    pour navilog1, il fallait le supprimer, comme demandé plus haut...
    19 Octobre 2008 13:38:05

    Ah bon ? Et bien que dire ? Deja merci, c'est vrai que c'est rassurant mais comme je suis quelqu'un de jamais satisfait je me permet de te poser une derniere petite question ;) 

    Dans tout ce que j'ai ecrit, il y a quand même des choses suspectes non ? Et puis surtout, et sans remettre en cause ce que tu m'a dit et tout ce que tu as fait pour m'aider, je n'arrive pas à me persuader que tout est clean parce que le fait est que j'ai cliqué sur le lien vérolé de wow-europe.

    S'il y a ne serait-ce qu'une once de danger je suis pret à refaire toute les series d'analyse si bien sur ça ne te deranges pas de m'y aider.
    En revanche si tu me confirme que tout va vraiment bien et que je n'ai rien à craindre d'un probable keylogger, ça ne sera pas nécessaire.

    En tout cas je suis désolé de revenir t'embeter avec mon affaire, surtout si je n'ai pas à etre preoccupé.
    Je te remercie de ton attention.
    19 Octobre 2008 20:51:00

    re
    moi, je ne voies rien, mais ce n'est que moi hein... :D 
    :hello: 

    20 Octobre 2008 14:26:32

    Ok, et bien je te fais confiance alors ^^.
    Merci pour tout (je met résolu).
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS