Se connecter / S'enregistrer
Votre question

fenetre CiD internet exploreur intempestive

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
16 Mars 2007 20:56:09

salut, j'ai un probleme , dés que je navigue sur le web, des fenetres internet exploreur s'ouvre
toute seul avec ecrit en haut "CiD: casino(ou autre)"
si quelqu un peut m aider...

Autres pages sur : fenetre cid internet exploreur intempestive

a b 8 Sécurité
16 Mars 2007 20:59:44

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application.
Choisis l'option "Do a system scan and save a logfile"
Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
Colle le rapport ici.

AIDE : Tuto en vidéo sur Hijackthis

&

Télécharge LopResearch.zip
Dézippe-le sur ton Bureau.
Lance le fichier Scan.bat
Un rapport sera généré, poste son contenu ici.
17 Mars 2007 14:28:48

Logfile of HijackThis v1.99.1
Scan saved at 14:28:11, on 17/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Norman\bin\ZANDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Norman\bin\ZLH.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TribalWeb.net\tribalweb.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\Documents and Settings\kevin\Bureau\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Norman\NORMAN~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.alloticket.com/MicroPaiement/kit/WebInstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.servicesalacarte.wanadoo.fr/activex...
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f009.mail.caramail.lycos.fr/app/uploader/FileUpl...
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeux.wanadoo.fr/online2/diner_dash/DinerDash.1.0...
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeux.wanadoo.fr/online2/insaniquarium/Oberongame...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{628BDF4B-AC23-45CB-899B-08C80E512DF6}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Contenus similaires
17 Mars 2007 14:32:15

Rapport fait à 14:29:59,67 le 17/03/2007

Le volume dans le lecteur C s'appelle disque dur
Le num‚ro de s‚rie du volume est F8A2-C457

R‚pertoire de C:\Documents and Settings\All Users\Application Data

08/03/2007 20:19 <REP> Yahoo! Companion
25/02/2007 17:48 <REP> TEMP
20/02/2007 23:22 <REP> MAGSBOOKDELETERULE
26/01/2007 20:47 <REP> Adobe
24/12/2006 15:23 <REP> Pinnacle Studio
24/12/2006 15:18 <REP> Pinnacle
22/09/2006 14:44 <REP> Google
16/09/2006 15:04 <REP> CyberLink
15/09/2006 10:52 <REP> Oberongames
10/09/2006 13:53 <REP> nView_Profiles
20/05/2006 12:39 <REP> Windows Genuine Advantage
19/05/2006 20:50 <REP> Zylom
21/03/2006 19:44 <REP> pixelStorm
14/10/2005 11:45 <REP> Trymedia
26/01/2005 19:43 <REP> QuickTime
26/01/2005 19:40 <REP> Kodak
02/11/2004 00:14 <REP> Macrovision
01/01/2000 12:25 <REP> SBSI
01/01/2000 12:14 62 desktop.ini
01/01/2000 12:13 <REP> Microsoft
01/01/2000 12:13 <REP> ..
01/01/2000 12:13 <REP> .
1 fichier(s) 62 octets
21 R‚p(s) 36425330688 octets libres
Le volume dans le lecteur C s'appelle disque dur
Le num‚ro de s‚rie du volume est F8A2-C457

R‚pertoire de C:\Documents and Settings\kevin\Application Data

08/03/2007 22:09 <REP> Talkback
08/03/2007 22:09 <REP> Mozilla
01/03/2007 18:17 <REP> Audacity
27/02/2007 20:05 <REP> CCleanup
20/02/2007 23:21 <REP> DrvDelete
11/02/2007 17:00 <REP> DivX
31/01/2007 22:27 <REP> vlc
13/01/2007 17:02 <REP> InstallShield
26/10/2006 22:29 <REP> ArcSoft
26/09/2006 10:47 <REP> Magic Match
16/09/2006 13:07 <REP> CyberLink
29/05/2006 09:02 <REP> Real
17/05/2006 11:11 <REP> FotoWire
25/04/2006 11:20 <REP> EA
06/04/2006 21:15 <REP> Norman
26/12/2005 21:58 <REP> Google
03/10/2005 14:19 <REP> Smart Panel
03/10/2005 14:19 <REP> EPSON
23/08/2005 13:25 <REP> eConf
31/07/2005 23:34 <REP> WholeSecurity
17/11/2004 22:06 <REP> Macromedia
11/09/2004 23:57 <REP> Microsoft Games
31/01/2004 19:06 <REP> InterVideo
31/01/2004 19:06 <REP> AdobeUM
31/01/2004 19:01 <REP> Template
31/01/2004 16:22 <REP> Help
31/01/2004 15:44 <REP> Adobe
31/01/2004 14:45 62 desktop.ini
31/01/2004 14:45 <REP> Identities
31/01/2004 14:45 <REP> ..
31/01/2004 14:45 <REP> .
31/01/2004 14:45 <REP> Microsoft
1 fichier(s) 62 octets
31 R‚p(s) 36425330688 octets libres
Le volume dans le lecteur C s'appelle disque dur
Le num‚ro de s‚rie du volume est F8A2-C457

R‚pertoire de C:\Documents and Settings\no‰llie\Application Data

14/06/2005 23:28 <REP> WholeSecurity
29/05/2005 19:04 <REP> MSN6
20/04/2005 22:37 <REP> Smart Panel
20/04/2005 22:37 <REP> EPSON
26/12/2004 17:02 <REP> Real
27/10/2004 18:33 <REP> ABBYY
26/10/2004 20:27 <REP> Microsoft Games
16/10/2004 10:55 <REP> Help
16/10/2004 09:11 <REP> Macromedia
30/01/2004 17:45 <REP> Template
25/01/2004 18:56 <REP> NeroVision
25/01/2004 18:47 <REP> AdobeUM
25/01/2004 18:19 <REP> Adobe
25/01/2004 18:13 <REP> InterVideo
25/01/2004 18:10 <REP> Ahead
25/01/2004 17:52 62 desktop.ini
25/01/2004 17:52 <REP> Identities
25/01/2004 17:52 <REP> ..
25/01/2004 17:52 <REP> .
25/01/2004 17:52 <REP> Microsoft
1 fichier(s) 62 octets
19 R‚p(s) 36425310208 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur C s'appelle disque dur
Le num‚ro de s‚rie du volume est F8A2-C457

R‚pertoire de C:\WINDOWS\Tasks

07/03/2007 12:18 330 MP Scheduled Scan.job
22/02/2007 22:15 266 BA1F15AA93B0BCBE.job
05/11/2003 03:20 65 desktop.ini
01/01/2000 12:20 6 SA.DAT
01/01/2000 12:18 <REP> ..
01/01/2000 12:18 <REP> .
4 fichier(s) 667 octets
2 R‚p(s) 36ÿ425ÿ310ÿ208 octets libres

******************************************
Recherche dans Program files

Le dossier C:\Program Files\C2Media n'existe pas

*************** Fin du rapport ****************
a b 8 Sécurité
17 Mars 2007 14:34:44

Re,

Avant de supprimer Lop :

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

17 Mars 2007 14:39:31

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 17/03/2007 a 14:38:41,37

*** Recherche de fichiers sur C:
C:\unwise.exe FOUND

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\winsys.exe FOUND
C:\WINDOWS\impborl.dll FOUND

*** Fin du rapport !
a b 8 Sécurité
17 Mars 2007 14:46:01

Re,

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Double-clique sur OTMoveIt.exe afin de le lancer.
Sélectionne TOUS les emplacements ci-dessous :


C:\Documents and Settings\All Users\Application Data\MAGSBOOKDELETERULE
C:\Documents and Settings\kevin\Application Data\DrvDelete
C:\WINDOWS\Tasks\BA1F15AA93B0BCBE.job
C:\unwise.exe
C:\WINDOWS\system32\winsys.exe
C:\WINDOWS\impborl.dll


---> Clique-droit puis Copier

Retourne sur OTMoveIt, fais un Clique-droit sur le cadre de gauche puis choisis Coller.
Clique maintenant sur [#ff0000]MoveIt![/#f]

!! Si un fichier ou dossier ne peut être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport est la date de sa création.
17 Mars 2007 14:50:39

File/Folder not found.
C:\Documents and Settings\All Users\Application Data\MAGSBOOKDELETERULE moved successfully.
C:\Documents and Settings\kevin\Application Data\DrvDelete moved successfully.
C:\WINDOWS\Tasks\BA1F15AA93B0BCBE.job moved successfully.
File/Folder C:\unwise.exe FOUND not found.
C:\WINDOWS\system32\winsys.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\impborl.dll
C:\WINDOWS\impborl.dll NOT unregistered.
C:\WINDOWS\impborl.dll moved successfully.

Created on 03/17/2007 14:49:21
a b 8 Sécurité
17 Mars 2007 14:54:15

Reposte un rapport Hijackthis.
17 Mars 2007 14:57:26

Logfile of HijackThis v1.99.1
Scan saved at 14:57:09, on 17/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Norman\bin\ZANDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Wanadoo\CnxMon.exe
C:\Norman\bin\ZLH.EXE
C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TribalWeb.net\tribalweb.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Documents and Settings\kevin\Bureau\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: eBay Toolbar Helper - {22D8E815-4A5E-4DFB-845E-AAB64207F5BD} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar5.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: eBay Toolbar - {92085AD4-F48A-450D-BD93-B28CC7DF67CE} - C:\Program Files\eBay\eBay Toolbar2\eBayTB.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\Wanadoo\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\TaskbarIcon.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Norman\NORMAN~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .wav: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/a...
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {1F83CD9E-505E-4F87-BECE-0832A763E36F} (Image Uploader 3.0 Control) - http://www.mypixmania.com/fr/fr/importer/MypixUploader....
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by116fd.bay116.hotmail.msn.com/resources/MsnPUpl...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6DB731A3-B074-4118-8B1C-32511C65D836} (FotovistaPhotoUploader.ctrFpu) - http://www.mypixmania.com/fr/fr/tools/activex/fpu.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005102501/housecall...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.alloticket.com/MicroPaiement/kit/WebInstall....
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.servicesalacarte.wanadoo.fr/activex...
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f009.mail.caramail.lycos.fr/app/uploader/FileUpl...
O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://jeux.wanadoo.fr/online2/diner_dash/DinerDash.1.0...
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeux.wanadoo.fr/online2/insaniquarium/Oberongame...
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{628BDF4B-AC23-45CB-899B-08C80E512DF6}: NameServer = 80.10.246.130 80.10.246.3
O18 - Protocol: bw+0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {5F3D9277-270D-4A83-A5BB-C792DBBD2F3E} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

a b 8 Sécurité
17 Mars 2007 15:00:57

Re,

Tu peux supprimer ce fichier ?
C:\unwise.exe
17 Mars 2007 15:58:29

oui,il est suprimé
a b 8 Sécurité
17 Mars 2007 16:07:15

Re,

Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.

17 Mars 2007 16:31:05

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 17/03/2007 a 16:30:30,95

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\system32

*** Fin du rapport !
17 Mars 2007 16:31:45

le probleme semble etre resolu
a b 8 Sécurité
17 Mars 2007 16:35:54

On vérifie.

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Configurer le contrôle des ActiveX

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    17 Mars 2007 19:08:27

    KASPERSKY ON-LINE SCANNER REPORT
    Saturday, March 17, 2007 7:04:31 PM
    Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky On-line Scanner version : 5.0.83.0
    Dernière mise à jour de la base antivirus Kaspersky : 17/03/2007
    Enregistrements dans la base antivirus Kaspersky : 282636


    Paramètres d'analyse
    Analyser avec la base antivirus suivante étendue
    Analyser les archives vrai
    Analyser les bases de messagerie vrai

    Cible de l'analyse Poste de travail
    A:\
    C:\
    D:\
    E:\
    F:\
    G:\
    Z:\

    Statistiques de l'analyse
    Total d'objets analysés 90446
    Nombre de virus trouvés 1
    Nombre d'objets infectés 5 / 0
    Nombre d'objets suspects 0
    Durée de l'analyse 01:48:34

    Nom de l'objet infecté Nom du virus Dernière action
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-02252007-234533.log L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt L'objet est verrouillé ignoré

    C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Bureau\clean.zip/clean/pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré

    C:\Documents and Settings\kevin\Bureau\clean.zip ZIP: infecté - 1 ignoré

    C:\Documents and Settings\kevin\Bureau\hijack\clean\pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré

    C:\Documents and Settings\kevin\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Historique\History.IE5\MSHist012007031720070318\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\Local Settings\Temporary Internet Files\Content.IE5\XRWNFG0N\clean[1].zip/clean/pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré

    C:\Documents and Settings\kevin\Local Settings\Temporary Internet Files\Content.IE5\XRWNFG0N\clean[1].zip ZIP: infecté - 1 ignoré

    C:\Documents and Settings\kevin\ntuser.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\kevin\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré

    C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 01 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 01 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 02 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 02 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 03 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 03 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 04 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 04 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 05 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 05 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 06 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 06 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 07 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 07 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 09 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 09 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 10 (VOST FR by LauCass).avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate Housewives - Saison 3 - Episode 10 (VOST FR by LauCass).avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.315.notv.VF_PC.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.315.notv.VF_PC.avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E08.VOST.French.by.CaSaDiVX.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E08.VOST.French.by.CaSaDiVX.avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E11.VOST.French.by.CaSaDiVX.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E11.VOST.French.by.CaSaDiVX.avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E12.VOST.French.by.CaSaDiVX.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E12.VOST.French.by.CaSaDiVX.avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E13.VOST.French.by.CaSaDiVX.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate.Housewives.S03E13.VOST.French.by.CaSaDiVX.avi.downloading.state L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate[1].Housewives.s03e14.HDTV.XviD-NoTV.VF_PC.avi.downloading L'objet est verrouillé ignoré

    C:\Documents and Settings\noëllie\Mes documents\kevin.libereau\Mes réceptions TribalWeb.net\noellie_et_kevin\desperate housewives saison 3\Desperate[1].Housewives.s03e14.HDTV.XviD-NoTV.VF_PC.avi.downloading.state L'objet est verrouillé ignoré

    C:\Program Files\EPSON\EPSON PhotoQuicker3.5\Config\User\noëllie.pq3 L'objet est verrouillé ignoré

    C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.me L'objet est verrouillé ignoré

    C:\Program Files\Kodak\Kodak EasyShare software\Catalog\EasyShare.mm L'objet est verrouillé ignoré

    C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\colbact.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\comuid.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\es.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\ole32.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB828741$\txflog.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\callcont.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\h323.tsp L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\msgina.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\mst120.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll L'objet est verrouillé ignoré

    C:\WINDOWS\$NtUninstallKB835732$\schannel.dll L'objet est verrouillé ignoré

    C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb L'objet est verrouillé ignoré

    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré

    C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré

    C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré

    C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré

    C:\WINDOWS\system32\drivers\dtscsi.sys L'objet est verrouillé ignoré

    C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré

    C:\WINDOWS\system32\drivers\sptd6029.sys L'objet est verrouillé ignoré

    C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré

    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré

    C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré

    C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré

    C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré

    Z:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré

    Analyse terminée.
    a b 8 Sécurité
    17 Mars 2007 19:09:41

    Il faudrait se calmer sur le P2P.
    D'autres problèmes ?
    17 Mars 2007 19:18:40

    pas pour le moment,merci pour le coup de main(ou de souris),autrement je voudrais savoir si enregistrer la radio est illégal? car on peut le faire avec winamp+streamripper, plus besoin deP2P pour la zic.
    a b 8 Sécurité
    17 Mars 2007 19:28:53

    Je ne pense pas.
    a b 8 Sécurité
    19 Mars 2007 13:29:02

    Messages supprimés.
    Crée ton propre sujet !
    24 Mars 2007 12:40:22

    Salut, j'ai un probleme de fenetre intemptestives CID (MAC+bootcamp+windoms), pouvez vous m'aider, j'ai le rapport hijack mais je ne sais pas quoi en faire...
    merci
    24 Mars 2007 12:41:27

    Logfile of HijackThis v1.99.1
    Scan saved at 14:29:02, on 24/03/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\WgaTray.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\Brightness.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Apple Keyboard Support\KbdMgr.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\lclock.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\pc\Bureau\hijackthis\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.winlsd.org/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: IE 4.x-6.x BHO for Internet Download Accelerator - {2A646672-9C3A-4C28-9A7A-1FB0F63F28B6} - C:\PROGRA~1\IDA\idaiehlp.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O4 - HKLM\..\Run: [AppleTime] C:\WINDOWS\system32\AppleTime.exe
    O4 - HKLM\..\Run: [Brightness] C:\WINDOWS\system32\Brightness.exe
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [Apple_KbdMgr] "C:\Program Files\Apple Keyboard Support\KbdMgr.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
    O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [tonslessshimmode] C:\Documents and Settings\All Users\Application Data\fordantetonsless\storebyte.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LClock] lclock.exe
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [TeamDoes] C:\DOCUME~1\pc\APPLIC~1\SECOND~1\Gpl Web Save.exe
    O8 - Extra context menu item: Download ALL with IDA - C:\Program Files\IDA\idaieall.htm
    O8 - Extra context menu item: Download with IDA - C:\Program Files\IDA\idaie.htm
    O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
    O9 - Extra button: Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O9 - Extra 'Tools' menuitem: &Internet Download Accelerator - {9819CC0E-9669-4D01-9CD7-2C66DA43AC6C} - C:\Program Files\IDA\ida.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DE4849C4-DC6B-41E8-8DF7-3A5757B3AA78}: NameServer = 192.168.1.1
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

    24 Mars 2007 12:44:41

    Rapport fait à 14:44:17,62 le 24/03/2007

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 74C8-33DC

    R‚pertoire de C:\Documents and Settings\Default User\Application Data

    26/02/2007 15:07 62 desktop.ini
    26/02/2007 15:07 <REP> Microsoft
    26/02/2007 15:07 <REP> ..
    26/02/2007 15:07 <REP> .
    1 fichier(s) 62 octets
    3 R‚p(s) 14752956416 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 74C8-33DC

    R‚pertoire de C:\Documents and Settings\All Users\Application Data

    11/03/2007 16:50 <REP> Windows Genuine Advantage
    06/03/2007 14:35 <REP> Spybot - Search & Destroy
    05/03/2007 18:09 <REP> fordantetonsless
    02/03/2007 11:51 <REP> CanonBJ
    02/03/2007 11:50 <REP> SSScanWizard
    02/03/2007 11:50 <REP> SSScanAppDataDir
    26/02/2007 17:17 <REP> Adobe
    26/02/2007 17:16 <REP> QuickTime
    26/02/2007 15:07 62 desktop.ini
    26/02/2007 15:07 <REP> ..
    26/02/2007 15:07 <REP> .
    26/02/2007 15:07 <REP> Microsoft
    1 fichier(s) 62 octets
    11 R‚p(s) 14752956416 octets libres
    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 74C8-33DC

    R‚pertoire de C:\Documents and Settings\pc\Application Data

    06/03/2007 14:34 <REP> Lavasoft
    05/03/2007 18:09 <REP> SECONDLESSDENT
    05/03/2007 18:08 <REP> BitDownload
    02/03/2007 11:50 <REP> ScanSoft
    28/02/2007 17:59 <REP> Internet Download Accelerator
    28/02/2007 14:22 <REP> Macromedia
    28/02/2007 13:55 <REP> Mozilla
    26/02/2007 17:25 <REP> Graphisoft
    26/02/2007 17:14 <REP> Sun
    26/02/2007 15:43 <REP> Help
    26/02/2007 15:34 <REP> Identities
    26/02/2007 15:34 62 desktop.ini
    26/02/2007 15:34 <REP> ..
    26/02/2007 15:34 <REP> .
    26/02/2007 15:34 <REP> Microsoft
    1 fichier(s) 62 octets
    14 R‚p(s) 14752956416 octets libres
    ******************************************
    Recherche des taches planifiées dans C:\WINDOWS\tasks

    Le volume dans le lecteur C n'a pas de nom.
    Le num‚ro de s‚rie du volume est 74C8-33DC

    R‚pertoire de C:\WINDOWS\Tasks

    26/02/2007 15:29 6 SA.DAT
    26/02/2007 15:13 65 desktop.ini
    26/02/2007 15:13 <REP> ..
    26/02/2007 15:13 <REP> .
    2 fichier(s) 71 octets
    2 R‚p(s) 14ÿ752ÿ956ÿ416 octets libres

    ******************************************
    Recherche dans Program files

    Le dossier C:\Program Files\C2Media n'existe pas

    *************** Fin du rapport ****************
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS