Aller au contenu

le surfeur masqué

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    12

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par le surfeur masqué

  1. le surfeur masqué
    re re re snif.... Incident Statut Analyse Spyware:spyware/cws.olehelp No Désinfecté Registre Windows
  2. le surfeur masqué
    bonnes vacances j espère voilà ce que tu m as demandé @ plus
  3. le surfeur masqué
    désolé pour la réponse tardive... petit week end voilà ce que ca m'a donné REGEDIT4 ; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 11/07/2006 10:06:34 for strings: ; '4e7bd74f-2b8d-469e-a0e8-ed6ab685fa7d 44240bb5-bd7d-4d49-a1aa-8ab0f3d3cb44' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS ; End Of The Log...
  4. le surfeur masqué
  5. le surfeur masqué
    après la manip effectuée toujours le même rapport sur panda pas de changement Spyware:spyware/cws.olehelp No Désinfecté Registre Windows
  6. le surfeur masqué
    Incident Statut Analyse Spyware:spyware/cws.olehelp No Désinfecté Registre Windows
  7. le surfeur masqué
  8. le surfeur masqué
    [Après avoir fait ceci, scanne de nouveau ton système avec l'antivirus en ligne de panda, et met le rapport obtenu dans ton prochain post. A+ Incident Statut Analyse Spyware:spyware/cws.olehelp No Désinfecté Registre Windows Logfile of HijackThis v1.99.1 Scan saved at 00:17:54, on 04/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\APPS\NET2PLUG\tools\wait4IP.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\WINDOWS\ALCWZRD.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\AOSD.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wanadoo.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LDM] \Program\ O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B52AAB55-FD96-4729-B9CF-BCAB289265E9}: NameServer = 205.188.146.145 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: MysqlInventime - - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
  9. le surfeur masqué
    - le rapport de panda (ou celui de Kasperksy) - le nouveau rapport Hijackthis A+ voilà les deux rapports demandés Incident Statut Analyse Adware:adware/cashsaver No Désinfecté c:\windows\system32\CSUninstall.exe Adware:adware/ncase No Désinfecté c:\program files\180 Spyware:spyware/cws.olehelp No Désinfecté Registre Windows Logfile of HijackThis v1.99.1 Scan saved at 22:50:00, on 03/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4gui.exe C:\APPS\NET2PLUG\tools\wait4IP.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\WINDOWS\ALCWZRD.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\AOSD.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LDM] \Program\ O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{B52AAB55-FD96-4729-B9CF-BCAB289265E9}: NameServer = 205.188.146.145 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe O23 - Service: MysqlInventime - - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
  10. le surfeur masqué
    [=================================================================== Je récapitule pour les rapports que tu dois coller dans ta prochaine réponse : - Le rapport d'Ewido - Le rapport de Panda (activescan.txt) - Le rapport de Blacklight (préalablement sauvegardé dans un fichier .txt) - Le nouveau rapport Hijackthis (généré en mode normal) Du boulot en perspective...bonne chance . Si il y a quelque chose que tu ne saisis pas, demande-le moi avant d'appliquer cette procédurre bon j ai suivi ta procedure avec quelques difficultés, en effet en mode sans echec je me retrouve avec résolution d ecran de 800/600 sans pouvoir le modifier ce qui me gene dans l acces à certain éléments notement je n ai pu effectuer le scan en mode sans echec de ecleaner car pas d icone sur mon bureau et pas d acces non plus sur le menu demarer/ tous les programmes... de plus le scan en ligne de panda à généré une erreur bien que j ai télécharger activ x je te fournis donc les rapports en ma possession 1/ --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 01:50:21 03/07/2006 + Scan result: HKU\S-1-5-21-2875067623-3482105271-1403836488-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Cleaned with backup (quarantined). :mozilla.414:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.415:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.494:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.495:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.496:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.497:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.260:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.261:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.378:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.379:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.380:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.9:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.966:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.967:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.968:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.969:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.970:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.971:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.299:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned. :mozilla.300:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned. :mozilla.301:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned. :mozilla.302:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Bestoffersnetworks : Cleaned. :mozilla.484:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.96:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.97:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.98:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.99:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. :mozilla.102:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.103:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.201:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.202:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.203:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.92:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Enhance : Cleaned. :mozilla.180:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.533:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.61:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.62:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.63:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.64:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.65:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.68:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.69:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.70:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.306:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.323:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned. :mozilla.534:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned. :mozilla.458:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.459:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.485:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.486:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.577:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.578:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.579:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.580:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.581:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.582:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.583:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.584:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.585:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.586:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.587:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.588:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.589:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.506:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.507:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.536:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.537:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.538:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.539:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.540:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.90:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.238:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.239:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.240:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.241:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.242:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.243:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.244:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.245:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.651:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.77:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned. :mozilla.553:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.919:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.920:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.921:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.922:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.923:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.574:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.575:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.576:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.595:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.596:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.625:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.626:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.627:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.628:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.629:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.630:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.631:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.632:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.633:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.634:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.635:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.636:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.637:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.638:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.639:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.646:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.696:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.697:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.698:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.699:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.701:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.961:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.973:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.974:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.975:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.976:C:\Documents and Settings\J PAUL\Application Data\Mozilla\Firefox\Profiles\mcjvaupg.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. HKU\S-1-5-21-2875067623-3482105271-1403836488-1008\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} -> Trojan.Small.anm : Cleaned with backup (quarantined). ::Report end 2/ 7/03/06 02:23:53 [info]: BlackLight Engine 1.0.42 initialized 07/03/06 02:23:53 [info]: OS: 5.1 build 2600 (Service Pack 2) 07/03/06 02:23:53 [Note]: 7019 4 07/03/06 02:23:53 [Note]: 7005 0 07/03/06 02:24:38 [Note]: 7006 0 07/03/06 02:24:38 [Note]: 7011 304 07/03/06 02:24:38 [Note]: 7026 0 07/03/06 02:24:38 [Note]: 7026 0 07/03/06 02:24:46 [Note]: FSRAW library version 1.7.1019 07/03/06 02:29:40 [Note]: 7007 0 3/Logfile of HijackThis v1.99.1 Scan saved at 02:35:10, on 03/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\APPS\NET2PLUG\tools\wait4IP.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\WINDOWS\ALCWZRD.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\apps\ABoard\AOSD.exe C:\Apps\Powercinema\PCMService.exe C:\Program Files\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\J PAUL\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [LDM] \Program\ O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B52AAB55-FD96-4729-B9CF-BCAB289265E9}: NameServer = 205.188.146.145 O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: acole - C:\WINDOWS\ O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: MysqlInventime - - (no file) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe j'espere que ces résultats partiels te permettront de m indiquer la marche à suivre encore merci pour toutes ces indications votre site est vraiment extra.....
  11. le surfeur masqué
    Au final, J'ai besoin de 3 rapports : - celui d'Hijackthis, effectué après application de la procédure - ceux des 2 scans en lignes (si tu trouves le fichier) A+ merci pour la rapidité de ta réponse en ce qui concerne ZA je l ai déjà désinstallé 2 fois et reinstallé le hic c est que quand je l installe je n ai plus d acces à internet et quand je le lance par le menu demarer programme j ai un message d erreur windows ne parvient pas à acceder au périphérique, au chemin d'accès ou au fichier spécifié. vous ne diposez peut être pas des autorisations appropriées pour avoir accès à l'élément. en ce qui concerne le fichier à analyser celui ci ne se trouve pas dans le dossier. autre chose, en mode sans echec je passe à une résolution la moins élevée (800/600) sans possibilité de la modifier dans parametre est ce normal ou suis je vraiment une quiche.... je joins le nouveau rapport ainsi que le rapport de antivir ( 1 fichier trouvé) et 4 heures de scan tiVir PersonalEdition Classic Report file date: samedi 1 juillet 2006 20:29 Scanning for 397237 virus strains and unwanted programs. Licensed to: AntiVir PersonalEdition Classic Serial number: 0000149996-WURGE-0001 Platform: Windows XP Windows version: (Service Pack 2) [5.1.2600] Username: J PAUL Computer name: JP Version informations: AVSCAN.EXE : 7.0.0.42 557096 01/07/2006 17:14:05 AVSCAN.DLL : 7.0.0.42 53288 01/07/2006 17:14:05 LUKE.DLL : 7.0.0.42 118824 01/07/2006 17:14:06 LUKERES.DLL : 7.0.0.42 25640 01/07/2006 17:14:06 ANTIVIR0.VDF : 6.35.0.1 7371264 01/07/2006 17:14:05 ANTIVIR1.VDF : 6.35.0.4 2048 01/07/2006 17:14:05 ANTIVIR2.VDF : 6.35.0.5 2048 01/07/2006 17:14:05 ANTIVIR3.VDF : 6.35.0.6 2048 01/07/2006 17:14:05 AVEWIN32.DLL : 7.1.0.10 1511936 01/07/2006 17:14:05 AVPREF.DLL : 7.0.0.1 49192 01/07/2006 17:14:05 AVREP.DLL : 6.35.0.1 643112 01/07/2006 17:14:05 AVRPBASE.DLL : 7.0.0.0 2162728 01/07/2006 17:14:05 AVPACK32.DLL : 7.1.0.1 335912 01/07/2006 17:14:05 AVREG.DLL : 6.31.0.90 27688 01/07/2006 17:14:05 NETNT.DLL : 6.32.0.0 6696 01/07/2006 17:14:06 NETNW.DLL : 6.32.0.0 9768 01/07/2006 17:14:06 RCIMAGE.DLL : 7.0.0.71 1642536 01/07/2006 17:14:13 RCTEXT.DLL : 7.0.0.75 77864 01/07/2006 17:14:13 Configuration settings for the scan: Jobname: '%s'.................: Manual Selection Configuration file............: C:\Documents and Settings\All Users\Application Data\AntiVir PersonalEdition Classic\PROFILES\folder.avp Boot sectors..................: C Scan memory...................: 1 Process scan..................: 1 Scan all files................: 2 Scan archives.................: 1 Recursion depth...............: 20 Smart extensions..............: 1 Macro heuristic...............: 1 File heuristic................: -1 Primary action................: 1 Secondary action..............: 0 Start of the scan: samedi 1 juillet 2006 20:29 The scan over running processes will be started 18 Processes was scanned Start scanning boot sectors: Boot sector 'C:\' [NOTE] No virus was found! Starting to scan the registry. The registry was scanned ( 41 files ). Starting the file scan: C:\pagefile.sys [WARNING] The file could not be opened! C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp [WARNING] The file could not be opened! C:\Documents and Settings\J PAUL\ntuser.dat [WARNING] The file could not be opened! C:\Documents and Settings\J PAUL\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\J PAUL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\J PAUL\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\NTUSER.DAT [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\ntuser.dat.LOG [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat [WARNING] The file could not be opened! C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG [WARNING] The file could not be opened! C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP550\A0108849.dll [DETECTION] Is the Trojan horse TR/Dldr.ConHook.E [iNFO] The file was deleted! C:\WINDOWS\system32\config\DEFAULT [WARNING] The file could not be opened! C:\WINDOWS\system32\config\default.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SAM.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SECURITY.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SOFTWARE [WARNING] The file could not be opened! C:\WINDOWS\system32\config\software.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\config\SYSTEM [WARNING] The file could not be opened! C:\WINDOWS\system32\config\system.LOG [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\atapi.sys [WARNING] The file could not be opened! End of the scan: dimanche 2 juillet 2006 00:29 Used time: 3:59:42 min The scan has been done completely. 7912 Scanning directories 408111 Files were scanned 1 viruses and/or unwanted programs was found 1 files were deleted 0 files were repaired 0 files were moved to quarantine 0 files were renamed 13342 Archives were scanned 21 Warnings 2 Notes Logfile of HijackThis v1.99.1 Scan saved at 01:00:50, on 02/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\APPS\NET2PLUG\tools\wait4IP.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\WINDOWS\ALCWZRD.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\AOSD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\J PAUL\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O18 - Protocol: bw+0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: acole - C:\WINDOWS\Fonts\acole.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
  12. le surfeur masqué
    boujour à tous, depuis la derniere mise à jour ZA impossible de retrouver mon par feu préféré apparement quelques bug ont été générés par cette version... je verrai ca plus tard ce qui me préoccupe c est qu'après avoir fait analysé mon rapport hijack j ai eu un message du type "Aucun pare-feu actif n'a été trouvé sur votre système ou le pare-feu que vous utilisez nous est inconnu. Si vous n'utilisez pas de pare-feu vous devriez en télécharger un et l'installer ou activer celui de Windows XP" hors dans centre de sécurité le par feu windows est activé... je me demande donc si il n y a pas autre chose je me permet de vous joindre le rapport obtenu, derniere chose j ai deux lignes qui ressortent en rouge.... merci de votre aide. Logfile of HijackThis v1.99.1 Scan saved at 14:01:27, on 01/07/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\APPS\NET2PLUG\tools\wait4IP.exe C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe C:\WINDOWS\ALCWZRD.EXE C:\apps\ABoard\ABoard.exe C:\Program Files\QuickTime\qttask.exe C:\Apps\Powercinema\PCMService.exe C:\apps\ABoard\AOSD.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\AOL 9.0\shellmon.exe C:\Program Files\Fichiers communs\Aol\aoltpspd.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Alwil Software\Avast4\ashSimpl.exe C:\Documents and Settings\J PAUL\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://wanadoo.fr/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 7\SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 7\SnagItIEAddin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [wait4ip] C:\APPS\NET2PLUG\tools\wait4IP.exe O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [speedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [LDM] \Program\ O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE O4 - Global Startup: SnagIt 7.lnk = C:\Program Files\TechSmith\SnagIt 7\SnagIt32.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {A031D222-B496-11D2-9CC8-00105A10AAF6} - http://hoylegames.sierra.com/cab/WONWebLauncherControl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/ac...ta/SymAData.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B52AAB55-FD96-4729-B9CF-BCAB289265E9}: NameServer = 205.188.146.145 O18 - Protocol: bw+0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: offline-8876480 - {56287A80-004C-4000-B585-5DFEBFAD6BF5} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: acole - C:\WINDOWS\Fonts\acole.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
×
×
  • Créer...