Aller au contenu

12cylindres

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    27

  • Inscription

  • Dernière visite

À propos de 12cylindres

  • Date de naissance 09/01/1970

Contact Methods

  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Sexe
    Male
  • Localisation
    suisse

Autres informations

  • Mes langues
    Français

12cylindres's Achievements

Member

Member (4/12)

0

Réputation sur la communauté

  1. 12cylindres
    Merci pur toutes ces reponses pear voici le rapport du scan Rapport de ZHPFix 2013.3.9.1 par Nicolas Coolman, Update du 9/03/2013 Fichier d'export Registre : Run by Parents at 05.05.2013 17:14:21 High Elevated Privileges : OK Windows XP Home Edition Service Pack 3 (Build 2600) Corbeille vidée ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\bbrs_002.tb SUPPRIME Key: HKLM\Software\Trymedia Systems SUPPRIME Key: HKCU\Software\BlabbersToolbar SUPPRIME Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} SUPPRIME Key: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179} SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179} SUPPRIME CLSID MPSK: {3387b203-3650-11df-957c-0013723361d4} SUPPRIME CLSID MPSK: {82f5df04-3886-11e2-9885-0013723361d4} SUPPRIME Key: HKCU\Software\AppDataLow\Software\Eazel-FR SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ========== Valeur(s) du Registre ========== SUPPRIME AAKE KeyValue: C:\Program Files\YourFileDownloader\Downloader.exe SUPPRIME AAKE KeyValue: C:\Program Files\YourFileDownloader\YourFile.exe SUPPRIME AAKE KeyValue: C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe SUPPRIME FirewallRaz (SP) : %windir%\system32\sessmgr.exe SUPPRIME FirewallRaz (SP) : C:\Program Files\GameSpy Arcade\Aphex.exe SUPPRIME FirewallRaz (SP) : C:\Program Files\VideoLAN\VLC\vlc.exe SUPPRIME FirewallRaz (SP) : C:\Program Files\Electronic Arts\EADM\Core.exe SUPPRIME FirewallRaz (DP) : %windir%\system32\sessmgr.exe Aucune valeur présente dans la clé d'exception du registre (FirewallRaz) ProxyFix : Configuration proxy supprimée avec succès SUPPRIME ProxyServer Value SUPPRIME ProxyEnable Value SUPPRIME EnableHttp1_1 Value SUPPRIME ProxyHttp1.1 Value SUPPRIME ProxyOverride Value ========== Dossier(s) ========== Aucun dossiers CLSID Local utilisateur vide ========== Fichier(s) ========== ABSENT File: c:\program files\yourfiledownloader\downloader.exe ABSENT File: c:\program files\yourfiledownloader\yourfile.exe ABSENT File: c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Fichier HOSTS ========== Le fichier Hosts n'est pas réparé, veuillez désactiver votre antivirus. ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Autre ========== NON TRAITE detected hooks: ========== Récapitulatif ========== 11 : Clé(s) du Registre 15 : Valeur(s) du Registre 1 : Dossier(s) 5 : Fichier(s) 1 : Fichier HOSTS 1 : Restauration Système 1 : Autre End of clean in 00mn 12s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 05.05.2013 17:14:21 [2993] salutations
  2. 12cylindres
    j ai bien compris pear, voici les resultatdes scan avec ADV Cleaner # AdwCleaner v2.300 - Rapport créé le 05/05/2013 à 11:06:53 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Parents - FERRARI-HOME # Mode de démarrage : Normal # Exécuté depuis : C:\Documents and Settings\Parents\Mes documents\Téléchargements\adwcleaner.exe # Option [Recherche] ***** [services] ***** Présent : Browser Manager ***** [Fichiers / Dossiers] ***** Dossier Présent : C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon Dossier Présent : C:\Documents and Settings\All Users.WINDOWS\Application Data\Browser Manager Dossier Présent : C:\Documents and Settings\All Users.WINDOWS\Application Data\eType Manager Dossier Présent : C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer Dossier Présent : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\extensions\crossriderapp4479@crossrider.com Dossier Présent : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\extensions\crossriderapp4479@crossrider.com Dossier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Babylon Dossier Présent : C:\Documents and Settings\miguel ferrari\Application Data\BabylonToolbar Dossier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\extensions\crossriderapp4479@crossrider.com Dossier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\extensions\crossriderapp4479@crossrider.com Dossier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\extensions\ffxtlbr@babylon.com Dossier Présent : C:\Documents and Settings\miguel ferrari\Local Settings\Application Data\Giant Savings Dossier Présent : C:\Documents and Settings\Parents\Application Data\Babylon Dossier Présent : C:\Documents and Settings\Parents\Application Data\BrowserCompanion Dossier Présent : C:\Documents and Settings\Parents\Application Data\eType Dossier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} Dossier Présent : C:\Documents and Settings\Parents\Application Data\PerformerSoft Dossier Présent : C:\Documents and Settings\Parents\Application Data\yourfiledownloader Dossier Présent : C:\Documents and Settings\Parents\Local Settings\Application Data\APN Dossier Présent : C:\Program Files\BrowserCompanion Fichier Présent : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\bprotector_extensions.sqlite Fichier Présent : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\bprotector_prefs.js Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\bprotector_extensions.sqlite Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\bprotector_prefs.js Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\BrowserMngr_extensions.sqlite Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\browsermngr_prefs.js Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\Babylon.xml Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\BabylonMngr.xml Fichier Présent : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\bProtect.xml Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bProtector_extensions.rdf Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bprotector_extensions.sqlite Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bprotector_prefs.js Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\Askcom.xml Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\Babylon.xml Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\bProtect.xml Fichier Présent : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\SweetIm.xml Fichier Présent : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Présent : C:\user.js ***** [Registre] ***** Clé Présente : HKCU\Software\5a68d8fb23de544 Clé Présente : HKCU\Software\Blabbers Clé Présente : HKCU\Software\bProtector Clé Présente : HKCU\Software\BrowserMngr Clé Présente : HKCU\Software\DataMngr Clé Présente : HKCU\Software\InstallCore Clé Présente : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Rechercher sur le Web Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Présente : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Présente : HKCU\Software\Softonic Clé Présente : HKCU\Software\YourFileDownloader Clé Présente : HKLM\SOFTWARE\5a68d8fb23de544 Clé Présente : HKLM\Software\Babylon Clé Présente : HKLM\Software\BrowserMngr Clé Présente : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Clé Présente : HKLM\SOFTWARE\Classes\Prod.cap Clé Présente : HKLM\Software\DataMngr Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj Clé Présente : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Clé Présente : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Clé Présente : HKLM\Software\Tarma Installer Clé Présente : HKLM\Software\YourFileDownloader Clé Présente : HKU\S-1-5-21-746137067-484061587-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Présente : HKU\S-1-5-21-746137067-484061587-725345543-1004\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Donnée Présente : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1.win\applic~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page] Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [Navigateurs] ***** -\\ Internet Explorer v6.0.2900.5512 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=HP_ss&mntrId=10cf61950000000000000013723361d4 [HKCU\Software\Microsoft\Internet Explorer\Main - BrowserMngr Start Page] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=HP_ss&mntrId=10cf61950000000000000013723361d4 [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=HP_ss&mntrId=10cf61950000000000000013723361d4 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=NT_ss&mntrId=10cf61950000000000000013723361d4 -\\ Mozilla Firefox v21.0 (fr) Fichier : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\prefs.js Présente : user_pref("extensions.crossriderapp4479.adsOldValue", -1); Fichier : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\prefs.js Présente : user_pref("browser.search.order.1", "Ask.com"); Présente : user_pref("extensions.BabylonToolbar.admin", false); Présente : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Présente : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Présente : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Présente : user_pref("extensions.BabylonToolbar.babExt", ""); Présente : user_pref("extensions.BabylonToolbar.babTrack", "affID=115881&tt=270912_7a_3912_7"); Présente : user_pref("extensions.BabylonToolbar.babext", "babExt"); Présente : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Présente : user_pref("extensions.BabylonToolbar.bbDpng", "8"); Présente : user_pref("extensions.BabylonToolbar.cntry", "CH"); Présente : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Présente : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Présente : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Présente : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Présente : user_pref("extensions.BabylonToolbar.excTlbr", false); Présente : user_pref("extensions.BabylonToolbar.firstrun", false); Présente : user_pref("extensions.BabylonToolbar.hdrMd5", "9B8634D1330D4189FF4809C4C95AE75B"); Présente : user_pref("extensions.BabylonToolbar.hmpg", false); Présente : user_pref("extensions.BabylonToolbar.hrdid", "10cf61950000000000000013723361d4"); Présente : user_pref("extensions.BabylonToolbar.id", "10cf61950000000000000013723361d4"); Présente : user_pref("extensions.BabylonToolbar.instlDay", "15611"); Présente : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Présente : user_pref("extensions.BabylonToolbar.instlday", "15611"); Présente : user_pref("extensions.BabylonToolbar.instlref", "sst"); Présente : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); Présente : user_pref("extensions.BabylonToolbar.keywordurl", ""); Présente : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1212:39:53"); Présente : user_pref("extensions.BabylonToolbar.lastdp", 7); Présente : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Présente : user_pref("extensions.BabylonToolbar.newTab", false); Présente : user_pref("extensions.BabylonToolbar.newtab", "false"); Présente : user_pref("extensions.BabylonToolbar.newtaburl", ""); Présente : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"36\",\"lastVrsn\":\"36\",\"vrsnLoad\[...] Présente : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Présente : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Présente : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Présente : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Présente : user_pref("extensions.BabylonToolbar.sg", "azb"); Présente : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Présente : user_pref("extensions.BabylonToolbar.smplgrp", "azb"); Présente : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Présente : user_pref("extensions.BabylonToolbar.srcext", "ss"); Présente : user_pref("extensions.BabylonToolbar.srch", ""); Présente : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Présente : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Présente : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Présente : user_pref("extensions.BabylonToolbar.tlbrid", "base"); Présente : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Présente : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Présente : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1212:39:53"); Présente : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Présente : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1212:39:53"); Présente : user_pref("extensions.BabylonToolbar_i.babExt", ""); Présente : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115881&tt=270912_7a_3912_7"); Présente : user_pref("extensions.BabylonToolbar_i.newTab", false); Présente : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Présente : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Présente : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1212:39:53"); Présente : user_pref("extensions.crossriderapp4479@crossrider.com.install-event-fired", true); Présente : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); Présente : user_pref("extensions.toolbar@ask.com.install-event-fired", true); Présente : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", ""); Présente : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Présente : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.babylon.com/?affID=115[...] Présente : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10015"); Fichier : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\prefs.js Présente : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113357&tt=040912_ccp_3712_1&babsrc[...] Présente : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Présente : user_pref("browser.search.order.1", "Search the web (Babylon)"); Présente : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&b[...] Présente : user_pref("extensions.BabylonToolbar.admin", false); Présente : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Présente : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Présente : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Présente : user_pref("extensions.BabylonToolbar.babExt", ""); Présente : user_pref("extensions.BabylonToolbar.babTrack", "affID=113357&tt=040912_ccp_3712_1"); Présente : user_pref("extensions.BabylonToolbar.babext", "babExt"); Présente : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Présente : user_pref("extensions.BabylonToolbar.bbDpng", "4"); Présente : user_pref("extensions.BabylonToolbar.cntry", "CH"); Présente : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Présente : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Présente : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Présente : user_pref("extensions.BabylonToolbar.dp_alert", "0"); Présente : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Présente : user_pref("extensions.BabylonToolbar.excTlbr", false); Présente : user_pref("extensions.BabylonToolbar.firstrun", false); Présente : user_pref("extensions.BabylonToolbar.hdrMd5", "B03A0A1304A05532C40EDAECA86A36CC"); Présente : user_pref("extensions.BabylonToolbar.hmpg", false); Présente : user_pref("extensions.BabylonToolbar.hrdid", "10cf61950000000000000013723361d4"); Présente : user_pref("extensions.BabylonToolbar.id", "10cf61950000000000000013723361d4"); Présente : user_pref("extensions.BabylonToolbar.instlDay", "15593"); Présente : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Présente : user_pref("extensions.BabylonToolbar.instlday", "15593"); Présente : user_pref("extensions.BabylonToolbar.instlref", "sst"); Présente : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); Présente : user_pref("extensions.BabylonToolbar.keywordurl", ""); Présente : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1217:00:08"); Présente : user_pref("extensions.BabylonToolbar.lastdp", 24); Présente : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Présente : user_pref("extensions.BabylonToolbar.newTab", false); Présente : user_pref("extensions.BabylonToolbar.newtab", "false"); Présente : user_pref("extensions.BabylonToolbar.newtaburl", ""); Présente : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Présente : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Présente : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Présente : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Présente : user_pref("extensions.BabylonToolbar.sg", "azb"); Présente : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Présente : user_pref("extensions.BabylonToolbar.smplgrp", "azb"); Présente : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Présente : user_pref("extensions.BabylonToolbar.srcext", "ss"); Présente : user_pref("extensions.BabylonToolbar.srch", ""); Présente : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Présente : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Présente : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Présente : user_pref("extensions.BabylonToolbar.tlbrid", "tb9"); Présente : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Présente : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Présente : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1217:00:08"); Présente : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Présente : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1217:00:08"); Présente : user_pref("extensions.BabylonToolbar_i.babExt", ""); Présente : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113357&tt=040912_ccp_3712_1"); Présente : user_pref("extensions.BabylonToolbar_i.newTab", false); Présente : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Présente : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Présente : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1217:00:08"); Présente : user_pref("extensions.crossriderapp4479@crossrider.com.install-event-fired", true); Présente : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); Présente : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=113357&tt=040912_ccp_3712_1&babsrc=KW_ss&[...] ************************* AdwCleaner[R2].txt - [20021 octets] - [05/05/2013 10:27:05] AdwCleaner[R3].txt - [19951 octets] - [05/05/2013 11:06:53] ########## EOF - C:\AdwCleaner[R3].txt - [20012 octets] ########## le second # AdwCleaner v2.300 - Rapport créé le 05/05/2013 à 11:10:35 # Mis à jour le 28/04/2013 par Xplode # Système d'exploitation : Microsoft Windows XP Service Pack 3 (32 bits) # Nom d'utilisateur : Parents - FERRARI-HOME # Mode de démarrage : Normal # Exécuté depuis : C:\Documents and Settings\Parents\Mes documents\Téléchargements\adwcleaner.exe # Option [suppression] ***** [services] ***** Arrêté & Supprimé : Browser Manager ***** [Fichiers / Dossiers] ***** Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Babylon Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Browser Manager Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\eType Manager Dossier Supprimé : C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer Dossier Supprimé : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\extensions\crossriderapp4479@crossrider.com Dossier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Babylon Dossier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\BabylonToolbar Dossier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\extensions\crossriderapp4479@crossrider.com Dossier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\extensions\ffxtlbr@babylon.com Dossier Supprimé : C:\Documents and Settings\miguel ferrari\Local Settings\Application Data\Giant Savings Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\Babylon Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\BrowserCompanion Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\eType Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\PerformerSoft Dossier Supprimé : C:\Documents and Settings\Parents\Application Data\yourfiledownloader Dossier Supprimé : C:\Documents and Settings\Parents\Local Settings\Application Data\APN Dossier Supprimé : C:\Program Files\BrowserCompanion Fichier Supprimé : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\bprotector_extensions.sqlite Fichier Supprimé : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\bprotector_prefs.js Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\bprotector_extensions.sqlite Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\bprotector_prefs.js Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\BrowserMngr_extensions.sqlite Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\browsermngr_prefs.js Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\Babylon.xml Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\BabylonMngr.xml Fichier Supprimé : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\searchplugins\bProtect.xml Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bProtector_extensions.rdf Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bprotector_extensions.sqlite Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\bprotector_prefs.js Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\Askcom.xml Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\Babylon.xml Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\bProtect.xml Fichier Supprimé : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\searchplugins\SweetIm.xml Fichier Supprimé : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml Fichier Supprimé : C:\user.js ***** [Registre] ***** Clé Supprimée : HKCU\Software\5a68d8fb23de544 Clé Supprimée : HKCU\Software\Blabbers Clé Supprimée : HKCU\Software\bProtector Clé Supprimée : HKCU\Software\BrowserMngr Clé Supprimée : HKCU\Software\DataMngr Clé Supprimée : HKCU\Software\InstallCore Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Rechercher sur le Web Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Clé Supprimée : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Clé Supprimée : HKCU\Software\Softonic Clé Supprimée : HKCU\Software\YourFileDownloader Clé Supprimée : HKLM\SOFTWARE\5a68d8fb23de544 Clé Supprimée : HKLM\Software\Babylon Clé Supprimée : HKLM\Software\BrowserMngr Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Clé Supprimée : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Clé Supprimée : HKLM\SOFTWARE\Classes\Prod.cap Clé Supprimée : HKLM\Software\DataMngr Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj Clé Supprimée : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Clé Supprimée : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Clé Supprimée : HKLM\Software\Tarma Installer Clé Supprimée : HKLM\Software\YourFileDownloader Donnée Supprimée : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1.win\applic~1\browse~1\261123~1.78\{16cdf~1\browse~1.dll Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Main [browserMngr Start Page] Valeur Supprimée : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [Navigateurs] ***** -\\ Internet Explorer v6.0.2900.5512 Remplacé : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=HP_ss&mntrId=10cf61950000000000000013723361d4 --> hxxp://www.google.com Remplacé : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&babsrc=NT_ss&mntrId=10cf61950000000000000013723361d4 --> hxxp://www.google.com -\\ Mozilla Firefox v21.0 (fr) Fichier : C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\Mozilla\Firefox\Profiles\lx1m9l4o.default\prefs.js Supprimée : user_pref("extensions.crossriderapp4479.adsOldValue", -1); Fichier : C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\prefs.js C:\Documents and Settings\Parents\Application Data\Mozilla\Firefox\Profiles\mc5bq00m.default\user.js ... Supprimé ! Supprimée : user_pref("browser.search.order.1", "Ask.com"); Supprimée : user_pref("extensions.BabylonToolbar.admin", false); Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Supprimée : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Supprimée : user_pref("extensions.BabylonToolbar.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar.babTrack", "affID=115881&tt=270912_7a_3912_7"); Supprimée : user_pref("extensions.BabylonToolbar.babext", "babExt"); Supprimée : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", "8"); Supprimée : user_pref("extensions.BabylonToolbar.cntry", "CH"); Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Supprimée : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false); Supprimée : user_pref("extensions.BabylonToolbar.firstrun", false); Supprimée : user_pref("extensions.BabylonToolbar.hdrMd5", "9B8634D1330D4189FF4809C4C95AE75B"); Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false); Supprimée : user_pref("extensions.BabylonToolbar.hrdid", "10cf61950000000000000013723361d4"); Supprimée : user_pref("extensions.BabylonToolbar.id", "10cf61950000000000000013723361d4"); Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15611"); Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.instlday", "15611"); Supprimée : user_pref("extensions.BabylonToolbar.instlref", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); Supprimée : user_pref("extensions.BabylonToolbar.keywordurl", ""); Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1212:39:53"); Supprimée : user_pref("extensions.BabylonToolbar.lastdp", 7); Supprimée : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Supprimée : user_pref("extensions.BabylonToolbar.newTab", false); Supprimée : user_pref("extensions.BabylonToolbar.newtab", "false"); Supprimée : user_pref("extensions.BabylonToolbar.newtaburl", ""); Supprimée : user_pref("extensions.BabylonToolbar.pnu_base", "{\"newVrsn\":\"36\",\"lastVrsn\":\"36\",\"vrsnLoad\[...] Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Supprimée : user_pref("extensions.BabylonToolbar.sg", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.smplgrp", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar.srcext", "ss"); Supprimée : user_pref("extensions.BabylonToolbar.srch", ""); Supprimée : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Supprimée : user_pref("extensions.BabylonToolbar.tlbrid", "base"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Supprimée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1212:39:53"); Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Supprimée : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1212:39:53"); Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115881&tt=270912_7a_3912_7"); Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", false); Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1212:39:53"); Supprimée : user_pref("extensions.crossriderapp4479@crossrider.com.install-event-fired", true); Supprimée : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); Supprimée : user_pref("extensions.toolbar@ask.com.install-event-fired", true); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", ""); Supprimée : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Supprimée : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://search.babylon.com/?affID=115[...] Supprimée : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10015"); Fichier : C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\prefs.js C:\Documents and Settings\miguel ferrari\Application Data\Mozilla\Firefox\Profiles\toflj0e4.default\user.js ... Supprimé ! Supprimée : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=113357&tt=040912_ccp_3712_1&babsrc[...] Supprimée : user_pref("browser.search.defaultenginename", "Search the web (Babylon)"); Supprimée : user_pref("browser.search.order.1", "Search the web (Babylon)"); Supprimée : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=115881&tt=270912_7a_3912_7&b[...] Supprimée : user_pref("extensions.BabylonToolbar.admin", false); Supprimée : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Supprimée : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Supprimée : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Supprimée : user_pref("extensions.BabylonToolbar.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar.babTrack", "affID=113357&tt=040912_ccp_3712_1"); Supprimée : user_pref("extensions.BabylonToolbar.babext", "babExt"); Supprimée : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Supprimée : user_pref("extensions.BabylonToolbar.bbDpng", "4"); Supprimée : user_pref("extensions.BabylonToolbar.cntry", "CH"); Supprimée : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Supprimée : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Supprimée : user_pref("extensions.BabylonToolbar.dp_alert", "0"); Supprimée : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Supprimée : user_pref("extensions.BabylonToolbar.excTlbr", false); Supprimée : user_pref("extensions.BabylonToolbar.firstrun", false); Supprimée : user_pref("extensions.BabylonToolbar.hdrMd5", "B03A0A1304A05532C40EDAECA86A36CC"); Supprimée : user_pref("extensions.BabylonToolbar.hmpg", false); Supprimée : user_pref("extensions.BabylonToolbar.hrdid", "10cf61950000000000000013723361d4"); Supprimée : user_pref("extensions.BabylonToolbar.id", "10cf61950000000000000013723361d4"); Supprimée : user_pref("extensions.BabylonToolbar.instlDay", "15593"); Supprimée : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.instlday", "15593"); Supprimée : user_pref("extensions.BabylonToolbar.instlref", "sst"); Supprimée : user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); Supprimée : user_pref("extensions.BabylonToolbar.keywordurl", ""); Supprimée : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1217:00:08"); Supprimée : user_pref("extensions.BabylonToolbar.lastdp", 24); Supprimée : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Supprimée : user_pref("extensions.BabylonToolbar.newTab", false); Supprimée : user_pref("extensions.BabylonToolbar.newtab", "false"); Supprimée : user_pref("extensions.BabylonToolbar.newtaburl", ""); Supprimée : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Supprimée : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Supprimée : user_pref("extensions.BabylonToolbar.sg", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.smplGrp", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.smplgrp", "azb"); Supprimée : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar.srcext", "ss"); Supprimée : user_pref("extensions.BabylonToolbar.srch", ""); Supprimée : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Supprimée : user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Supprimée : user_pref("extensions.BabylonToolbar.tlbrid", "tb9"); Supprimée : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Supprimée : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Supprimée : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1217:00:08"); Supprimée : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Supprimée : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1217:00:08"); Supprimée : user_pref("extensions.BabylonToolbar_i.babExt", ""); Supprimée : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113357&tt=040912_ccp_3712_1"); Supprimée : user_pref("extensions.BabylonToolbar_i.newTab", false); Supprimée : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Supprimée : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Supprimée : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1217:00:08"); Supprimée : user_pref("extensions.crossriderapp4479@crossrider.com.install-event-fired", true); Supprimée : user_pref("extensions.ffxtlbr@babylon.com.install-event-fired", true); Supprimée : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=113357&tt=040912_ccp_3712_1&babsrc=KW_ss&[...] ************************* AdwCleaner[R2].txt - [20021 octets] - [05/05/2013 10:27:05] AdwCleaner[R3].txt - [20082 octets] - [05/05/2013 11:06:53] AdwCleaner[s4].txt - [19529 octets] - [05/05/2013 11:10:35] ########## EOF - C:\AdwCleaner[s4].txt - [19590 octets] ########## et le lien du rapport ZHP Diag pjjoint.malekal.com - Submit a file meilleures salutations
  3. 12cylindres
    Bonsoir Pear, merci de votre rapidite voici le rapport de ZHPDiag.
  4. 12cylindres
    bonjour a tous je ne sais pas ci je suis au bon endroit, mais j ai plusieurs sujet a voir : mon PC est configure ainsi : microsoft xp famille /pack3 avira comme antivirus voila depuis qelques jours mon pc est d'une lenteur incroyable 10 min pour l'ouvrir. quand il charge une page web (ne reponds pas)etcc j ai bien deja essayer de le defragmenter mais ca ne suffit pas. j ai essayer de le nettoyer, mais je retombe tjs sur ces lenteurs lors de recherches de virus, avira me dit de travailler sur l'amorce? car il trouve un virus cache ? mais rien danns le dissque c d'autre part je souhaiterai supprimer l'entier d un dossier entrant (mais la reponse est tojous impossible) il s'agit d ' un ancien utilisateur merci d'avance
  5. 12cylindres
    Bonjour a tous Depuis quelques jours j'ai des pub qui s'ouvrent automatiquement a période réguliaire. J'utilise Antivir, Windows XP3 et j'ai déja essaye de suprrimer des entrées mais sans réussite. Voici ci joint le rapport hijacktis Merci d'avance : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:20:22, on 30.12.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Motive\McciCMService.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\cidaemon.exe C:\DOCUME~1\Lucien\LOCALS~1\Temp\d.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\msb.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe c:\program files\avira\antivir desktop\avcenter.exe C:\Program Files\Avira\AntiVir Desktop\avscan.exe C:\Documents and Settings\Lucien\Mes documents\Téléchargements\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file) O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - c:\program files\shareaza\razawebhook32.dll O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file) O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [J8RPLTROBQ] C:\DOCUME~1\Lucien\LOCALS~1\Temp\d.exe O4 - HKCU\..\Run: [LEO0WTUNO7] C:\WINDOWS\msb.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Download with &Shareaza - res://c:\program files\shareaza\razawebhook32.dll/3000 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll O11 - Options group: [searching] Rechercher à partir de la barre d'adresses O17 - HKLM\System\CCS\Services\Tcpip\..\{70F7DF5F-AE06-4576-A231-F239768A5EB5}: NameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{70F7DF5F-AE06-4576-A231-F239768A5EB5}: NameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{70F7DF5F-AE06-4576-A231-F239768A5EB5}: NameServer = 192.168.1.1 O18 - Protocol: bw+0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {9B4B2DA0-E218-434B-9AB4-456E3809461C} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: yayxyaaY - yayxyaaY.dll (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logishrd\SrvLnch\SrvLnch.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe -- End of file - 17794 bytes
  6. 12cylindres
    Bonjour a tous, je viens d'acheter un Portable Fujitsu Siemens LI3910 et dans ma précipitation de découvrir ce nouveau joujou je n'ai pas fait de CD recovery system Puis-je le faire tout de meme et comment ? et quelle CD ou DVD dois-je mettre apres Merci de votre aide Salutations.
  7. 12cylindres
    Voila le rapport sorti apres le scan avec Antivir : Avira AntiVir Personal Date de création du fichier de rapport : mercredi, 4. février 2009 00:37 La recherche porte sur 1312037 souches de virus. Détenteur de la licence :Avira AntiVir PersonalEdition Classic Numéro de série : 0000149996-ADJIE-0001 Plateforme : Windows XP Version de Windows :(Service Pack 3) [5.1.2600] Mode Boot : Mode sans échec Identifiant : Lucien Nom de l'ordinateur :FERRARI Informations de version : BUILD.DAT : 8.2.0.52 16931 Bytes 02.12.2008 14:55:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18.11.2008 08:21:00 AVSCAN.DLL : 8.1.4.1 49921 Bytes 21.07.2008 13:44:27 LUKE.DLL : 8.1.4.5 164097 Bytes 12.06.2008 12:44:16 LUKERES.DLL : 8.1.4.0 13057 Bytes 04.07.2008 07:30:27 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 11:30:36 ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14.01.2009 21:39:22 ANTIVIR2.VDF : 7.1.1.207 1359360 Bytes 30.01.2009 21:39:24 ANTIVIR3.VDF : 7.1.1.222 149504 Bytes 03.02.2009 21:39:25 Version du moteur: 8.2.0.71 AEVDF.DLL : 8.1.1.0 106868 Bytes 03.02.2009 21:39:32 AESCRIPT.DLL : 8.1.1.39 344443 Bytes 03.02.2009 21:39:31 AESCN.DLL : 8.1.1.6 127348 Bytes 03.02.2009 21:39:30 AERDL.DLL : 8.1.1.3 438645 Bytes 04.11.2008 13:58:38 AEPACK.DLL : 8.1.3.6 393589 Bytes 03.02.2009 21:39:30 AEOFFICE.DLL : 8.1.0.33 196987 Bytes 03.02.2009 21:39:29 AEHEUR.DLL : 8.1.0.89 1569143 Bytes 03.02.2009 21:39:29 AEHELP.DLL : 8.1.2.0 119159 Bytes 03.02.2009 21:39:27 AEGEN.DLL : 8.1.1.12 328053 Bytes 03.02.2009 21:39:26 AEEMU.DLL : 8.1.0.9 393588 Bytes 14.10.2008 10:05:56 AECORE.DLL : 8.1.6.4 176501 Bytes 03.02.2009 21:39:25 AEBB.DLL : 8.1.0.3 53618 Bytes 14.10.2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09.07.2008 08:40:02 AVPREF.DLL : 8.0.2.0 38657 Bytes 16.05.2008 09:27:58 AVREP.DLL : 8.0.0.2 98344 Bytes 31.07.2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09.05.2008 11:26:37 AVARKT.DLL : 1.0.0.23 307457 Bytes 12.02.2008 08:29:19 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12.06.2008 12:27:46 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22.01.2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12.06.2008 12:49:36 NETNT.DLL : 8.0.0.1 7937 Bytes 25.01.2008 12:05:07 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 04.07.2008 07:23:16 RCTEXT.DLL : 8.0.52.1 86273 Bytes 17.07.2008 10:08:43 Configuration pour la recherche actuelle : Nom de la tâche..................: Contrôle intégral du système Fichier de configuration.........: c:\program files\avira\antivir personaledition classic\sysscan.avp Documentation....................: bas Action principale................: réparer Action secondaire................: supprimer Recherche sur les secteurs d'amorçage maître: marche Recherche sur les secteurs d'amorçage: marche Secteurs d'amorçage..............: C:, D:, Recherche dans les programmes actifs: marche Recherche en cours sur l'enregistrement: marche Recherche de Rootkits............: marche Fichier mode de recherche........: Tous les fichiers Recherche sur les archives.......: marche Limiter la profondeur de récursivité: 20 Archive Smart Extensions.........: marche Heuristique de macrovirus........: marche Heuristique fichier..............: moyen Début de la recherche : mercredi, 4. février 2009 00:37 La recherche d'objets cachés commence. Impossible d'initialiser le pilote. La recherche sur les processus démarrés commence : Processus de recherche 'avscan.exe' - '1' module(s) sont contrôlés Processus de recherche 'avcenter.exe' - '1' module(s) sont contrôlés Processus de recherche 'explorer.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'svchost.exe' - '1' module(s) sont contrôlés Processus de recherche 'lsass.exe' - '1' module(s) sont contrôlés Processus de recherche 'services.exe' - '1' module(s) sont contrôlés Processus de recherche 'winlogon.exe' - '1' module(s) sont contrôlés Processus de recherche 'csrss.exe' - '1' module(s) sont contrôlés Processus de recherche 'smss.exe' - '1' module(s) sont contrôlés '11' processus ont été contrôlés avec '11' modules La recherche sur les secteurs d'amorçage maître commence : Secteur d'amorçage maître HD0 [iNFO] Aucun virus trouvé ! Secteur d'amorçage maître HD1 [iNFO] Aucun virus trouvé ! [AVERTISSEMENT] Erreur système [21]: Le périphérique n'est pas prêt. La recherche sur les secteurs d'amorçage commence : Secteur d'amorçage 'C:\' [iNFO] Aucun virus trouvé ! Secteur d'amorçage 'D:\' [iNFO] Aucun virus trouvé ! La recherche sur les renvois aux fichiers exécutables (registre) commence. Le registre a été contrôlé ( '54' fichiers). La recherche sur les fichiers sélectionnés commence : Recherche débutant dans 'C:\' C:\pagefile.sys [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\RECYCLER\S-1-5-21-1645522239-2000478354-839522115-1005\Dc23.exe [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\RECYCLER\S-1-5-21-1645522239-2000478354-839522115-1005\Dc24.exe [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\RECYCLER\S-1-5-21-1645522239-2000478354-839522115-1005\Dc25.exe [AVERTISSEMENT] Impossible d'ouvrir le fichier ! C:\RECYCLER\S-1-5-21-1645522239-2000478354-839522115-1005\Dc26.exe [AVERTISSEMENT] Impossible d'ouvrir le fichier ! Recherche débutant dans 'D:\' <Sauvegarder> Fin de la recherche : mercredi, 4. février 2009 01:18 Temps nécessaire: 41:46 Minute(s) La recherche a été effectuée intégralement 6349 Les répertoires ont été contrôlés 264679 Des fichiers ont été contrôlés 0 Des virus ou programmes indésirables ont été trouvés 0 Des fichiers ont été classés comme suspects 0 Des fichiers ont été supprimés 0 Des virus ou programmes indésirables ont été réparés 0 Les fichiers ont été déplacés dans la quarantaine 0 Les fichiers ont été renommés 5 Impossible de contrôler des fichiers 264674 Fichiers non infectés 1365 Les archives ont été contrôlées 6 Avertissements 0 Consignes Salutations.
  8. 12cylindres
    Hello Merci pour l'aide voici le rapport :MBAM Salutations. Malwarebytes' Anti-Malware 1.33 Version de la base de données: 1713 Windows 5.1.2600 Service Pack 3 01.02.2009 18:39:02 mbam-log-2009-02-01 (18-39-02).txt Type de recherche: Examen complet (C:\|D:\|E:\|) Eléments examinés: 159925 Temps écoulé: 1 hour(s), 21 minute(s), 4 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 8 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 4 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 4 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e8ac85e8-4634-426d-942b-1f6069723dc7} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\VSPlugin (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\fdkowvbp.bmlb (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\fdkowvbp.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e8ac85e8-4634-426d-942b-1f6069723dc7} (Trojan.Vundo) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId (Trojan.FakeAlert) -> Bad: (VIRUS ALERT!) Good: (55639-OEM-0074476-09337) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoToolbarCustomize (Hijack.Explorer) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\RECYCLER\S-1-5-21-1645522239-2000478354-839522115-1005\Dc22.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{9D12C3F6-FCF8-45B7-AB9B-01C195C7C4DE}\RP248\A0069636.exe (Adware.NetPumper) -> Quarantined and deleted successfully. C:\WINDOWS\BM13fc52a6.xml (Trojan.Vundo) -> Quarantined and deleted successfully. C:\WINDOWS\BM13fc52a6.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
  9. 12cylindres
    J'ai un souci avec mon pc, il est tres lent au démarrage et j'ai trouver plusieurs trojan par antivir. ceux-ci reéaparaisse regulièrement Voici un rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:35:16, on 01.02.2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Fichiers communs\Motive\McciCMService.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam\Quickcam.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\SweetIM\Messenger\SweetIM.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Glary Utilities\Integrator.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ch.msn.com/?lang=fr-ch R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {243B17DE-77C7-46BF-B94B-0B5F309A0E64} - C:\Program Files\Microsoft Money\System\mnyside.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1645522239-2000478354-839522115-1005\..\Run: [msnmsgr] ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Marcelline') O4 - HKUS\S-1-5-21-1645522239-2000478354-839522115-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Administrateur') O4 - HKUS\S-1-5-21-1645522239-2000478354-839522115-501\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Invité') O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user') O4 - S-1-5-21-1645522239-2000478354-839522115-500 Startup: index.pandora (User 'Administrateur') O4 - S-1-5-21-1645522239-2000478354-839522115-500 User Startup: index.pandora (User 'Administrateur') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O11 - Options group: [searching] Search from the Address bar O20 - Winlogon Notify: yayxyaaY - yayxyaaY.dll (file missing) O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe -- End of file - 7783 bytes Qui peut m'aider, Salutations.
  10. 12cylindres
    Bonsoir, Voici le rapport du Scan.... Si je ne me suis pas trompé Merci et salutations. La machine semble ne plus faire de problème. Avant cela un message m'indiquant une dll manquante apparaissait au chargement de XP Merci et bonne soirée ComboFix 08-05-19.4 - Lucien 2008-05-20 18:32:36.7 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.708 [GMT 2:00] Endroit: C:\Documents and Settings\Lucien\Bureau\ComboFix.exe Command switches used :: C:\Documents and Settings\Lucien\Bureau\CFScript.txt * Création d'un nouveau point de restauration FILE :: C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe C:\WINDOWS\system32\glhmaoeh.dll C:\WINDOWS\system32\qoMeDVli.dll C:\WINDOWS\system32\wvUMfFUL.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-20 to 2008-05-20 )))))))))))))))))))))))))))))))))))) . 2008-05-20 18:23 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat 2008-05-20 18:23 . 2007-03-08 07:10 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui 2008-05-20 18:23 . 2008-03-01 14:58 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll 2008-05-20 18:23 . 2008-03-01 14:58 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll 2008-05-20 18:23 . 2008-03-01 14:58 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll 2008-05-20 18:23 . 2008-03-01 14:58 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll 2008-05-20 18:23 . 2008-03-01 14:58 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll 2008-05-20 18:23 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe 2008-05-20 18:22 . 2008-03-01 14:58 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll 2008-05-19 21:44 . 2008-05-19 21:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd 2008-05-18 16:20 . 2008-05-18 16:20 <REP> d-------- C:\Program Files\Trend Micro 2008-05-17 02:33 . 2008-05-19 21:44 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd 2008-05-17 02:33 . 2008-05-17 02:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech 2008-05-16 00:49 . 2008-05-16 00:49 197 --a------ C:\WINDOWS\system32\MRT.INI 2008-05-16 00:19 . 2008-05-16 00:19 <REP> d-------- C:\Program Files\Avira 2008-05-15 23:33 . 2008-05-15 23:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg8 2008-05-15 23:31 . 2008-05-18 12:52 3,292 --a------ C:\WINDOWS\system32\tmp.reg 2008-05-15 00:42 . 2008-05-15 00:42 <REP> d-------- C:\WINDOWS\ERUNT 2008-05-14 20:33 . 2008-05-14 20:33 143 --a------ C:\WINDOWS\system32\mcrh.MSNFix 2008-05-14 20:09 . 2008-05-15 23:33 8,192 --a------ C:\Documents and Settings\Parents 2008-05-14 20:03 . 2008-05-14 20:03 <REP> d-------- C:\Program Files\ToniArts 2008-05-14 07:35 . 2008-05-14 07:35 <REP> d-------- C:\WINDOWS\system32\fr 2008-05-14 07:35 . 2008-05-14 07:35 <REP> d-------- C:\WINDOWS\l2schemas 2008-05-14 03:10 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll 2008-05-14 03:08 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll 2008-05-14 03:08 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll 2008-05-14 03:06 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll 2008-05-14 03:06 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe 2008-05-14 03:06 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys 2008-05-14 03:05 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll 2008-05-14 03:05 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll 2008-05-14 03:05 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll 2008-05-14 03:05 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll 2008-05-14 03:05 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll 2008-05-14 03:04 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll 2008-05-14 03:03 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll 2008-05-14 03:03 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll 2008-05-14 03:03 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll 2008-05-14 03:03 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe 2008-05-14 03:03 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll 2008-05-14 03:03 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-05-14 03:03 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll 2008-05-14 03:02 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll 2008-05-14 03:02 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll 2008-05-14 02:59 . 2008-04-14 04:33 397,312 --------- C:\WINDOWS\system32\mmcex.dll 2008-05-14 02:59 . 2008-04-14 04:33 184,320 --------- C:\WINDOWS\system32\microsoft.managementconsole.dll 2008-05-14 02:59 . 2008-04-14 04:33 106,496 --------- C:\WINDOWS\system32\mmcfxcommon.dll 2008-05-14 02:59 . 2008-04-14 04:34 33,792 --------- C:\WINDOWS\system32\mmcperf.exe 2008-05-14 02:57 . 2008-04-14 04:33 61,440 --------- C:\WINDOWS\system32\kmsvc.dll 2008-05-14 02:57 . 2008-04-14 04:33 37,376 --------- C:\WINDOWS\system32\l2gpstore.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdpash.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdnepr.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdiultn.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdbhc.dll 2008-05-14 02:56 . 2008-04-14 04:10 2,524 --------- C:\WINDOWS\system32\pid.inf 2008-05-14 02:55 . 2008-04-14 04:33 184,832 --------- C:\WINDOWS\system32\eapp3hst.dll 2008-05-14 02:55 . 2008-04-14 04:33 180,736 --------- C:\WINDOWS\system32\eapphost.dll 2008-05-14 02:55 . 2008-04-14 04:33 126,976 --------- C:\WINDOWS\system32\eappcfg.dll 2008-05-14 02:55 . 2008-04-14 04:33 94,720 --------- C:\WINDOWS\system32\eappgnui.dll 2008-05-14 02:55 . 2008-04-14 04:33 59,392 --------- C:\WINDOWS\system32\eapqec.dll 2008-05-14 02:55 . 2008-04-14 04:33 40,960 --------- C:\WINDOWS\system32\eappprxy.dll 2008-05-14 02:55 . 2008-04-14 04:33 33,792 --------- C:\WINDOWS\system32\eapsvc.dll 2008-05-14 02:55 . 2008-04-14 04:33 30,720 --------- C:\WINDOWS\system32\eapolqec.dll 2008-05-14 02:53 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll 2008-05-14 01:53 . 2004-08-20 01:09 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-14 01:11 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig 2008-05-14 01:11 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat 2008-05-14 00:44 . 2008-04-14 04:33 354,304 --a------ C:\WINDOWS\system32\winhttp.dll 2008-05-14 00:44 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2008-05-14 00:27 . 2008-05-16 00:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-14 00:15 . 2008-05-20 18:32 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG 2008-05-13 23:58 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl 2008-05-13 23:50 . 2008-05-20 18:27 65,536 --a------ C:\WINDOWS\system32\drivers\CnxE2FS.bin 2008-05-13 23:49 . 2005-05-19 19:11 3,720,196 --a------ C:\WINDOWS\system32\drivers\CnxE2Fw.bin 2008-05-13 23:49 . 2005-05-19 19:11 52,864 --a------ C:\WINDOWS\system32\drivers\CnxTrUsb.sys 2008-05-13 23:49 . 2005-05-19 19:11 25,984 --a------ C:\WINDOWS\system32\drivers\CnxTrLan.sys 2008-05-12 12:45 . 2008-04-14 04:31 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-05-12 12:44 . 2008-05-12 12:44 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-05-12 12:42 . 2008-04-14 04:33 2,061,824 --a------ C:\WINDOWS\system32\mstscax.dll 2008-05-12 12:41 . 2008-04-13 20:39 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2008-05-12 12:40 . 2008-04-13 20:46 85,248 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2008-05-12 12:40 . 2008-04-13 20:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys 2008-05-12 12:40 . 2008-04-13 20:46 19,200 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2008-05-12 12:40 . 2008-04-13 20:46 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2008-05-12 12:40 . 2008-04-13 20:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-05-12 12:39 . 2008-04-14 04:34 92,160 --a------ C:\WINDOWS\system32\kswdmcap.ax 2008-05-12 12:39 . 2008-04-14 04:34 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax 2008-05-12 12:39 . 2008-04-14 04:34 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax 2008-05-12 12:39 . 2008-04-14 04:33 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2008-05-12 12:39 . 2008-04-14 04:33 54,784 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll 2008-05-12 12:39 . 2008-04-14 04:34 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax 2008-05-12 12:39 . 2008-04-14 04:34 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax 2008-05-12 12:37 . 2008-04-13 20:45 60,032 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys 2008-05-12 12:37 . 2008-04-13 20:45 60,032 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys 2008-05-12 12:37 . 2008-04-14 03:57 58,752 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-05-12 12:34 . 2008-04-14 04:34 129,536 --a------ C:\WINDOWS\system32\ksproxy.ax 2008-05-12 12:34 . 2008-04-14 04:33 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2008-05-12 12:26 . 2008-04-14 04:34 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2008-05-12 12:24 . 2008-05-19 21:45 1,036,876 --a------ C:\WINDOWS\setupapi.log.0.old 2008-05-11 23:18 . 2008-05-14 00:30 160,256 --a------ C:\WINDOWS\system32\blackster.scr 2008-05-11 23:16 . 2008-05-11 23:16 1 --a------ C:\WINDOWS\system32\kr_done1de 2008-05-06 18:43 . 2008-05-06 18:43 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Nokia 2008-05-03 20:34 . 2008-05-03 21:34 50 --a------ C:\WINDOWS\yesmessenger.ini 2008-05-02 19:59 . 2008-05-02 19:59 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-05-01 20:12 . 2008-05-01 20:12 <REP> d-------- C:\Documents and Settings\Lucien\dvbern-tax 2008-05-01 19:27 . 2008-05-20 07:03 <REP> d-------- C:\Documents and Settings\Lucien\VaudTax2007 2008-05-01 19:24 . 2008-05-01 19:24 <REP> d--h----- C:\Program Files\Zero G Registry 2008-05-01 19:24 . 2008-05-20 07:05 <REP> d-------- C:\Program Files\VaudTax2007 2008-05-01 19:22 . 2008-05-01 19:22 <REP> d--h----- C:\Documents and Settings\Lucien\InstallAnywhere 2008-05-01 14:04 . 2008-05-01 14:04 <REP> d-------- C:\Program Files\Midway Games 2008-05-01 12:41 . 2008-05-01 12:46 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Odyssee_Sib 2008-05-01 12:39 . 2006-10-20 13:27 528,384 -ra------ C:\WINDOWS\lanceur1.exe 2008-05-01 00:50 . 2008-05-01 00:51 249,856 --------- C:\WINDOWS\Setup1.exe 2008-05-01 00:50 . 2008-05-01 00:51 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-04-29 21:33 . 2008-04-29 21:33 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Nokia Multimedia Player 2008-04-28 21:40 . 2008-04-30 00:24 <REP> d--hs---- C:\Documents and Settings\Lucien\Phone Browser 2008-04-28 21:39 . 2008-04-28 21:39 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\PC Suite 2008-04-28 16:06 . 2008-04-28 16:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\PC Connectivity Solution 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Nokia 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Fichiers communs\Nokia 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\DIFX 2008-04-28 16:05 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-04-28 16:05 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-19 19:44 --------- d-----w C:\Program Files\Logitech 2008-05-19 19:44 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2008-05-14 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-13 21:50 --------- d-----w C:\Program Files\Netopia 2008-05-06 16:47 --------- d-----w C:\Program Files\Windows Live 2008-04-24 19:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-04-14 20:52 --------- d-----w C:\Program Files\Fichiers communs\Motive 2008-04-14 20:49 --------- d-----w C:\Documents and Settings\Lucien\Application Data\Talkback 2008-04-14 20:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive 2008-04-14 20:45 --------- d-----w C:\Program Files\QuickHelp2 2008-04-14 20:45 --------- d-----w C:\Documents and Settings\Lucien\Application Data\Motive 2008-04-14 02:33 50,688 ----a-w C:\WINDOWS\twain_32.dll 2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys 2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys 2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys 2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys 2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys 2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys 2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys 2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys 2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys 2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys 2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys 2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys 2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys 2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys 2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys 2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys 2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys 2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys 2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys 2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys 2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys 2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys 2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys 2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys 2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys 2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys 2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys 2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys 2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys 2008-04-13 18:47 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys 2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys 2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys 2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys 2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys 2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys 2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys 2008-04-13 18:46 15,232 ----a-w C:\WINDOWS\system32\drivers\streamip.sys 2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys 2008-04-13 18:46 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys 2008-04-13 18:46 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys 2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys 2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys 2008-04-13 18:43 14,208 ----a-w C:\WINDOWS\system32\drivers\wacompen.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-05-17 02:35 36864] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickHelp2_McciTrayApp"="C:\Program Files\QuickHelp2\QuickHelp.exe" [2007-11-02 17:40 1474048] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 14:19 282624 C:\WINDOWS\stsystra.exe] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= R2 McciCMService;McciCMService;"C:\Program Files\Fichiers communs\Motive\McciCMService.exe" [2007-09-10 10:19] S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-07-10 18:37] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-07-10 18:37] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-20 18:35:36 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Fichiers communs\Logishrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Logishrd\LVCOMSER\LVComSer.exe C:\WINDOWS\system32\HPZipm12.exe C:\Program Files\Fichiers communs\Logishrd\LVCOMSER\LVComSer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-20 18:38:09 - machine was rebooted [Lucien] ComboFix-quarantined-files.txt 2008-05-20 16:38:06 ComboFix2.txt 2008-05-19 17:52:16 Pre-Run: 168,431,673,344 octets libres Post-Run: 168,490,844,160 octets libres 325 --- E O F --- 2008-05-20 16:24:25
  11. 12cylindres
    Re Bonsoir j'ai effectué le traitement avec combofix. C'est long...... mais voix ce rapport, ainsi qu'a la suite à rapport HijackThis effectué ce soir salutations. Merci pour votre aide.. que dois-encore supprimer. Salutations. :P ComboFix 08-05-15.3 - Lucien 2008-05-18 16:35:47.6 - NTFSx86 Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.616 [GMT 2:00] Endroit: C:\Documents and Settings\Lucien\Bureau\ComboFix.exe . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Lucien\Application Data\Microsoft\Internet Explorer\Quick Launch\WinIFixer.lnk C:\Documents and Settings\Lucien\Application Data\WinIFixer.com C:\WINDOWS\system32\_003517_.tmp.dll C:\WINDOWS\system32\elmqmufn.ini C:\WINDOWS\system32\heoamhlg.ini C:\WINDOWS\system32\ilVDeMoq.ini C:\WINDOWS\system32\ilVDeMoq.ini2 C:\WINDOWS\system32\jhhqocwo.ini C:\WINDOWS\system32\LkTAJRqr.ini C:\WINDOWS\system32\LkTAJRqr.ini2 C:\WINDOWS\system32\natqsbtj.ini C:\WINDOWS\system32\pVybayxx.ini C:\WINDOWS\system32\pVybayxx.ini2 C:\WINDOWS\system32\rqRJATkL.dll C:\WINDOWS\system32\xxyabyVp.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-19 to 2008-05-19 )))))))))))))))))))))))))))))))))))) . 2008-05-18 16:20 . 2008-05-18 16:20 <REP> d-------- C:\Program Files\Trend Micro 2008-05-17 02:33 . 2008-05-17 02:33 <REP> d-------- C:\Program Files\Fichiers communs\Logishrd 2008-05-17 02:33 . 2008-05-17 02:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech 2008-05-16 00:49 . 2008-05-16 00:49 197 --a------ C:\WINDOWS\system32\MRT.INI 2008-05-16 00:19 . 2008-05-16 00:19 <REP> d-------- C:\Program Files\Avira 2008-05-15 23:33 . 2008-05-15 23:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avg8 2008-05-15 23:31 . 2008-05-18 12:52 3,292 --a------ C:\WINDOWS\system32\tmp.reg 2008-05-15 00:42 . 2008-05-15 00:42 <REP> d-------- C:\WINDOWS\ERUNT 2008-05-14 20:33 . 2008-05-14 20:33 143 --a------ C:\WINDOWS\system32\mcrh.MSNFix 2008-05-14 20:09 . 2008-05-15 23:33 8,192 --a------ C:\Documents and Settings\Parents 2008-05-14 20:03 . 2008-05-14 20:03 <REP> d-------- C:\Program Files\ToniArts 2008-05-14 07:35 . 2008-05-14 07:35 <REP> d-------- C:\WINDOWS\system32\fr 2008-05-14 07:35 . 2008-05-14 07:35 <REP> d-------- C:\WINDOWS\l2schemas 2008-05-14 03:10 . 2008-04-14 04:33 69,120 --------- C:\WINDOWS\system32\wlanapi.dll 2008-05-14 03:08 . 2008-04-14 04:33 53,248 --------- C:\WINDOWS\system32\tsgqec.dll 2008-05-14 03:08 . 2008-04-14 04:33 50,688 --------- C:\WINDOWS\system32\tspkg.dll 2008-05-14 03:06 . 2008-04-14 04:33 290,304 --------- C:\WINDOWS\system32\rhttpaa.dll 2008-05-14 03:06 . 2008-04-14 04:34 32,768 --------- C:\WINDOWS\system32\setupn.exe 2008-05-14 03:06 . 2008-04-13 20:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_mmc.sys 2008-05-14 03:05 . 2008-04-14 04:33 293,376 --------- C:\WINDOWS\system32\qagentrt.dll 2008-05-14 03:05 . 2008-04-14 04:33 151,040 --------- C:\WINDOWS\system32\qagent.dll 2008-05-14 03:05 . 2008-04-14 04:33 76,800 --------- C:\WINDOWS\system32\qutil.dll 2008-05-14 03:05 . 2008-04-14 04:33 62,464 --------- C:\WINDOWS\system32\qcliprov.dll 2008-05-14 03:05 . 2008-04-14 04:33 61,952 --------- C:\WINDOWS\system32\rasqec.dll 2008-05-14 03:04 . 2008-04-14 04:33 144,896 --------- C:\WINDOWS\system32\onex.dll 2008-05-14 03:03 . 2008-04-14 04:33 1,306,624 --------- C:\WINDOWS\system32\msxml6.dll 2008-05-14 03:03 . 2008-04-14 04:33 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll 2008-05-14 03:03 . 2008-04-14 04:33 200,704 --------- C:\WINDOWS\system32\napmontr.dll 2008-05-14 03:03 . 2008-04-14 04:34 177,664 --------- C:\WINDOWS\system32\napstat.exe 2008-05-14 03:03 . 2008-04-14 04:04 93,184 --------- C:\WINDOWS\system32\msxml6r.dll 2008-05-14 03:03 . 2008-04-14 04:04 93,184 -----c--- C:\WINDOWS\system32\dllcache\msxml6r.dll 2008-05-14 03:03 . 2008-04-14 04:33 30,208 --------- C:\WINDOWS\system32\napipsec.dll 2008-05-14 03:02 . 2008-04-14 04:33 155,136 --------- C:\WINDOWS\system32\mssha.dll 2008-05-14 03:02 . 2008-04-14 04:03 81,920 --------- C:\WINDOWS\system32\msshavmsg.dll 2008-05-14 02:59 . 2008-04-14 04:33 397,312 --------- C:\WINDOWS\system32\mmcex.dll 2008-05-14 02:59 . 2008-04-14 04:33 184,320 --------- C:\WINDOWS\system32\microsoft.managementconsole.dll 2008-05-14 02:59 . 2008-04-14 04:33 106,496 --------- C:\WINDOWS\system32\mmcfxcommon.dll 2008-05-14 02:59 . 2008-04-14 04:34 33,792 --------- C:\WINDOWS\system32\mmcperf.exe 2008-05-14 02:57 . 2008-04-14 04:33 61,440 --------- C:\WINDOWS\system32\kmsvc.dll 2008-05-14 02:57 . 2008-04-14 04:33 37,376 --------- C:\WINDOWS\system32\l2gpstore.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdpash.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdnepr.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdiultn.dll 2008-05-14 02:57 . 2008-04-14 04:31 6,144 --------- C:\WINDOWS\system32\kbdbhc.dll 2008-05-14 02:56 . 2008-04-14 04:10 2,524 --------- C:\WINDOWS\system32\pid.inf 2008-05-14 02:55 . 2008-04-14 04:33 184,832 --------- C:\WINDOWS\system32\eapp3hst.dll 2008-05-14 02:55 . 2008-04-14 04:33 180,736 --------- C:\WINDOWS\system32\eapphost.dll 2008-05-14 02:55 . 2008-04-14 04:33 126,976 --------- C:\WINDOWS\system32\eappcfg.dll 2008-05-14 02:55 . 2008-04-14 04:33 94,720 --------- C:\WINDOWS\system32\eappgnui.dll 2008-05-14 02:55 . 2008-04-14 04:33 59,392 --------- C:\WINDOWS\system32\eapqec.dll 2008-05-14 02:55 . 2008-04-14 04:33 40,960 --------- C:\WINDOWS\system32\eappprxy.dll 2008-05-14 02:55 . 2008-04-14 04:33 33,792 --------- C:\WINDOWS\system32\eapsvc.dll 2008-05-14 02:55 . 2008-04-14 04:33 30,720 --------- C:\WINDOWS\system32\eapolqec.dll 2008-05-14 02:53 . 2008-04-14 04:33 136,192 --------- C:\WINDOWS\system32\aaclient.dll 2008-05-14 01:53 . 2004-08-20 01:09 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2008-05-14 01:11 . 2004-08-02 14:20 7,208 --------- C:\WINDOWS\system32\secupd.sig 2008-05-14 01:11 . 2004-08-02 14:20 4,569 --------- C:\WINDOWS\system32\secupd.dat 2008-05-14 00:44 . 2008-04-14 04:33 354,304 --a------ C:\WINDOWS\system32\winhttp.dll 2008-05-14 00:44 . 2008-04-14 04:33 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2008-05-14 00:27 . 2008-05-16 00:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira 2008-05-14 00:15 . 2008-05-18 13:27 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG 2008-05-13 23:58 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl 2008-05-13 23:50 . 2008-05-19 19:49 65,536 --a------ C:\WINDOWS\system32\drivers\CnxE2FS.bin 2008-05-13 23:49 . 2005-05-19 19:11 3,720,196 --a------ C:\WINDOWS\system32\drivers\CnxE2Fw.bin 2008-05-13 23:49 . 2005-05-19 19:11 52,864 --a------ C:\WINDOWS\system32\drivers\CnxTrUsb.sys 2008-05-13 23:49 . 2005-05-19 19:11 25,984 --a------ C:\WINDOWS\system32\drivers\CnxTrLan.sys 2008-05-13 22:04 . 2008-05-14 23:44 1,072,185,344 --a------ C:\WINDOWS\MEMORY.DMP 2008-05-12 12:45 . 2008-04-14 04:31 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll 2008-05-12 12:44 . 2008-05-12 12:44 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest 2008-05-12 12:42 . 2008-04-14 04:33 2,061,824 --a------ C:\WINDOWS\system32\mstscax.dll 2008-05-12 12:41 . 2008-04-13 20:39 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2008-05-12 12:40 . 2008-04-13 20:46 85,248 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2008-05-12 12:40 . 2008-04-13 20:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys 2008-05-12 12:40 . 2008-04-13 20:46 19,200 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2008-05-12 12:40 . 2008-04-13 20:46 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2008-05-12 12:40 . 2008-04-13 20:45 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2008-05-12 12:39 . 2008-04-14 04:34 92,160 --a------ C:\WINDOWS\system32\kswdmcap.ax 2008-05-12 12:39 . 2008-04-14 04:34 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax 2008-05-12 12:39 . 2008-04-14 04:33 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2008-05-12 12:39 . 2008-04-14 04:34 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax 2008-05-12 12:37 . 2008-04-13 20:45 60,032 --a------ C:\WINDOWS\system32\drivers\usbaudio.sys 2008-05-12 12:37 . 2008-04-14 03:57 58,752 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2008-05-12 12:34 . 2008-04-14 04:34 129,536 --a------ C:\WINDOWS\system32\ksproxy.ax 2008-05-12 12:34 . 2008-04-14 04:33 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2008-05-12 12:26 . 2008-04-14 04:34 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2008-05-11 23:18 . 2008-05-14 00:30 160,256 --a------ C:\WINDOWS\system32\blackster.scr 2008-05-11 23:16 . 2008-05-11 23:16 1 --a------ C:\WINDOWS\system32\kr_done1de 2008-05-06 18:43 . 2008-05-06 18:43 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Nokia 2008-05-03 20:34 . 2008-05-03 21:34 50 --a------ C:\WINDOWS\yesmessenger.ini 2008-05-02 19:59 . 2008-05-02 19:59 <REP> d-------- C:\Program Files\Microsoft Silverlight 2008-05-01 20:12 . 2008-05-01 20:12 <REP> d-------- C:\Documents and Settings\Lucien\dvbern-tax 2008-05-01 19:27 . 2008-05-01 20:02 <REP> d-------- C:\Documents and Settings\Lucien\VaudTax2007 2008-05-01 19:24 . 2008-05-01 19:24 <REP> d--h----- C:\Program Files\Zero G Registry 2008-05-01 19:24 . 2008-05-01 19:24 <REP> d-------- C:\Program Files\VaudTax2007 2008-05-01 19:22 . 2008-05-01 19:22 <REP> d--h----- C:\Documents and Settings\Lucien\InstallAnywhere 2008-05-01 14:04 . 2008-05-01 14:04 <REP> d-------- C:\Program Files\Midway Games 2008-05-01 12:41 . 2008-05-01 12:46 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Odyssee_Sib 2008-05-01 12:39 . 2006-10-20 13:27 528,384 -ra------ C:\WINDOWS\lanceur1.exe 2008-05-01 00:50 . 2008-05-01 00:51 249,856 --------- C:\WINDOWS\Setup1.exe 2008-05-01 00:50 . 2008-05-01 00:51 73,216 --a------ C:\WINDOWS\ST6UNST.EXE 2008-04-29 21:33 . 2008-04-29 21:33 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\Nokia Multimedia Player 2008-04-28 21:40 . 2008-04-30 00:24 <REP> d--hs---- C:\Documents and Settings\Lucien\Phone Browser 2008-04-28 21:39 . 2008-04-28 21:39 <REP> d-------- C:\Documents and Settings\Lucien\Application Data\PC Suite 2008-04-28 16:06 . 2008-04-28 16:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\PC Connectivity Solution 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Nokia 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\Fichiers communs\Nokia 2008-04-28 16:05 . 2008-04-28 16:05 <REP> d-------- C:\Program Files\DIFX 2008-04-28 16:05 . 2007-02-22 11:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2008-04-28 16:05 . 2007-02-22 11:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll 2008-04-28 16:05 . 2007-02-22 11:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2008-04-28 16:05 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2008-04-28 16:05 . 2007-02-22 11:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys 2008-04-28 16:05 . 2007-02-22 11:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2008-04-28 16:04 . 2008-04-28 16:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Installations 2008-04-24 19:47 . 2008-05-14 21:10 <REP> d-------- C:\Program Files\Windows Live Toolbar 2008-04-24 19:46 . 2008-04-24 19:46 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition 2008-04-24 19:46 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll 2008-04-22 21:49 . 2008-05-06 18:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WinZip 2008-04-20 18:28 . 2008-04-20 18:28 <REP> d-------- C:\WINDOWS\Sun 2008-04-20 18:25 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl 2008-04-20 18:24 . 2008-04-20 18:25 <REP> d-------- C:\Program Files\Java 2008-04-20 18:24 . 2008-04-20 18:24 <REP> d-------- C:\Program Files\Fichiers communs\Java 2008-04-20 11:53 . 2008-04-27 09:51 <REP> d-------- C:\WINDOWS\system32\Adobe . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-17 00:33 --------- d-----w C:\Program Files\Logitech 2008-05-17 00:33 --------- d-----w C:\Program Files\Fichiers communs\Logitech 2008-05-14 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-05-13 21:50 --------- d-----w C:\Program Files\Netopia 2008-05-06 16:47 --------- d-----w C:\Program Files\Windows Live 2008-04-24 19:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller 2008-04-14 20:52 --------- d-----w C:\Program Files\Fichiers communs\Motive 2008-04-14 20:49 --------- d-----w C:\Documents and Settings\Lucien\Application Data\Talkback 2008-04-14 20:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\Motive 2008-04-14 20:45 --------- d-----w C:\Program Files\QuickHelp2 2008-04-14 20:45 --------- d-----w C:\Documents and Settings\Lucien\Application Data\Motive 2008-04-14 02:33 50,688 ----a-w C:\WINDOWS\twain_32.dll 2008-04-14 02:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys 2008-04-14 02:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys 2008-04-14 02:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys 2008-04-14 02:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys 2008-04-14 02:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys 2008-04-14 02:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys 2008-04-14 02:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys 2008-04-14 02:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys 2008-04-14 02:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys 2008-04-14 02:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys 2008-04-14 02:03 40,576 ------w C:\WINDOWS\system32\drivers\intelppm.sys 2008-04-14 02:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys 2008-04-14 02:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys 2008-04-14 02:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys 2008-04-14 01:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys 2008-04-14 01:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys 2008-04-14 01:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys 2008-04-14 01:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys 2008-04-14 01:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys 2008-04-14 01:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys 2008-04-14 01:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys 2008-04-14 01:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys 2008-04-14 01:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys 2008-04-14 01:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys 2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys 2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys 2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys 2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys 2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys 2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys 2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys 2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys 2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys 2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys 2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys 2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys 2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys 2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys 2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys 2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys 2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys 2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys 2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys 2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys 2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys 2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys 2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys 2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys 2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys 2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys 2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys 2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys 2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys 2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys 2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys 2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys 2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys 2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys 2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys 2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys 2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys 2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys 2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys 2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys 2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys 2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys 2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys 2008-04-13 18:53 36,608 ------w C:\WINDOWS\system32\drivers\ip6fw.sys 2008-04-13 18:53 264,832 ------w C:\WINDOWS\system32\drivers\http.sys 2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys 2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys 2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys 2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys 2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys 2008-04-13 18:47 25,856 ----a-w C:\WINDOWS\system32\drivers\usbprint.sys 2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys 2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys 2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys 2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys 2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys 2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys 2008-04-13 18:46 15,232 ----a-w C:\WINDOWS\system32\drivers\streamip.sys 2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys 2008-04-13 18:46 11,136 ----a-w C:\WINDOWS\system32\drivers\slip.sys 2008-04-13 18:46 10,880 ----a-w C:\WINDOWS\system32\drivers\ndisip.sys 2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys 2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys 2008-04-13 18:43 14,208 ----a-w C:\WINDOWS\system32\drivers\wacompen.sys . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88ebbe0b-5ff8-4b84-b043-71a216374a5b}] C:\WINDOWS\system32\wvUMfFUL.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8a977512-c63d-4a53-898f-bc87a7001bae}] C:\WINDOWS\system32\qoMeDVli.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:33 15360] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-05-17 02:35 36864] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184] "MalWarrior"="C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152] "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 17:41 45056] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] "QuickHelp2_McciTrayApp"="C:\Program Files\QuickHelp2\QuickHelp.exe" [2007-11-02 17:40 1474048] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10 271360] "SigmatelSysTrayApp"="stsystra.exe" [2006-07-27 14:19 282624 C:\WINDOWS\stsystra.exe] "10cf613a"="C:\WINDOWS\system32\glhmaoeh.dll" [ ] "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 01:03 284184] "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-11-15 21:58 746520] "LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 22:01 244512] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 04:33 15360] "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17 1241088] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{88EBBE0B-5FF8-4B84-B043-71A216374A5B}"= C:\WINDOWS\system32\wvUMfFUL.dll [ ] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvUMfFUL] wvUMfFUL.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ovd86.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Program Files\\Messenger\\msmsgs.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= R2 McciCMService;McciCMService;"C:\Program Files\Fichiers communs\Motive\McciCMService.exe" [2007-09-10 10:19] S3 MREMP50;MREMP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2007-07-10 18:37] S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [] S3 MRESP50;MRESP50 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2007-07-10 18:37] S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver;C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [] . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-19 19:49:22 Windows 5.1.2600 Service Pack 3 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\WINDOWS\system32\ati2evxx.exe C:\Program Files\Fichiers communs\Logitech\LVMVFM\LVPrcSrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe . ************************************************************************** . Temps d'accomplissement: 2008-05-19 19:52:15 - machine was rebooted [Lucien] ComboFix-quarantined-files.txt 2008-05-19 17:52:12 Pre-Run: 167,931,944,960 octets libres Post-Run: 167,841,517,568 octets libres 346 --- E O F --- 2008-05-15 22:49:09 1 rapport hijackThis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:05:23, on 19.05.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe C:\Program Files\Fichiers communs\Motive\McciCMService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\QuickHelp2\QuickHelp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\stsystra.exe C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {88ebbe0b-5ff8-4b84-b043-71a216374a5b} - C:\WINDOWS\system32\wvUMfFUL.dll (file missing) O2 - BHO: (no name) - {8a977512-c63d-4a53-898f-bc87a7001bae} - C:\WINDOWS\system32\qoMeDVli.dll (file missing) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [10cf613a] rundll32.exe "C:\WINDOWS\system32\glhmaoeh.dll",b O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MalWarrior] "C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe" /autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [searching] Rechercher à partir de la barre d'adresses O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207254230187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207254514390 O18 - Protocol: bw+0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {47FD53B1-DF3B-41CD-A5C6-A55219D5BBB0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: wvUMfFUL - wvUMfFUL.dll (file missing) O23 - Service: Avira AntiVir Personal – Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe -- End of file - 20157 bytes
  12. 12cylindres
    Bonjour Merci pour tout ces aides précises Je n'a pas encore effectués le traitement avec Combofix.exe L'ordinateur me semble déja mieux fonctionné. Salutations Voici 3 rapports : 1 rapport avant nettoyage »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Netopia 3300 Series USB Network Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 1 rapport SmitfraudFix SmitFraudFix v2.320 Rapport fait à 12:52:19.25, 2008-05-18 Executé à partir de C:\Documents and Settings\Lucien\Bureau\nettoyage pc\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{9e88f516-67b2-471e-8351-cd5e3a1c5a5f}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin 1 rapport SDFix SDFix: Version 1.183 Run by Lucien on 2008-05-18 at 12:57 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\Lucien\Bureau\NETTOY~1\SDFix Checking Services : Name : tcpsr OVD86 Path : \??\C:\WINDOWS\System32\drivers\tcpsr.sys System32\Drivers\Ovd86.sys tcpsr - Deleted OVD86 - Deleted Restoring Windows Registry Values Restoring Windows Default Hosts File Rebooting Service OVD86 - Deleted Checking Files : Trojan Files Found: C:\WINDOWS\system32\WinData.cab - Deleted C:\WINDOWS\system32\drivers\OVD86.sys - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-05-18 13:01:49 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000002 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000007 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000023 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000004 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000004 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000004 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties] "DeviceType"=dword:00000007 "DeviceCharacteristics"=dword:00000100 [HKEY_LOCAL_MACHINE\SYSTEM\controlset002\Services\MRxDAV\EncryptedDirectories] @="" scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" "DeviceNotSelectedTimeout"="15" "GDIProcessHandleQuota"=dword:00002710 "Spooler"="yes" "swapdisk"="" "TransmissionRetryTimeout"="90" "USERProcessHandleQuota"=dword:00002710 "LoadAppInit_DLLs"=dword:00000001 scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : OVD86 Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Lemoncast\\lemoncast.exe"="C:\\Program Files\\Lemoncast\\lemoncast.exe:*:Enabled:OneClick" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" Remaining Files : File Backups: - C:\DOCUME~1\Lucien\Bureau\NETTOY~1\SDFix\backups\backups.zip Files with Hidden Attributes : Sat 5 Apr 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\0b94495512074d69b9e8ab1679d608d4\BIT11C.tmp" Fri 9 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\24af2a69c06a4de03e35dc89d706475f\BIT76.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\2c94fdf84dc55e9a818c8222bafc1812\BITFF.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\7dfe90ab9679753ce8e3ab64aba594fe\BIT111.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\8b6d906fd5974a905eb1cc67c000b099\BIT106.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\9aa5f686d8c0b8f1fad16b524f06c565\BIT11E.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\b955ba47e5d89f57a5ea6a34838f80ab\BIT123.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cff3276a5659b39e9143e4a62e333028\BIT108.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\d2543d14ced0177a8154816e15636514\BIT118.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\da9428daf73da125c596ed070747be59\BIT103.tmp" Tue 22 Apr 2008 21,504 ...H. --- "C:\Documents and Settings\Lucien\Mes documents\ferrari\Sylvie\~WRL0001.tmp" Wed 14 May 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1e10da77e5e1c72d2afe101dc568fb06\download\BIT1B6.tmp" Finished!
  13. 12cylindres

    Windows xp home

    12cylindres a répondu à un(e) sujet de 12cylindres dans Software

    Merci a tous pour votre aide Salutations
  14. 12cylindres
    Bonsoir a tous J'ai eu plusieurs trojan ces derniers temps. J'ai pu nettoyer le PC grace au diverses informations récoltées sur votre site. Quelqu'un peut-il m'analyser le rapport ci-joint pour êttre bien sur que j'ai tout supprimer De plus je vais a l'instant télécharger Antivir au lieu de Avast 4 (cela semble plus sur) Merci d'avance 1 rapport Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 00:09:18, on 16.05.2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\Motive\McciCMService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe C:\Program Files\QuickHelp2\QuickHelp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe C:\WINDOWS\stsystra.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\PROGRA~1\FICHIE~1\PCSuite\DATALA~1\DATALA~1.EXE C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\DOCUME~1\Lucien\LOCALS~1\Temp\Répertoire temporaire 3 pour HiJackThis.zip\HijackThis.exe R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {88ebbe0b-5ff8-4b84-b043-71a216374a5b} - C:\WINDOWS\system32\wvUMfFUL.dll (file missing) O2 - BHO: (no name) - {8a977512-c63d-4a53-898f-bc87a7001bae} - C:\WINDOWS\system32\qoMeDVli.dll (file missing) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [QuickHelp2_McciTrayApp] C:\Program Files\QuickHelp2\QuickHelp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [WinIFixer] C:\Program Files\WinIFixer\WinIFixer.exe O4 - HKLM\..\Run: [sigmatelSysTrayApp] stsystra.exe O4 - HKLM\..\Run: [10cf613a] rundll32.exe "C:\WINDOWS\system32\glhmaoeh.dll",b O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [MalWarrior] "C:\Documents and Settings\All Users\Application Data\Adsl Software Limited\MalWarrior 2008\Malwarrior.exe" /autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [searching] Rechercher à partir de la barre d'adresses O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1207254230187 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1207254514390 O18 - Protocol: bw+0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {C4B469D2-FA07-4C06-A280-BAD54775D47F} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - Winlogon Notify: WinNt32 - C:\WINDOWS\SYSTEM32\WinNt32.dll O20 - Winlogon Notify: wvUMfFUL - wvUMfFUL.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Fichiers communs\Motive\McciCMService.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe -- End of file - 19712 bytes
  15. 12cylindres
    Bonsoir a tous Je n'ai que des problèmes avec mon pc. Pour info j'ai ce message via un autre PC j'ai eu un message d'alerte m'invitant a acheter un anti-virus...... Ce message a été detecté par Avast mais je n'ai visiblement pas reussi a le supprimer (trojan.....) De plus avec cela je n'arrive plus a rentre correctement dans mon PC. J'ai remis windows XP (PACK1) mais cela reste sur l'écran de validation de la clef de licence. J'ai fait cela pour éviter de perdre mon profile Quelequ'un peu m'aider Faut-il que je télécharge un anti spyware via le CD ou clef USB ? Merci d'avance
×
×
  • Créer...