udolfo

Salut, Pour l'instant je n'ai que 3 disques, partitionné en 2 ou 3 parts. J'avais au départ installé Xp sur le disque C puis ça a merdé et je l'ai réinstallé sur le disque E. donc pour l'instant je boot tjs sur E. Voila A++

Yo regis, voila qui est fait ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, October 07, 2006 7:27:28 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/10/2006 Kaspersky Anti-Virus database records: 216559 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 146259 Number of viruses found: 3 Number of infected objects: 8 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:33:10 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Documents and Settings\François\Éléments supprimés.dbx/[From "Scottferguson" <scottferguson@webbox.com>][Date Tue, 03 Oct 2006 18:31:27 +0100]/UNNAMED/html Infected: Email-Worm.Win32.Bagle.mail skipped C:\Documents and Settings\François\Éléments supprimés.dbx/[From "Scottferguson" <scottferguson@webbox.com>][Date Tue, 03 Oct 2006 18:31:27 +0100]/UNNAMED Infected: Email-Worm.Win32.Bagle.mail skipped C:\Documents and Settings\François\Éléments supprimés.dbx Mail MS Outlook 5: infected - 2 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006100720061008\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000010.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6ac.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. A++

Yop yop voila qui est fait ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, October 02, 2006 7:03:52 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 2/10/2006 Kaspersky Anti-Virus database records: 215152 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 145478 Number of viruses found: 2 Number of infected objects: 5 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:14:05 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006092520061002\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006100220061003\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000010.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6a8.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

Yop voila, voila ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, September 30, 2006 3:22:14 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 30/09/2006 Kaspersky Anti-Virus database records: 214493 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 145679 Number of viruses found: 3 Number of infected objects: 6 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:14:20 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006093020061001\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000010.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP2\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\ltwakrmw.dll Infected: Packed.Win32.Klone.k skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6c0.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed. A++

Salut Regis Voici tous les rapports VundoFix V6.1.6 Checking Java version... Java version is 1.5.0.6 Scan started at 17:25:31 25/09/2006 Listing files found while scanning.... E:\WINDOWS\system32\gebyy.dll E:\WINDOWS\system32\yybeg.ini E:\WINDOWS\system32\yybeg.bak1 E:\WINDOWS\system32\yybeg.bak2 E:\WINDOWS\system32\yybeg.ini2 E:\WINDOWS\system32\yybeg.tmp E:\WINDOWS\system32\gimwrpmq.dll Beginning removal... Attempting to delete E:\WINDOWS\system32\gebyy.dll E:\WINDOWS\system32\gebyy.dll Could not be deleted. Attempting to delete E:\WINDOWS\system32\yybeg.ini E:\WINDOWS\system32\yybeg.ini Has been deleted! Attempting to delete E:\WINDOWS\system32\yybeg.bak1 E:\WINDOWS\system32\yybeg.bak1 Has been deleted! Attempting to delete E:\WINDOWS\system32\yybeg.bak2 E:\WINDOWS\system32\yybeg.bak2 Has been deleted! Attempting to delete E:\WINDOWS\system32\yybeg.ini2 E:\WINDOWS\system32\yybeg.ini2 Has been deleted! Attempting to delete E:\WINDOWS\system32\yybeg.tmp E:\WINDOWS\system32\yybeg.tmp Has been deleted! Attempting to delete E:\WINDOWS\system32\gimwrpmq.dll E:\WINDOWS\system32\gimwrpmq.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.1.6 Checking Java version... Java version is 1.5.0.6 Scan started at 17:30:10 25/09/2006 Listing files found while scanning.... E:\WINDOWS\system32\gebyy.dll Beginning removal... Attempting to delete E:\WINDOWS\system32\gebyy.dll E:\WINDOWS\system32\gebyy.dll Has been deleted! Performing Repairs to the registry. Done! Logfile of HijackThis v1.99.1 Scan saved at 17:35:06, on 25/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.EXE C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe E:\Program Files\Alwil Software\Avast4\ashServ.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe E:\Program Files\ewido anti-spyware 4.0\guard.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\oodag.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe E:\Program Files\Alwil Software\Avast4\ashWebSv.exe E:\WINDOWS\System32\svchost.exe E:\Documents and Settings\François\Bureau\Rep infection\hijackthis\HijackThis.exe E:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - E:\WINDOWS\system32\gimwrpmq.dll (file missing) O2 - BHO: (no name) - {CFAD7F8C-5491-48A1-A160-6AF2F6E8219A} - E:\WINDOWS\system32\gebyy.dll (file missing) O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - E:\Program Files\VSToolbar\VSToolBar.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: winhab32 - winhab32.dll (file missing) O20 - Winlogon Notify: Zboard - E:\WINDOWS\SYSTEM32\Winlognotif.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Monday, September 25, 2006 6:41:02 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 25/09/2006 Kaspersky Anti-Virus database records: 213196 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 138649 Number of viruses found: 1 Number of infected objects: 2 / 0 Number of suspicious objects: 0 Duration of the scan process: 00:59:32 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped D:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006091820060925\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006092520060926\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000010.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\A0000002.dll Infected: Trojan.Win32.BHO.g skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\VundoFix Backups\gimwrpmq.dll.bad Infected: Trojan.Win32.BHO.g skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_ec.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped L:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped Scan process completed. Merci A++

salut Régis, voici les 2 rapports Virus total Complete scanning result of "gimwrpmq.dll", received in VirusTotal at 09.24.2006, 15:50:20 (CET). Antivirus Version Update Result AntiVir 7.2.0.18 09.24.2006 TR/BHO.G Authentium 4.93.8 09.23.2006 no virus found Avast 4.7.844.0 09.22.2006 no virus found AVG 386 09.22.2006 no virus found BitDefender 7.2 09.24.2006 no virus found CAT-QuickHeal 8.00 09.22.2006 no virus found ClamAV devel-20060426 09.24.2006 no virus found DrWeb 4.33 09.22.2006 Adware.Duncan eTrust-InoculateIT 23.73.4 09.24.2006 no virus found eTrust-Vet 30.3.3093 09.22.2006 no virus found Ewido 4.0 09.24.2006 Trojan.BHO.g Fortinet 2.82.0.0 09.24.2006 W32/BHO.G!tr F-Prot 3.16f 09.23.2006 no virus found F-Prot4 4.2.1.29 09.23.2006 no virus found Ikarus 0.2.65.0 09.23.2006 no virus found Kaspersky 4.0.2.24 09.24.2006 Trojan.Win32.BHO.g McAfee 4858 09.22.2006 Vundo Microsoft 1.1560 09.24.2006 no virus found NOD32v2 1.1771 09.23.2006 no virus found Norman 5.90.23 09.22.2006 W32/Vundo.gen1 Panda 9.0.0.4 09.24.2006 no virus found Sophos 4.09.0 09.24.2006 no virus found Symantec 8.0 09.24.2006 Trojan.Vundo TheHacker 6.0.1.078 09.24.2006 Trojan/BHO.g UNA 1.83 09.22.2006 Trojan.Win32.BHO.6BDC VBA32 3.11.1 09.24.2006 no virus found VirusBuster 4.3.7:9 09.24.2006 no virus found Online malware Service load: 0% 100% File: gimwrpmq.dll Status: INFECTED/MALWARE MD5 58a95425fbc2575043c3ca4f7600db55 Packers detected: - Scanner results AntiVir Found Trojan/BHO.G ArcaVir Found Adware.Vundo.A2 Avast Found nothing AVG Antivirus Found nothing BitDefender Pas l'air génial tout ça !! Found nothing ClamAV Found nothing Dr.Web Found Adware.Duncan F-Prot Antivirus Found nothing Fortinet Found W32/BHO.G!tr Kaspersky Anti-Virus Found nothing NOD32 Found nothing Norman Virus Control Found W32/Vundo.gen1 UNA Found nothing VirusBuster Found nothing VBA32 Found nothing

Bonjour Regis, Voila qui est fait, ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, September 23, 2006 1:54:10 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 23/09/2006 Kaspersky Anti-Virus database records: 212743 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ N:\ O:\ P:\ Scan Statistics: Total number of scanned objects: 144000 Number of viruses found: 3 Number of infected objects: 6 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:26:46 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006092320060924\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000009.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\gimwrpmq.dll Infected: Trojan.Win32.BHO.g skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6d4.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped Scan process completed.

Salut Regis et voila qui est fait ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 14, 2006 7:36:36 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 14/09/2006 Kaspersky Anti-Virus database records: 210334 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 142641 Number of viruses found: 4 Number of infected objects: 13 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:44:18 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped D:\FOUND.003\FILE0055.CHK Infected: Backdoor.Win32.Hupigon.bxb skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006091420060915\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temp\~DFB1D9.tmp Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000009.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP4\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\EventCache\{616E569D-DD0C-4EB4-BF9B-8DA16E5EC449}.bin Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped E:\WINDOWS\system32\CatRoot2\edbtmp.log Object is locked skipped E:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6ac.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX Mail MS Outlook 5: infected - 6 skipped Scan process completed.

Yo Regis, voila qui est fait et cela donne ceci ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, September 09, 2006 12:49:59 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 9/09/2006 Kaspersky Anti-Virus database records: 209072 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 141927 Number of viruses found: 4 Number of infected objects: 17 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:24:28 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006090920060910\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000009.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP1\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6c0.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX Mail MS Outlook 5: infected - 6 skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx Mail MS Outlook 5: infected - 4 skipped Scan process completed.

Salut Regis, voici le dernier Scan... pas l'air terrible ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Thursday, September 07, 2006 7:31:41 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 7/09/2006 Kaspersky Anti-Virus database records: 208651 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 141524 Number of viruses found: 10 Number of infected objects: 32 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:26:27 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006090720060908\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000009.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP5\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\cfwblurd.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\iycjrobv.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\ntuhmdpc.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/16 Oct 2001 18:10:is licensed, not sold..eml/UNINSTAL.EXE Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/16 Oct 2001 18:10:is licensed, not sold..eml Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/14 Nov 2001 08:05 from planet:Build by Build Details SM56/Cleaned.bat Infected: Email-Worm.Win32.Magistr.b skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments envoyés/12 Mar 2001 19:00 to philippe Vervaet; v.orban@alternet.be; th.d/Prdelky.exe Infected: not-virus:BadJoke.Win32.Pedelky skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments envoyés/08 Aug 2001 16:00 to maurice@renson.be:Fw: Doc1/ATT00073.dat Infected: Email-Worm.Win32.Sircam.c skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Archives/gene/01 Jun 2001 15:18 from Megadif:GregorioFautrigolerRue Vital Fran/unregmp2.exe Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 6 skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX Mail MS Outlook 5: infected - 6 skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 4 Oct 1999 05:19:07 +0200]/UNNAMED/[From "Marguerite Brachmanska (EBR)"][Date Thu, 30 Sep 1999 11:30:58 +0200]/TURKIJE.EXE Infected: not-virus:BadJoke.Win16.Aloap skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 4 Oct 1999 05:19:07 +0200]/UNNAMED Infected: not-virus:BadJoke.Win16.Aloap skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Thierry Dekens" <thierry.dekens@creativeweb.be>][Date Mon, 25 Oct 1999 12:04:16 +0200]/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 25 Oct 1999 19:45:34 +0200]/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments supprimés.dbx Mail MS Outlook 5: infected - 4 skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx Mail MS Outlook 5: infected - 4 skipped Scan process completed.

Bonjour Regis, Voici le rapport de Kaspersky ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Saturday, August 26, 2006 3:27:32 PM Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.83.0 Kaspersky Anti-Virus database last update: 26/08/2006 Kaspersky Anti-Virus database records: 205623 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: standard Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ Scan Statistics: Total number of scanned objects: 140365 Number of viruses found: 15 Number of infected objects: 105 / 0 Number of suspicious objects: 0 Duration of the scan process: 01:15:20 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\3fd20a676afddc079bee95e6afcc5e9f_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\7cffe90875432d6d1e274c1c6bc09865_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\88ce334c3cc67ce99df2b089e83f3259_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\a0baf4d2dde0c64df199794230129e1c_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bef6ec93e2a98f3b5cb3b0e4b9ca73fd_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\bf9a7481e236a90bca2d9d464552518b_9a40dc41-ada2-45f9-9f83-48bf24e6c450 Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\06B70996.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\33C61779.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\44205BD3.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\481D781E.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\633A698B.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\76D80F46.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\783F19BB.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79303CB1.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\793466AE.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\7961327B.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79965242.zip CryptFF: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip ZIP: infected - 4 skipped C:\Program Files\Norton AntiVirus\Quarantine\79E76BE8.zip CryptFF: infected - 4 skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped E:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped E:\Documents and Settings\François\Cookies\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Historique\History.IE5\MSHist012006082620060827\index.dat Object is locked skipped E:\Documents and Settings\François\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\François\NTUSER.DAT Object is locked skipped E:\Documents and Settings\François\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\François\UserData\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Cookies\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped E:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped E:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWDocMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\BWInfopakMap.pht Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chandir.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\chn.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\D0000000.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\inuse.txt Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\L0000008.FCS Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\main.log Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_die.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_dnd.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_ext.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\prs_rcv.idx Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.dat Object is locked skipped E:\Program Files\Logitech\Desktop Messenger\8876480\Users\François\Data\storydb.idx Object is locked skipped E:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP93\A0016671.exe Infected: Trojan-Downloader.Win32.Small.bwy skipped E:\System Volume Information\_restore{1F2D333E-EF67-4F44-814E-E46489AF0BDC}\RP97\change.log Object is locked skipped E:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped E:\WINDOWS\SchedLgU.Txt Object is locked skipped E:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped E:\WINDOWS\Sti_Trace.log Object is locked skipped E:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped E:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped E:\WINDOWS\system32\cfwblurd.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped E:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\default Object is locked skipped E:\WINDOWS\system32\config\default.LOG Object is locked skipped E:\WINDOWS\system32\config\SAM Object is locked skipped E:\WINDOWS\system32\config\SAM.LOG Object is locked skipped E:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\SECURITY Object is locked skipped E:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped E:\WINDOWS\system32\config\software Object is locked skipped E:\WINDOWS\system32\config\software.LOG Object is locked skipped E:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped E:\WINDOWS\system32\config\system Object is locked skipped E:\WINDOWS\system32\config\system.LOG Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Cookies\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped E:\WINDOWS\system32\drivers\dtscsi.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped E:\WINDOWS\system32\drivers\sptd8141.sys Object is locked skipped E:\WINDOWS\system32\h323log.txt Object is locked skipped E:\WINDOWS\system32\iycjrobv.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\ntuhmdpc.exe Infected: Trojan.Win32.Small.ju skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped E:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped E:\WINDOWS\Temp\Perflib_Perfdata_1d8.dat Object is locked skipped E:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped E:\WINDOWS\wiadebug.log Object is locked skipped E:\WINDOWS\wiaservc.log Object is locked skipped E:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0006 Infected: Trojan.Win32.Krepper.ag skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007/data0002 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream/data0007 Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe/stream Infected: Trojan-Downloader.Win32.IstBar.er skipped F:\System Volume Information\_restore{AB4E6112-4A8C-4DE1-9F3C-BA8A15188F42}\RP338\A0070105.exe NSIS: infected - 4 skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/16 Oct 2001 18:10:is licensed, not sold..eml/UNINSTAL.EXE Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/16 Oct 2001 18:10:is licensed, not sold..eml Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments supprimés/14 Nov 2001 08:05 from planet:Build by Build Details SM56/Cleaned.bat Infected: Email-Worm.Win32.Magistr.b skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments envoyés/12 Mar 2001 19:00 to philippe Vervaet; v.orban@alternet.be; th.d/Prdelky.exe Infected: not-virus:BadJoke.Win32.Pedelky skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Éléments envoyés/08 Aug 2001 16:00 to maurice@renson.be:Fw: Doc1/ATT00073.dat Infected: Email-Worm.Win32.Sircam.c skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst/Dossiers personnels/Archives/gene/01 Jun 2001 15:18 from Megadif:GregorioFautrigolerRue Vital Fran/unregmp2.exe Infected: Email-Worm.Win32.Magistr.a skipped L:\disque c\Application Data\Microsoft\Outlook\outlook.pst Mail MS Mail: infected - 6 skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Wed, 23 Jun 1999 20:28:34 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:36:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED/Att1.exe Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX/[From =?iso-8859-1?Q?Fran=E7ois_Semet?= <fr.semet@infonie.be>][Date Sun, 27 Jun 1999 22:38:31 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Boredom skipped L:\disque c\Mes documents\ÉLÉMEN~1.DBX Mail MS Outlook 5: infected - 6 skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 4 Oct 1999 05:19:07 +0200]/UNNAMED/[From "Marguerite Brachmanska (EBR)"][Date Thu, 30 Sep 1999 11:30:58 +0200]/TURKIJE.EXE Infected: not-virus:BadJoke.Win16.Aloap skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 4 Oct 1999 05:19:07 +0200]/UNNAMED Infected: not-virus:BadJoke.Win16.Aloap skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Thierry Dekens" <thierry.dekens@creativeweb.be>][Date Mon, 25 Oct 1999 12:04:16 +0200]/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments supprimés.dbx/[From "Alain Hecq" <alain.hecq@publione.com>][Date Mon, 25 Oct 1999 19:45:34 +0200]/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments supprimés.dbx Mail MS Outlook 5: infected - 4 skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:56:08 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED/Hello(1).exe Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx/[From =?iso-8859-1?B?RnJhbudvaXM=?= <francois.semet@pandora.be>][Date Sun, 24 Oct 1999 19:57:54 +0200]/UNNAMED Infected: not-virus:BadJoke.Win32.Baton.a skipped L:\disque c\Mes documents\Éléments envoyés.dbx Mail MS Outlook 5: infected - 4 skipped Scan process completed. erci A+

Bonjour, voici le dernier log de Panda : Incident Status Location Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/3 Not disinfected C:\Documents and Settings\François\Cookies\françois@3[2].txt Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\François\Cookies\françois@64.62.232[5].txt Spyware:Cookie/888 Not disinfected C:\Documents and Settings\François\Cookies\françois@888[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\François\Cookies\françois@ad.sensismediasmart.com[2].txt Spyware:Cookie/Gorillanation Not disinfected C:\Documents and Settings\François\Cookies\françois@ads.gorillanation[1].txt Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\François\Cookies\françois@adultfriendfinder[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\François\Cookies\françois@atwola[1].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\François\Cookies\françois@azjmp[2].txt Spyware:Cookie/Bns1 Not disinfected C:\Documents and Settings\François\Cookies\françois@bns1[2].txt Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\François\Cookies\françois@c.fsx[1].txt Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\François\Cookies\françois@c3.gostats[2].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\François\Cookies\françois@ccbill[2].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@cdfreaks[2].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@club.cdfreaks[1].txt Spyware:Cookie/Sexsuche Not disinfected C:\Documents and Settings\François\Cookies\françois@counter.sexsuche[2].txt Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\François\Cookies\françois@desktop.kazaa[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[1].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[4].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\François\Cookies\françois@go[1].txt Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\François\Cookies\françois@kount[1].txt Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\François\Cookies\françois@rightmedia[2].txt Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\François\Cookies\françois@tucows[1].txt Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\François\Cookies\françois@webpower[2].txt Spyware:Cookie/ademails Not disinfected C:\Documents and Settings\François\Cookies\françois@www.ademails[2].txt Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\François\Cookies\françois@www.advnt01[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[3].txt Spyware:Cookie/Xiti Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.xiti.com/] Spyware:Cookie/Tradedoubler Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Bluestreak Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Mediaplex Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Falkag Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Comclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Statcounter Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Weborama Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Apmebf Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.apmebf.com/] Spyware:Cookie/Toplist Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.toplist.cz/] Spyware:Cookie/RealMedia Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Adtech Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.adtech.de/] Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.atdmt.com/] Spyware:Cookie/WebtrendsLive Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[statse.webtrendslive.com/] Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix.zip[smitfraudFix/Process.exe] Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Cookies\françois@atdmt[1].txt Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Cookies\françois@doubleclick[1].txt Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Cookies\françois@metriweb[1].txt Spyware:Cookie/Reliablestats Not disinfected E:\Documents and Settings\François\Cookies\françois@stats1.reliablestats[2].txt A+

Yo Regis, un fichier de 2,5 Ko nommé "services.dll" A+

Salut Regis, voila qui est fait. Je me demande si Panda est bien "safe" car avast me dit qu'un fichier est infecté par WIN32:CTX pendant son action. Voici les logs: Incident Status Location Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/DomainSponsor Not disinfected C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/3 Not disinfected C:\Documents and Settings\François\Cookies\françois@3[2].txt Spyware:Cookie/64.62.232 Not disinfected C:\Documents and Settings\François\Cookies\françois@64.62.232[5].txt Spyware:Cookie/888 Not disinfected C:\Documents and Settings\François\Cookies\françois@888[1].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\François\Cookies\françois@ad.sensismediasmart.com[2].txt Spyware:Cookie/Gorillanation Not disinfected C:\Documents and Settings\François\Cookies\françois@ads.gorillanation[1].txt Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\François\Cookies\françois@adultfriendfinder[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\François\Cookies\françois@atwola[1].txt Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\François\Cookies\françois@azjmp[2].txt Spyware:Cookie/Bns1 Not disinfected C:\Documents and Settings\François\Cookies\françois@bns1[2].txt Spyware:Cookie/Barelylegal Not disinfected C:\Documents and Settings\François\Cookies\françois@c.fsx[1].txt Spyware:Cookie/GoStats Not disinfected C:\Documents and Settings\François\Cookies\françois@c3.gostats[2].txt Spyware:Cookie/Ccbill Not disinfected C:\Documents and Settings\François\Cookies\françois@ccbill[2].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@cdfreaks[2].txt Spyware:Cookie/Cd Freaks Not disinfected C:\Documents and Settings\François\Cookies\françois@club.cdfreaks[1].txt Spyware:Cookie/Sexsuche Not disinfected C:\Documents and Settings\François\Cookies\françois@counter.sexsuche[2].txt Spyware:Cookie/Kazaa Networks Not disinfected C:\Documents and Settings\François\Cookies\françois@desktop.kazaa[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[1].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[4].txt Spyware:Cookie/Go Not disinfected C:\Documents and Settings\François\Cookies\françois@go[1].txt Spyware:Cookie/Kount Not disinfected C:\Documents and Settings\François\Cookies\françois@kount[1].txt Spyware:Cookie/Rightmedia Not disinfected C:\Documents and Settings\François\Cookies\françois@rightmedia[2].txt Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\François\Cookies\françois@tucows[1].txt Spyware:Cookie/WebPower Not disinfected C:\Documents and Settings\François\Cookies\françois@webpower[2].txt Spyware:Cookie/ademails Not disinfected C:\Documents and Settings\François\Cookies\françois@www.ademails[2].txt Spyware:Cookie/Advnt Not disinfected C:\Documents and Settings\François\Cookies\françois@www.advnt01[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[1].txt Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\François\Cookies\françois@xiti[3].txt Spyware:Cookie/Comclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[fl01.ct2.comclick.com/] Spyware:Cookie/Xiti Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.xiti.com/] Spyware:Cookie/Statcounter Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Bluestreak Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Mediaplex Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.mediaplex.com/] Spyware:Cookie/Tradedoubler Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Weborama Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.weborama.fr/] Spyware:Cookie/Falkag Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.as-eu.falkag.net/] Spyware:Cookie/Apmebf Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.apmebf.com/] Spyware:Cookie/Toplist Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.toplist.cz/] Spyware:Cookie/RealMedia Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.247realmedia.com/] Spyware:Cookie/Adtech Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.adtech.de/] Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.atdmt.com/] Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.metriweb.be/] Spyware:Cookie/WebtrendsLive Not disinfected E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[statse.webtrendslive.com/] Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix\SmitfraudFix\Process.exe Potentially unwanted tool:Application/Processor Not disinfected E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix.zip[smitfraudFix/Process.exe] Spyware:Cookie/Atlas DMT Not disinfected E:\Documents and Settings\François\Cookies\françois@atdmt[1].txt Spyware:Cookie/Doubleclick Not disinfected E:\Documents and Settings\François\Cookies\françois@doubleclick[2].txt Spyware:Cookie/MetriWeb Not disinfected E:\Documents and Settings\François\Cookies\françois@metriweb[1].txt Spyware:Cookie/Reliablestats Not disinfected E:\Documents and Settings\François\Cookies\françois@stats1.reliablestats[2].txt Spyware:Spyware/Virtumonde Not disinfected E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\services.dll Spyware:Cookie/3 Not disinfected L:\disque c\Cookies\françois@3[2].txt Spyware:Cookie/888 Not disinfected L:\disque c\Cookies\françois@888[1].txt Spyware:Cookie/Gorillanation Not disinfected L:\disque c\Cookies\françois@ads.gorillanation[1].txt Spyware:Cookie/adultfriendfinder Not disinfected L:\disque c\Cookies\françois@adultfriendfinder[2].txt Spyware:Cookie/Azjmp Not disinfected L:\disque c\Cookies\françois@azjmp[2].txt Spyware:Cookie/Beweb Not disinfected L:\disque c\Cookies\françois@beweb[2].txt Spyware:Cookie/Barelylegal Not disinfected L:\disque c\Cookies\françois@c.fsx[1].txt Spyware:Cookie/GoStats Not disinfected L:\disque c\Cookies\françois@c3.gostats[2].txt Spyware:Cookie/Ccbill Not disinfected L:\disque c\Cookies\françois@ccbill[2].txt Spyware:Cookie/Cd Freaks Not disinfected L:\disque c\Cookies\françois@cdfreaks[2].txt Spyware:Cookie/Cd Freaks Not disinfected L:\disque c\Cookies\françois@club.cdfreaks[1].txt Spyware:Cookie/Kazaa Networks Not disinfected L:\disque c\Cookies\françois@desktop.kazaa[2].txt Spyware:Cookie/fe.lea.lycos Not disinfected L:\disque c\Cookies\françois@fe.lea.lycos[1].txt Spyware:Cookie/fe.lea.lycos Not disinfected L:\disque c\Cookies\françois@fe.lea.lycos[2].txt Spyware:Cookie/Go Not disinfected L:\disque c\Cookies\françois@go[1].txt Spyware:Cookie/Rightmedia Not disinfected L:\disque c\Cookies\françois@rightmedia[2].txt Spyware:Cookie/WebPower Not disinfected L:\disque c\Cookies\françois@webpower[2].txt Spyware:Cookie/Xiti Not disinfected L:\disque c\Cookies\françois@xiti[1].txt Logfile of HijackThis v1.99.1 Scan saved at 18:45:18, on 22/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe E:\Program Files\Alwil Software\Avast4\ashServ.exe E:\Program Files\ewido anti-spyware 4.0\guard.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\oodag.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\Explorer.EXE C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\ewido anti-spyware 4.0\ewido.exe E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE E:\Program Files\Internet Explorer\IEXPLORE.EXE E:\Documents and Settings\François\Bureau\Rep infection\hijackthis\HijackThis.exe E:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [!ewido] "E:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe A+

Bonjour, j'ai voulu mettre à jour le firmware de mon graveur dvd pionner 109 et apparement j'ai du faire une mauvaise manoeuvre car celui-ci ne réponds plus depuis Est il possible de faire marche arrière ou de le reprogrammer ou alors c'est poubelle Merci

Yo, Blème ! le programme easycleaner ne se lance pas, j'ai le même problème avec regcleaner !! par contre jv16 power tools fonctionne... puis je employer celui la mais il faut me guider sur les bonnes fonctions A+

Re j'ai beau regarder je ne le trouve pas. il faudra le faire à la main !! A+

Salut Regis le voici Logfile of HijackThis v1.99.1 Scan saved at 18:20:27, on 20/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe E:\Program Files\Alwil Software\Avast4\ashServ.exe E:\Program Files\ewido anti-spyware 4.0\guard.exe E:\WINDOWS\system32\nvsvc32.exe E:\WINDOWS\system32\oodag.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\WINDOWS\system32\RUNDLL32.EXE c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe E:\Program Files\ewido anti-spyware 4.0\ewido.exe E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe E:\WINDOWS\System32\svchost.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE E:\Program Files\Mozilla Firefox\firefox.exe E:\Documents and Settings\François\Bureau\Rep infection\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [!ewido] "E:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [avast!] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://locator.cdn.imageservr.com O15 - Trusted Zone: http://scanner.sysprotect.com O15 - Trusted IP range: http://202.67.220.225 O15 - Trusted IP range: http://59.148.220.121 O15 - Trusted IP range: http://62.4.84.53 O15 - Trusted IP range: http://82.98.235.58 O15 - Trusted IP range: http://85.12.25.90 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe

Salut Regis, depuis le scan en ligne avec Panda, j'ai des fenetres de IE qui s'ouvre (je n'utilise que firefox sauf quand ça marche pas autrement) Voici celle qui vient de s'ouvrir http://www.winantiviruspro.com/pages/newco...&lid=symant est ce bien normal ??? A+

Bonsoir Regis, effectivement les 5 lignes étaient présentes ! Voici le rapport de Panda Incident Statut Analyse Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[fe.lea.lycos.fr/] Spyware:Cookie/DomainSponsor No Désinfecté C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt[landing.domainsponsor.com/] Spyware:Cookie/3 No Désinfecté C:\Documents and Settings\François\Cookies\françois@3[2].txt Spyware:Cookie/64.62.232 No Désinfecté C:\Documents and Settings\François\Cookies\françois@64.62.232[5].txt Spyware:Cookie/888 No Désinfecté C:\Documents and Settings\François\Cookies\françois@888[1].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\François\Cookies\françois@ad.sensismediasmart.com[2].txt Spyware:Cookie/Gorillanation No Désinfecté C:\Documents and Settings\François\Cookies\françois@ads.gorillanation[1].txt Spyware:Cookie/adultfriendfinder No Désinfecté C:\Documents and Settings\François\Cookies\françois@adultfriendfinder[2].txt Spyware:Cookie/Atwola No Désinfecté C:\Documents and Settings\François\Cookies\françois@atwola[1].txt Spyware:Cookie/Azjmp No Désinfecté C:\Documents and Settings\François\Cookies\françois@azjmp[2].txt Spyware:Cookie/Bns1 No Désinfecté C:\Documents and Settings\François\Cookies\françois@bns1[2].txt Spyware:Cookie/Barelylegal No Désinfecté C:\Documents and Settings\François\Cookies\françois@c.fsx[1].txt Spyware:Cookie/GoStats No Désinfecté C:\Documents and Settings\François\Cookies\françois@c3.gostats[2].txt Spyware:Cookie/Ccbill No Désinfecté C:\Documents and Settings\François\Cookies\françois@ccbill[2].txt Spyware:Cookie/Cd Freaks No Désinfecté C:\Documents and Settings\François\Cookies\françois@cdfreaks[2].txt Spyware:Cookie/Cd Freaks No Désinfecté C:\Documents and Settings\François\Cookies\françois@club.cdfreaks[1].txt Spyware:Cookie/Sexsuche No Désinfecté C:\Documents and Settings\François\Cookies\françois@counter.sexsuche[2].txt Spyware:Cookie/Kazaa Networks No Désinfecté C:\Documents and Settings\François\Cookies\françois@desktop.kazaa[2].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[2].txt Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\François\Cookies\françois@fe.lea.lycos[4].txt Spyware:Cookie/Go No Désinfecté C:\Documents and Settings\François\Cookies\françois@go[1].txt Spyware:Cookie/Kount No Désinfecté C:\Documents and Settings\François\Cookies\françois@kount[1].txt Spyware:Cookie/Rightmedia No Désinfecté C:\Documents and Settings\François\Cookies\françois@rightmedia[2].txt Spyware:Cookie/Tucows No Désinfecté C:\Documents and Settings\François\Cookies\françois@tucows[1].txt Spyware:Cookie/WebPower No Désinfecté C:\Documents and Settings\François\Cookies\françois@webpower[2].txt Spyware:Cookie/ademails No Désinfecté C:\Documents and Settings\François\Cookies\françois@www.ademails[2].txt Spyware:Cookie/Advnt No Désinfecté C:\Documents and Settings\François\Cookies\françois@www.advnt01[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\François\Cookies\françois@xiti[1].txt Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\François\Cookies\françois@xiti[3].txt Adware:Adware/SearchRelevancy No Désinfecté C:\Program Files\SearchRelevant\uninstall.exe Outil indésirable:Application/BrilliantDigital No Désinfecté D:\KaZaA\bdcore.dll.updpnd Outil indésirable:Application/BrilliantDigital No Désinfecté D:\KaZaA\bdcore.dll Spyware:Cookie/Xiti No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.xiti.com/] Spyware:Cookie/Bluestreak No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Atlas DMT No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.atdmt.com/] Spyware:Cookie/MetriWeb No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.metriweb.be/] Spyware:Cookie/Tradedoubler No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Doubleclick No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Statcounter No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[.statcounter.com/] Spyware:Cookie/WebtrendsLive No Désinfecté E:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\i9hnghrv.default\cookies.txt[statse.webtrendslive.com/] Outil indésirable:Application/Processor No Désinfecté E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix\SmitfraudFix\Process.exe Outil indésirable:Application/Processor No Désinfecté E:\Documents and Settings\François\Bureau\Rep infection\SmitfraudFix.zip[smitfraudFix/Process.exe] Spyware:Cookie/Atlas DMT No Désinfecté E:\Documents and Settings\François\Cookies\françois@atdmt[2].txt Spyware:Cookie/Doubleclick No Désinfecté E:\Documents and Settings\François\Cookies\françois@doubleclick[1].txt Spyware:Cookie/MetriWeb No Désinfecté E:\Documents and Settings\François\Cookies\françois@metriweb[1].txt Spyware:Spyware/Virtumonde No Désinfecté E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\services.dll Spyware:Cookie/3 No Désinfecté L:\disque c\Cookies\françois@3[2].txt Spyware:Cookie/888 No Désinfecté L:\disque c\Cookies\françois@888[1].txt Spyware:Cookie/Gorillanation No Désinfecté L:\disque c\Cookies\françois@ads.gorillanation[1].txt Spyware:Cookie/adultfriendfinder No Désinfecté L:\disque c\Cookies\françois@adultfriendfinder[2].txt Spyware:Cookie/Azjmp No Désinfecté L:\disque c\Cookies\françois@azjmp[2].txt Spyware:Cookie/Beweb No Désinfecté L:\disque c\Cookies\françois@beweb[2].txt Spyware:Cookie/Barelylegal No Désinfecté L:\disque c\Cookies\françois@c.fsx[1].txt Spyware:Cookie/GoStats No Désinfecté L:\disque c\Cookies\françois@c3.gostats[2].txt Spyware:Cookie/Ccbill No Désinfecté L:\disque c\Cookies\françois@ccbill[2].txt Spyware:Cookie/Cd Freaks No Désinfecté L:\disque c\Cookies\françois@cdfreaks[2].txt Spyware:Cookie/Cd Freaks No Désinfecté L:\disque c\Cookies\françois@club.cdfreaks[1].txt Spyware:Cookie/Kazaa Networks No Désinfecté L:\disque c\Cookies\françois@desktop.kazaa[2].txt Spyware:Cookie/fe.lea.lycos No Désinfecté L:\disque c\Cookies\françois@fe.lea.lycos[1].txt Spyware:Cookie/fe.lea.lycos No Désinfecté L:\disque c\Cookies\françois@fe.lea.lycos[2].txt Spyware:Cookie/Go No Désinfecté L:\disque c\Cookies\françois@go[1].txt Spyware:Cookie/Rightmedia No Désinfecté L:\disque c\Cookies\françois@rightmedia[2].txt Spyware:Cookie/WebPower No Désinfecté L:\disque c\Cookies\françois@webpower[2].txt Spyware:Cookie/Xiti

Bonjour Regis, Voici le rapport de Blacklight, pour info je n'ai pas vu d"option pour scan through win.... 08/18/06 17:37:14 [info]: BlackLight Engine 1.0.46 initialized 08/18/06 17:37:14 [info]: OS: 5.1 build 2600 (Service Pack 2) 08/18/06 17:37:14 [Note]: 7019 4 08/18/06 17:37:14 [Note]: 7005 0 08/18/06 17:37:36 [Note]: 7006 0 08/18/06 17:37:36 [Note]: 7011 436 08/18/06 17:37:36 [Note]: 7026 0 08/18/06 17:37:36 [Note]: 7026 0 08/18/06 17:37:36 [Note]: 7015 2036 08/18/06 17:37:36 [Note]: 7015 87 08/18/06 17:37:41 [Note]: FSRAW library version 1.7.1019 08/18/06 17:38:57 [Note]: 7007 0 Merci A+

Bon j'espere en etre débarassé !!! voici les 3 rapports SmitFraudFix v2.81 Rapport fait à 19:23:23,12, jeu. 17/08/2006 Executé à partir de E:\Documents and Settings\Fran‡ois\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri E:\WINDOWS\system32\urroxtl.dll -> Missing File »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés E:\WINDOWS\system32\ixt?.dll supprimé E:\WINDOWS\system32\ot.ico supprimé E:\DOCUME~1\FRANOI~1\Favoris\Antivirus Test Online.url supprimé E:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé E:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of HijackThis v1.99.1 Scan saved at 20:53:16, on 17/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\ewido anti-spyware 4.0\guard.exe E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe E:\WINDOWS\system32\nvsvc32.exe E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\WINDOWS\system32\oodag.exe E:\Program Files\ewido anti-spyware 4.0\ewido.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe E:\Program Files\Logitech\SetPoint\SetPoint.exe E:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\wuauclt.exe E:\Program Files\Norton AntiVirus\navapsvc.exe E:\Program Files\Mozilla Firefox\firefox.exe E:\Program Files\Messenger\msmsgs.exe E:\Program Files\Internet Explorer\iexplore.exe E:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [!ewido] "E:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: http://www.amaena.com O15 - Trusted Zone: http://*.systemdoctor.com O15 - Trusted Zone: http://www.winantivirus.com O15 - Trusted Zone: http://www.winantiviruspro.com O15 - Trusted Zone: http://download.cdn.winsoftware.com O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - E:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 20:40:28 17/08/2006 + Scan result: HKU\S-1-5-21-117609710-343818398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : Cleaned with backup (quarantined). HKU\S-1-5-21-117609710-343818398-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{873EB32D-AE1A-4183-89BD-45A77F761BE4} -> Adware.Generic : Cleaned with backup (quarantined). C:\Program Files\SearchRelevant\SearchRelevant.dll -> Adware.Relevance : Cleaned with backup (quarantined). E:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined). E:\WINDOWS\system32\jkkiihh.dll -> Adware.Virtumonde : Cleaned with backup (quarantined). F:\disque H\download\windvd\crack\WinDVD_v3.00_build_57.zip/windvd.crack.30057.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined). F:\disque H\download\windvd\crack\windvd.crack.30057.exe -> Backdoor.Theef.111 : Cleaned with backup (quarantined). :mozilla.194:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.195:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.196:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.197:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.198:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.175:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.176:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.177:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.178:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.179:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.180:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.181:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.183:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.184:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.185:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.186:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.272:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\François\Cookies\françois@microsoftwga.112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\François\Cookies\françois@ad.adition[1].txt -> TrackingCookie.Adition : Cleaned. :mozilla.61:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.64:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.67:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adserver : Cleaned. :mozilla.143:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.146:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.273:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.276:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.278:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.279:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.854:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adviva : Cleaned. :mozilla.855:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Adviva : Cleaned. :mozilla.275:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.433:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. C:\Documents and Settings\François\Cookies\françois@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned. L:\disque c\Cookies\françois@www.burstbeacon[2].txt -> TrackingCookie.Burstbeacon : Cleaned. C:\Documents and Settings\François\Cookies\françois@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. L:\disque c\Cookies\françois@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.65:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.66:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.68:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.69:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.724:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned. C:\Documents and Settings\François\Cookies\françois@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\François\Cookies\françois@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned. L:\disque c\Cookies\françois@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned. C:\Documents and Settings\François\Cookies\françois@com[2].txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\François\Cookies\françois@com[3].txt -> TrackingCookie.Com : Cleaned. L:\disque c\Cookies\françois@com[2].txt -> TrackingCookie.Com : Cleaned. :mozilla.57:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.58:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.59:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.60:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.841:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned. :mozilla.90:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. C:\Documents and Settings\François\Cookies\françois@c.enhance[2].txt -> TrackingCookie.Enhance : Cleaned. :mozilla.100:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.101:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.102:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.103:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.104:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.105:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.106:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.122:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.129:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.213:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.227:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.228:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.303:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.320:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.341:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.372:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.373:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.374:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.377:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.378:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.381:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.397:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.398:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.406:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.407:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.408:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.409:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.410:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.434:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.435:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.439:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.440:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.441:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.454:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.455:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.456:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.468:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.469:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.471:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.472:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.473:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.475:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.476:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.482:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.486:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.487:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.488:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.514:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.544:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.566:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.567:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.568:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.569:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.570:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.571:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.572:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.573:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.574:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.575:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.576:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.578:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.579:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.580:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.581:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.606:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.610:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.627:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.638:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.639:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.656:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.657:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.658:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.659:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.661:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.662:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.663:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.664:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.665:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.672:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.673:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.685:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.686:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.687:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.693:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.694:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.695:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.696:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.697:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.698:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.701:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.703:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.707:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.728:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.729:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.730:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.733:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.734:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.735:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.748:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.755:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.756:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.784:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.785:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.789:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.791:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.792:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.793:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.794:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.795:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.796:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.799:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.800:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.801:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.802:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.803:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.804:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.805:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.806:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.807:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.808:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.809:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.810:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.811:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.812:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.813:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.814:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.815:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.816:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.817:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.818:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.835:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.836:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.837:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.846:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.847:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.867:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.876:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.877:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.878:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.882:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned. :mozilla.885:C:\Documents and Settings\François\Application Data\Mozilla\Firefox\Profiles\uuoh3u97.default\cookies.txt -> TrackingCookie.

SmitFraudFix v2.81 Rapport fait à 19:14:58,90, jeu. 17/08/2006 Executé à partir de E:\Documents and Settings\Fran‡ois\Bureau\SmitfraudFix\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» E:\ »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32 E:\WINDOWS\system32\ixt?.dll PRESENT ! E:\WINDOWS\system32\ixt??.dll PRESENT ! E:\WINDOWS\system32\ot.ico PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» E:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» E:\Documents and Settings\Fran‡ois\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer E:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT ! E:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» E:\DOCUME~1\FRANOI~1\Favoris E:\DOCUME~1\FRANOI~1\Favoris\Antivirus Test Online.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» E:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}" »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin

Up

Bonjour, Eh oui je me suis fait avoir... bref. Après avoir suivi vos instructions (scan avr,etc..) voici le log obtenu Logfile of HijackThis v1.99.1 Scan saved at 20:53:18, on 16/08/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\system32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe E:\WINDOWS\Explorer.EXE E:\WINDOWS\system32\spoolsv.exe C:\Program Files\Ideazon\Zboard Software\Driver\ZboardTray.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Norton AntiVirus\navapsvc.exe E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe E:\WINDOWS\system32\nvsvc32.exe c:\Program Files\Ideazon\Zboard Software\Driver\Zboard.exe E:\WINDOWS\system32\oodag.exe E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe E:\Program Files\Fichiers communs\{A04AC051-0BBE-2060-0426-050614020020}\Update.exe E:\WINDOWS\system32\ctfmon.exe E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe E:\WINDOWS\system32\svchost.exe E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\wuauclt.exe E:\Program Files\Internet Explorer\iexplore.exe E:\HijackThis\HijackThis.exe E:\Program Files\Messenger\msmsgs.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [sunJavaUpdateSched] E:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe O18 - Protocol: bw+0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "E:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {268AEAE2-8C31-4939-8DB6-54137E039094} - E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - E:\WINDOWS\system32\urroxtl.dll (file missing) O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - E:\WINDOWS\system32\oodag.exe O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe Merci pour l'aide A+