Cirrius02
-
Compteur de contenus
55 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Cirrius02
-
Up
-
Est-ce que quelqu'un peut m'expliquer comment récupérer mon mot de passe pour la fonction Identity Safe de Norton? Ça fait au moins une heure que je cherche sur le site de Symantec et je tourne en rond!!! Merci de votre aide!
-
Bonjour, 1) Je voudrais savoir s'il existe sur internet un agenda par Microsoft, un peu comme Google? 2) Je voudrais savoir s'il est possible de synchroniser ce qui suit relativement à un agenda: Entre iPad (iOS7) et agenda Microsoft Entre Androïd (téléphone intelligent) et agenda Microsoft Entre Outlook 2013 et Agenda Microsoft Pour faire court, je veux un agenda qui se synchronise avec tous mes appareils. Je possède un téléphone intelligent Samsung (Galaxy S4), un ordinateur de table Windows 7 (je vais sous peu installer Office 2013), et un achat à venir iPad Air. Mon problème c'est qu'on ne peut plus synchroniser l'agenda de Google avec Outlook (seul. les entreprises et les étudiants). Pour l'instant j'utilise Mozilla Thunderbird mais j'aimerais migrer vers Outlook. Merci pour vos conseils!
-
Des conseils pour mon nouvel ordinateur
Cirrius02 a posté un sujet dans Conseils matériel - Achats & Ventes
Bonsoir, J'envisage prochainement de changer mon ordinateur de table. Il date de 10 ans et je fonctionne encore avec Win XP. J'aurais besoin de conseils pour mes futurs composants. Je veux un ordinateur avec un SSD pour mettre mon nouvel OS (Win 7) avec un DD classique pour les backups de données. Je veux donc avoir les éléments suivants et j'aimerais que vous me suggériez des modèles pour le SSD, la carte-mère et la carte video. Je veux un microprocesseur intel 7 et la carte-mère en conséquence (j'ai un préférence pour le fabricant ASUS). Je veux aussi un bonne carte vidéo. Je veux une installation puissante car je fais de la retouche photo et éventuellement du montage vidéo. Je n'utilise aucun jeux. En passant, est-ce qu'un SSD ça se partitionne et aussi est-ce que ça se défragmente. Merci pour vos conseils!!! -
[Résolu] Mozilla Thunderbird fonctionne mal
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Software
Le problème est résolu. J'ai fermé par clic droit une des deux fenêtres dans la barre des tâches et tout est revenu à la normale. Il n'y a plus de boîte sur laquelle je devait cliquer 20 fois et Thunderbird ne s'ouvre plus en double. Ensuite j'ai installé Office Black 2.1 et maintenant l'interface est beaucoup plus belle. -
Bonjour, Depuis la dernière mise à jour de Thunderbird, le logiciel fonctionne très mal. Premièrement, quand je lance l'application, Thunderbird s'ouvre en double dans la barre des tâches. Ensuite, il y une fenêtre qui apparait sur laquelle je dois cliquer 20 fois sur ok pour réussir à m'en débarrasser. En plus de ça, le haut de l'interface est maintenant tout en bleu. C'est très laid. Je sais pas ce qui se passe avec les informaticiens chez Mozilla, il semble qu'ils ont fumé du bon stock. En dernier recours, j'ai désinstallé le logiciel et je l'ai réinstallé. Surprise, les mêmes problèmes sont réapparus. Est-ce que je peux savoir ce qui se passe avec Thunderbird ? Merci à l'avance pour vos commentaires !
-
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Merci Falkra pour ton aide. J'ai une dernière question. Dans le numéro hors-série de Hebdo Micro sur la sécurité publié l'automne dernier, on recommande l'antivirus Pervx CSI en complément de notre antivirus régulier. Est-ce que c'est vraiment utile? Même chose pour Bitdefender? www.01net.com/editorial/382897/prevx-csi-complement-d-antivirus/ Ce soir, je vais faire une dernière analyse avec Kaspersky... -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Voici le rapport OTMoveIt3... Désolé pour mon temps de réponse, c'est dû au décalage horaire. Pendant qu'en France on commence la soirée moi je commence l'après-midi au boulot. ========== PROCESSES ========== Process explorer.exe killed successfully. ========== FILES ========== G:\Ma musique\Incomplete\T-5088466-mercy.snd moved successfully. File/Folder G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dg23.mp3 not found. G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1005\Dg21.mp3 moved successfully. G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1005\Dg22.mp3 moved successfully. ========== COMMANDS ========== File delete failed. C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\etilqs_ZQRjwJCLclsaIMv1pdfT scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\~DFB936.tmp scheduled to be deleted on reboot. File delete failed. C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\~DFC095.tmp scheduled to be deleted on reboot. User's Temp folder emptied. User's Temporary Internet Files folder emptied. User's Internet Explorer cache folder emptied. Local Service Temp folder emptied. File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot. Local Service Temporary Internet Files folder emptied. File delete failed. C:\WINDOWS\temp\JET33FB.tmp scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_204.dat scheduled to be deleted on reboot. File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_2e4.dat scheduled to be deleted on reboot. Windows Temp folder emptied. Java cache emptied. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_001_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_002_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_003_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\urlclassifier3.sqlite scheduled to be deleted on reboot. File delete failed. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\XUL.mfl scheduled to be deleted on reboot. FireFox cache emptied. Temp folders emptied. Explorer started successfully OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 02232009_191326 Files moved on Reboot... File C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\etilqs_ZQRjwJCLclsaIMv1pdfT not found! File C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\~DFB936.tmp not found! File C:\DOCUME~1\FRANOI~1\LOCALS~1\Temp\~DFC095.tmp not found! File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot. File C:\WINDOWS\temp\JET33FB.tmp not found! File C:\WINDOWS\temp\Perflib_Perfdata_204.dat not found! C:\WINDOWS\temp\Perflib_Perfdata_2e4.dat moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_001_ moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_002_ moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_003_ moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\Cache\_CACHE_MAP_ moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\urlclassifier3.sqlite moved successfully. C:\Documents and Settings\François\Local Settings\Application Data\Mozilla\Firefox\Profiles\tr70tf9v.default\XUL.mfl moved successfully. -
Démarrer en mode sans échec??? [Résolu]
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Software
Merci beaucoup Gof, ce que tu dis est plein de sens. J'ai fait un test avec F5 et ça fonctionne parfaitement. Ça faisait un long moment que je cherchais à accéder au mode sans échec. J'ai essayé avec plusieurs touches F et curieusement je n'avais jamais essayé avec F5. Merci beaucoup. -
Démarrer en mode sans échec??? [Résolu]
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Software
Non, je ne suis pas dans le BIOS. C'est un écran autre qui me donne la liste des lecteurs sur lesquels je désire démarrer mais ce n'est pas le BIOS. C'est vraiment bizarre. Quand je vais dans le BIOS je fait Suppr. Je vais essayer de tapoter d'autres touches mais il y a aussi dans MSCONFIG. Merci pour l'information. Je ne savais pas qu'il y avait une case à cocher dans MSCONFIG. Question? Quand je coche Safeboot, une fois rendu dans Win XP en mode sans échec, je suppose que pour redémarrer en mode normal, je dois auparavant décocher Safeboot? Merci. -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Deux commentaires... 1- Selon le rapport de Kaspersky, il y aurait des Trojans dans Q\RECYCLER et quand je vais dans Q, je ne vois aucun dossier RECYCLER. En fait, le Q est complètement vide!!! En ce qui concerne le G, qui est mes documents, je ne vois pas non plus de dossier RECYCLER. 2- Comment se fait-il que mon nouveau antivirus Norton Internet Security 2009 n'a pas détecté ces menaces. J'ai pourtant fait un scan complet avec Norton pas plus tard que ce matin (hier, pour la France) et ces menaces additionnelles ne m'ont pas été rapportées (grrrr...)??? -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Contenu de ce post effacé car était en double. -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Voici le rapport Kaspersky... Pourquoi on peut pas faire l'éradication à partir du site de Kaspersky? -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Sunday, February 22, 2009 Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Sunday, February 22, 2009 22:34:20 Records in database: 1831754 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: A:\ C:\ E:\ F:\ G:\ H:\ I:\ K:\ L:\ M:\ N:\ O:\ P:\ Q:\ R:\ S:\ Scan statistics: Files scanned: 108352 Threat name: 9 Infected objects: 19 Suspicious objects: 0 Duration of the scan: 02:20:00 File name / Threat name / Threats count F:\Dossiers d'Andréanne\Jeux\InternetGameBox\uninst.exe Infected: not-a-virus:AdWare.Win32.NaviPromo.ao 1 G:\Ma musique\Incomplete\T-5088466-mercy.snd Infected: Trojan-Downloader.WMA.GetCodec.s 1 G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dg23.mp3 Infected: Trojan-Downloader.WMA.GetCodec.u 1 G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1005\Dg21.mp3 Infected: Trojan-Downloader.WMA.GetCodec.v 1 G:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1005\Dg22.mp3 Infected: Trojan-Downloader.WMA.GetCodec.n 1 H:\Bibliothèque de logiciels divers\Download Accelerator (XP).exe Infected: not-a-virus:AdWare.Win32.Dap.g 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\I386\SYSTEM32\WM_HOOKS.DLL Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\programs\PassPro\PasswordsPro.exe Infected: not-a-virus:PSWTool.Win32.PasswordsPro.k 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\programs\ultravnc\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\programs\ultravnc\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\programs\vncserver\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\BartPE\programs\vncserver\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\ultravnc\files\vnchooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\ultravnc\files\winvnc.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.c 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\VNCServer\vncconfig.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\VNCServer\vncviewer.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\VNCServer\winvnc4.exe Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Network\VNCServer\wm_hooks.dll Infected: not-a-virus:RemoteAdmin.Win32.WinVNC.4 1 Q:\RECYCLER\S-1-5-21-1614895754-1500820517-725345543-1004\Dq2\plugin\Password\passwordspro\files\PasswordsPro.exe Infected: not-a-virus:PSWTool.Win32.PasswordsPro.k 1 The selected area was scanned. -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Est-ce que je peux utiliser Firefox au lieu de IE? -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Analyse avec Virus Total... Fichier fdbddfe4_z.dll reçu le 2009.02.22 23:37:03 (CET) Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.93 2009.02.22 - AhnLab-V3 2009.2.21.0 2009.02.22 - AntiVir 7.9.0.87 2009.02.22 - Authentium 5.1.0.4 2009.02.22 - Avast 4.8.1335.0 2009.02.22 - AVG 8.0.0.237 2009.02.22 - BitDefender 7.2 2009.02.22 - CAT-QuickHeal 10.00 2009.02.22 - ClamAV 0.94.1 2009.02.22 - Comodo 983 2009.02.20 - DrWeb 4.44.0.09170 2009.02.22 - eSafe 7.0.17.0 2009.02.19 - eTrust-Vet 31.6.6368 2009.02.20 - F-Prot 4.4.4.56 2009.02.22 - F-Secure 8.0.14470.0 2009.02.22 - Fortinet 3.117.0.0 2009.02.22 - GData 19 2009.02.22 - Ikarus T3.1.1.45.0 2009.02.22 - K7AntiVirus 7.10.639 2009.02.21 - Kaspersky 7.0.0.125 2009.02.22 - McAfee 5533 2009.02.22 - McAfee+Artemis 5533 2009.02.22 - Microsoft 1.4306 2009.02.22 - NOD32 3878 2009.02.22 - Norman 6.00.06 2009.02.20 - nProtect 2009.1.8.0 2009.02.22 - Panda 10.0.0.10 2009.02.22 - PCTools 4.4.2.0 2009.02.22 - Prevx1 V2 2009.02.22 - Rising 21.17.62.00 2009.02.22 - SecureWeb-Gateway 6.7.6 2009.02.22 - Sophos 4.39.0 2009.02.22 - Sunbelt 3.2.1855.2 2009.02.17 - Symantec 10 2009.02.22 - TheHacker 6.3.2.4.263 2009.02.21 - TrendMicro 8.700.0.1004 2009.02.20 - VBA32 3.12.10.0 2009.02.22 - ViRobot 2009.2.20.1617 2009.02.20 - VirusBuster 4.5.11.0 2009.02.22 - Information additionnelle File size: 23 bytes MD5...: 3a725179ad529fe8c0a74d0d133dca1e SHA1..: 962924124ff44300296bc5f29f6c1949299dedeb SHA256: d55bbec1cdb2a137489cb19194908675a4112c470217c2943f52d026435db306 SHA512: a366abc707aa41d149595d2f44cf0be7cf3c3302c886066f256f4e0348ec476d<br>d70d55a71f0e81207393f16c56530f9e5bf88bfea8d7fccd89b82e11e42abc15 ssdeep: 3:gbTiR8Y4qX:gyR8YnX<br> PEiD..: - TrID..: File type identification<br>Unknown! PEInfo: - Antivirus Version Dernière mise à jour Résultat a-squared 4.0.0.93 2009.02.22 - AhnLab-V3 2009.2.21.0 2009.02.22 - AntiVir 7.9.0.87 2009.02.22 - Authentium 5.1.0.4 2009.02.22 - Avast 4.8.1335.0 2009.02.22 - AVG 8.0.0.237 2009.02.22 - BitDefender 7.2 2009.02.22 - CAT-QuickHeal 10.00 2009.02.22 - ClamAV 0.94.1 2009.02.22 - Comodo 983 2009.02.20 - DrWeb 4.44.0.09170 2009.02.22 - eSafe 7.0.17.0 2009.02.19 - eTrust-Vet 31.6.6368 2009.02.20 - F-Prot 4.4.4.56 2009.02.22 - F-Secure 8.0.14470.0 2009.02.22 - Fortinet 3.117.0.0 2009.02.22 - GData 19 2009.02.22 - Ikarus T3.1.1.45.0 2009.02.22 - K7AntiVirus 7.10.639 2009.02.21 - Kaspersky 7.0.0.125 2009.02.22 - McAfee 5533 2009.02.22 - McAfee+Artemis 5533 2009.02.22 - Microsoft 1.4306 2009.02.22 - NOD32 3878 2009.02.22 - Norman 6.00.06 2009.02.20 - nProtect 2009.1.8.0 2009.02.22 - Panda 10.0.0.10 2009.02.22 - PCTools 4.4.2.0 2009.02.22 - Prevx1 V2 2009.02.22 - Rising 21.17.62.00 2009.02.22 - SecureWeb-Gateway 6.7.6 2009.02.22 - Sophos 4.39.0 2009.02.22 - Sunbelt 3.2.1855.2 2009.02.17 - Symantec 10 2009.02.22 - TheHacker 6.3.2.4.263 2009.02.21 - TrendMicro 8.700.0.1004 2009.02.20 - VBA32 3.12.10.0 2009.02.22 - ViRobot 2009.2.20.1617 2009.02.20 - VirusBuster 4.5.11.0 2009.02.22 - Information additionnelle File size: 23 bytes MD5...: 3a725179ad529fe8c0a74d0d133dca1e SHA1..: 962924124ff44300296bc5f29f6c1949299dedeb SHA256: d55bbec1cdb2a137489cb19194908675a4112c470217c2943f52d026435db306 SHA512: a366abc707aa41d149595d2f44cf0be7cf3c3302c886066f256f4e0348ec476d<br>d70d55a71f0e81207393f16c56530f9e5bf88bfea8d7fccd89b82e11e42abc15 ssdeep: 3:gbTiR8Y4qX:gyR8YnX<br> PEiD..: - TrID..: File type identification<br>Unknown! PEInfo: - -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Non, j'ai pas de fichier fdbddfe4_z.dll dans System32 et j'avais les fichiers et dossiers non cachés. OK je l'ai trouvé. J'avais pas décoché deux cases dans options de dossier. Je reviens... -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Voici les deux rapports demandés... info.txt logfile of random's system information tool 1.05 2009-02-22 17:03:29 ======Uninstall list====== -->MsiExec.exe /I{5B782FFA-6A95-480D-8E0A-0954A14693D6} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf 3Com NIC Diagnostics-->un3cdiag.exe /remove Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Photoshop Elements 3.0-->MsiExec.exe /I{851C67EF-068A-4060-9EF5-2E3DDCD68382} Adobe Reader 9 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A90000000001} Antidote RX v5-->MsiExec.exe /X{A474EA56-5DBD-4181-8230-806A4762EA7F} Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2261C4B-4D9B-4149-8472-31B7A2FEAB91}\setup.exe" -l0x40c Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986} ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe" ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959} Canon PhotoRecord-->MsiExec.exe /X{D958FAC4-BAE0-4B1D-A42E-DE9BFDE7DDEE} Canon PIXMA iP5000-->C:\WINDOWS\system32\CNMCP6d.exe "-PRINTERNAMECanon PIXMA iP5000" "-HELPERDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP5000 Installer\Inst2\cnmis.dll" "-RCDLLC:\BJPrinter\CNMWINDOWS\Canon PIXMA iP5000 Installer\Inst2\cnmi040c.dll" Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe C:\Program Files\Canon\Easy-PhotoPrint\uninst.ini Canon Utilities Easy-PrintToolBox-->C:\WINDOWS\BJPSUNST.EXE CanoScan Toolbox 4.8-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{444B6A7B-0E26-4416-A43F-D1C9AAE6075D}\setup.exe" -l0x40c anything CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins000.exe" CDDRV_Installer-->MsiExec.exe /I{0C826C5B-B131-423A-A229-C71B3CACCD6A} Cloneur Expert-->C:\Program Files\Micro Application\Cloneur Expert\uninstall.exe Collection Microsoft Encarta 2005-->MsiExec.exe /I{054600C0-64A6-4248-A026-9745C1E9E159} Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Easy-WebPrint-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu" Galerie de photos Windows Live-->MsiExec.exe /X{A70FA218-6598-4AC9-813D-63597C5DD068} Générateur de Mot de Passe version 2.0-->"C:\Program Files\GenerateurMotPasse20\unins000.exe" GIMP 2.4.7-->"C:\Program Files\GIMP-2.0\setup\unins000.exe" HijackThis 2.0.2-->"H:\Bibliothèque de logiciels divers\Zone de téléchargement\HijackThis.exe" /uninstall IBackup Drive v9.7.0-->"C:\IBackup Drive\unins000.exe" iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371} Java 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF} jv16 PowerTools 2008-->"C:\Program Files\jv16 PowerTools 2008\unins000.exe" KhalInstallWrapper-->MsiExec.exe /I{3101CB58-3482-4D21-AF1A-7057FC935355} L&H TTS3000 Français-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\LHTTSFRF.inf, Uninstall Le Visuel 3-->C:\WINDOWS\unvise32.exe e:\le visuel\uninstal.log LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe" Logiciel QuickCam de Logitech-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EF1B5DF7-8DF5-4D38-BFF0-FDC7B7847C00}\setup.exe" -l0x40c Logitech Desktop Messenger-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\SETUP.EXE" -l0x40c UNINSTALL Logitech SetPoint-->C:\Program Files\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x040c -removeonly Manual CanoScan 8400F-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50CD421F-CAFD-46C4-BEFD-E1C46FE63062}\setup.exe" -l0x40c Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe" Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe" Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe" Microsoft Office Professional Edition 2003-->MsiExec.exe /I{9011040C-6000-11D3-8CFE-0150048383C9} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Mozilla Firefox (3.0.6)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} Norton Internet Security-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\2454B0AB\16.2.0.7\InstStub.exe /X OmniPage SE 2.0-->MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7} PE Builder 3.1.10a-->"Q:\pebuilder3110a\unins000.exe" PerfectDisk-->MsiExec.exe /I{212F5777-1190-4DEF-8E4D-6B2F313B45E7} Programme de gestion Camera de Logitech-->"C:\Program Files\Fichiers communs\Logitech\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT -l040c Q-Type-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35A74F6B-D75C-4BEA-82F2-E9DADB85D1FF}\Setup.exe" -l0x040c WayTech Quicken 2006-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{00798ADE-95E9-462D-838C-ECACA2B5E9B1}\setup.exe" -l0xc0c anything -removeonly Quicksys RegDefrag 2.1-->"C:\Program Files\Quicksys\RegDefrag\unins000.exe" QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update pour Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} Shockwave-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log SoundMAX-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" SyncBackSE-->"C:\Program Files\2BrightSparks\SyncBackSE\unins000.exe" Totally Free Burner-->"C:\Program Files\Totally Free Burner\unins000.exe" VIA VT6410 RAID Driver(Remove)-->RunDll32 SetupVIA.dll,VIA_Uninstall VIA_{BB7D68E9-93AE-4118-85FF-6DAF1FD1731D} Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe" Windows Live installer-->MsiExec.exe /X{FD44E544-E7D0-4DBA-9FA0-8AE1A1300390} Windows Live Mail-->MsiExec.exe /I{C514C594-23AA-4F13-A070-DB8BDB27594F} Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65} Windows Live Writer-->MsiExec.exe /X{3DFF4274-EBB0-4356-9692-972965018954} Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Security center information====== AV: Norton Internet Security FW: Norton Internet Security System event log Computer Name: FRAN-6AP4TNUX6B Event Code: 7036 Message: Le service Services Terminal Server est entré dans l'état : en cours d'exécution. Record Number: 3269 Source Name: Service Control Manager Time Written: 20090109100352.000000-300 Event Type: information User: Computer Name: FRAN-6AP4TNUX6B Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Logitech LVPrcMon Driver. Record Number: 3268 Source Name: Service Control Manager Time Written: 20090109100352.000000-300 Event Type: information User: AUTORITE NT\SYSTEM Computer Name: FRAN-6AP4TNUX6B Event Code: 4201 Message: Le système a détecté que la carte réseau 3Com...- Miniport d'ordonnancement de paquets était connectée au réseau, et a lancé une opération normale sur la carte réseau. Record Number: 3267 Source Name: Tcpip Time Written: 20090109100322.000000-300 Event Type: information User: Computer Name: FRAN-6AP4TNUX6B Event Code: 105 Message: The service was started. Record Number: 3266 Source Name: Ati HotKey Poller Time Written: 20090109100318.000000-300 Event Type: information User: Computer Name: FRAN-6AP4TNUX6B Event Code: 6005 Message: Le service d'Enregistrement d'événement a démarré. Record Number: 3265 Source Name: EventLog Time Written: 20090109100303.000000-300 Event Type: information User: Application event log Computer Name: FRAN-6AP4TNUX6B Event Code: 11728 Message: Produit : Microsoft Office Professional Edition 2003 -- La configuration s'est terminée correctement. Record Number: 996 Source Name: MsiInstaller Time Written: 20081222192933.000000-300 Event Type: information User: FRAN-6AP4TNUX6B\François Computer Name: FRAN-6AP4TNUX6B Event Code: 1022 Message: Produit : Microsoft Office Professional Edition 2003 - La mise à jour 'Security Update for Office 2003 (KB951535): MSXML5' a été installée. Record Number: 995 Source Name: MsiInstaller Time Written: 20081222192933.000000-300 Event Type: information User: FRAN-6AP4TNUX6B\François Computer Name: FRAN-6AP4TNUX6B Event Code: 11728 Message: Produit : Microsoft Office Professional Edition 2003 -- La configuration s'est terminée correctement. Record Number: 994 Source Name: MsiInstaller Time Written: 20081222192904.000000-300 Event Type: information User: FRAN-6AP4TNUX6B\François Computer Name: FRAN-6AP4TNUX6B Event Code: 1022 Message: Produit : Microsoft Office Professional Edition 2003 - La mise à jour 'Security Update for Office 2003 (KB945185): VBE6' a été installée. Record Number: 993 Source Name: MsiInstaller Time Written: 20081222192904.000000-300 Event Type: information User: FRAN-6AP4TNUX6B\François Computer Name: FRAN-6AP4TNUX6B Event Code: 11728 Message: Produit : Microsoft Office Professional Edition 2003 -- La configuration s'est terminée correctement. Record Number: 992 Source Name: MsiInstaller Time Written: 20081222192843.000000-300 Event Type: information User: FRAN-6AP4TNUX6B\François ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0209 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "FP_NO_HOST_CHECK"=NO "CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip "QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip -----------------EOF----------------- Logfile of random's system information tool 1.05 (written by random/random) Run by François at 2009-02-22 17:03:09 Microsoft Windows XP Édition familiale Service Pack 3 System drive C: has 16 GB (62%) free of 25 GB Total RAM: 1023 MB (27% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:41:52, on 2009-02-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Q-Type\Versato.exe C:\Program Files\Q-Type\OSD.EXE C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe H:\Bibliothèque de logiciels divers\Zone de téléchargement\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.my.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Activer le Pilote Q-Type.lnk = C:\Program Files\Q-Type\Versato.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bw+0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 22099 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\SyncBackSE Sauvegarde de documents financiers.job C:\WINDOWS\tasks\SyncBackSE Sauvegarde de Mes favoris.job C:\WINDOWS\tasks\SyncBackSE Sauvegarde de Passweerd.job C:\WINDOWS\tasks\SyncBackSE Sauvegarde du Catalogue de François.job C:\WINDOWS\tasks\SyncBackSE Sauvergarde des données Outlook (courriels, notes, contacts etc-).job C:\WINDOWS\tasks\SyncBackSE Sauvergarde des photos pour fonds d'écran.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll [2008-12-05 344944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL [2008-12-20 107896] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-27 320920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-27 34816] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-27 73728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2004-04-16 405504] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll [2008-12-05 344944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe [2003-04-04 774144] "SoundMAX"=C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2003-04-23 581632] "Cloneur Expert Monitor"=C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe [2008-12-20 443116] "Acronis Scheduler2 Service"=C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe [2008-12-20 90112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2003-02-28 315392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE [2004-01-13 409600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2008-09-08 36864] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe [2005-09-07 434176] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe [2004-11-01 262144] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe [2005-09-07 73728] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE [2005-09-01 221184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe [2007-10-18 5724184] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2] C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBAutoUpdate] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-27 136600] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TCASUTIEXE] TCAUDIAG.exe -off [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk] C:\PROGRA~1\Logitech\DESKTO~1\8876480\Program\LDMConf.exe [2008-09-08 196608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech SetPoint.lnk] C:\PROGRA~1\Logitech\SetPoint\SetPoint.exe [2008-05-02 805392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Mises à jour planifiées de Quicken.lnk] C:\PROGRA~1\Quicken\bagent.exe [2008-10-07 57344] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage Activer le Pilote Q-Type.lnk - C:\Program Files\Q-Type\Versato.exe Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{54697F09-BAF4-422E-8E7A-A563B020B1A5}"=C:\IBackup Drive\IBShellView.dll [2008-01-29 536576] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" ======List of files/folders created in the last 1 months====== 2009-02-22 17:03:09 ----D---- C:\rsit 2009-02-22 12:30:45 ----A---- C:\WINDOWS\ntbtlog.txt 2009-02-22 01:58:03 ----D---- C:\Documents and Settings\François\Application Data\LimeWire 2009-02-21 15:01:35 ----D---- C:\Program Files\Fichiers communs\Raxco 2009-02-18 20:44:45 ----D---- C:\Documents and Settings\François\Application Data\ArcSoft 2009-02-17 19:46:44 ----A---- C:\WINDOWS\CSTBox.INI 2009-02-16 21:23:56 ----D---- C:\Documents and Settings\François\Application Data\Canon 2009-02-14 11:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft 2009-02-11 20:35:37 ----HDC---- C:\WINDOWS\$NtUninstallKB960715$ 2009-02-09 09:13:54 ----A---- C:\WINDOWS\system32\lfpng13n.dll 2009-02-09 09:13:32 ----A---- C:\WINDOWS\system32\lfgif13n.dll 2009-02-09 09:13:31 ----A---- C:\WINDOWS\system32\ltefx13n.dll 2009-02-09 09:13:31 ----A---- C:\WINDOWS\system32\lfcmp13n.dll 2009-02-09 09:13:30 ----A---- C:\WINDOWS\system32\ltkrn13n.dll 2009-02-09 09:13:30 ----A---- C:\WINDOWS\system32\ltimg13n.dll 2009-02-09 09:13:30 ----A---- C:\WINDOWS\system32\ltfil13n.dll 2009-02-09 09:13:30 ----A---- C:\WINDOWS\system32\ltdis13n.dll 2009-02-09 09:13:30 ----A---- C:\WINDOWS\system32\lfbmp13n.dll 2009-02-07 17:12:01 ----ASH---- C:\WINDOWS\system32\fdbddfe4_z.dll 2009-02-07 17:11:51 ----D---- C:\Program Files\jv16 PowerTools 2008 ======List of files/folders modified in the last 1 months====== 2009-02-22 17:03:12 ----D---- C:\WINDOWS\Temp 2009-02-22 16:45:24 ----A---- C:\WINDOWS\win.ini 2009-02-22 15:02:38 ----SHD---- C:\System Volume Information 2009-02-22 15:02:38 ----D---- C:\WINDOWS\system32\Restore 2009-02-22 14:57:39 ----D---- C:\Program Files\Mozilla Firefox 2009-02-22 14:48:29 ----D---- C:\WINDOWS\Prefetch 2009-02-22 12:30:45 ----D---- C:\WINDOWS 2009-02-22 12:28:42 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-02-22 02:35:22 ----D---- C:\WINDOWS\system32\CatRoot2 2009-02-21 23:50:14 ----D---- C:\WINDOWS\repair 2009-02-21 17:59:56 ----D---- C:\WINDOWS\Registration 2009-02-21 17:24:49 ----RASH---- C:\boot.ini 2009-02-21 17:24:49 ----A---- C:\WINDOWS\system.ini 2009-02-21 17:07:54 ----D---- C:\WINDOWS\pss 2009-02-21 15:06:04 ----D---- C:\WINDOWS\system32 2009-02-21 15:02:58 ----SHD---- C:\WINDOWS\Installer 2009-02-21 15:02:51 ----SHD---- C:\Config.Msi 2009-02-21 15:02:44 ----D---- C:\WINDOWS\system32\drivers 2009-02-21 15:01:35 ----D---- C:\Program Files\RAXCO 2009-02-21 15:01:35 ----D---- C:\Program Files\Fichiers communs 2009-02-18 21:35:39 ----SD---- C:\Documents and Settings\François\Application Data\Microsoft 2009-02-18 17:01:58 ----A---- C:\WINDOWS\Antidote.ini 2009-02-17 19:08:11 ----D---- C:\WINDOWS\system32\wbem 2009-02-17 19:08:11 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-02-17 19:07:47 ----A---- C:\WINDOWS\ODBC.INI 2009-02-16 21:16:18 ----HD---- C:\Program Files\InstallShield Installation Information 2009-02-16 21:15:49 ----D---- C:\Program Files\Canon 2009-02-15 16:55:03 ----HD---- C:\BJPrinter 2009-02-14 11:35:41 ----D---- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir 2009-02-14 11:34:12 ----D---- C:\WINDOWS\Media 2009-02-14 11:34:10 ----D---- C:\WINDOWS\twain_32 2009-02-14 11:34:08 ----HD---- C:\WINDOWS\inf 2009-02-13 19:04:43 ----A---- C:\WINDOWS\Quicken.ini 2009-02-13 19:04:21 ----D---- C:\Program Files\Quicken 2009-02-11 20:35:36 ----HD---- C:\WINDOWS\$hf_mig$ 2009-02-11 20:35:34 ----A---- C:\WINDOWS\imsins.BAK 2009-02-11 20:35:23 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-02-11 20:35:20 ----D---- C:\Program Files\Internet Explorer 2009-02-09 09:13:29 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-02-07 17:16:21 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-02-07 17:11:51 ----RD---- C:\Program Files 2009-02-07 17:09:38 ----D---- C:\Program Files\jv16 PowerTools 2005 2009-02-03 18:21:12 ----A---- C:\WINDOWS\system32\MRT.exe ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 BHDrvx86;Symantec Heuristics Driver; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\BHDrvx86.sys [] R1 ccHP;Symantec Hash Provider; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\ccHPx86.sys [] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\eeCtrl.sys [] R1 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\ipsdefs\20090217.002\IDSxpx86.sys [] R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 40576] R1 kbdhid;Pilote HID de clavier; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14720] R1 kbfilter;Keyboard Filter Driver; C:\WINDOWS\system32\drivers\kbfilter.sys [2004-07-28 12544] R1 SRTSPX;Symantec Real Time Storage Protection (PEL); \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SRTSPX.SYS [] R1 SYMTDI;SYMTDI; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMTDI.SYS [] R2 IBFs;IBackup File System Driver; \??\C:\IBackup Drive\IBfs.sys [] R2 tcaicchg;tcaicchg; \??\C:\WINDOWS\system32\tcaicchg.sys [] R2 TCAITDI;TCAITDI Protocol; C:\WINDOWS\system32\DRIVERS\TCAITDI.sys [2001-09-04 19534] R2 tifsfilter;Acronis TrueImage FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2008-12-20 28928] R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2003-02-25 100032] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2003-02-28 576512] R3 EL2000;3Com 3C2000x EtherLink XL Adapter; C:\WINDOWS\system32\DRIVERS\EL2K_XP.sys [2003-04-17 147328] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Fichiers communs\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [] R3 FilterService;UVC Filter Service; C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys [2005-09-01 14080] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464] R3 hidusb;Pilote de classe HID Microsoft; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344] R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880] R3 Lvckap;Logitech Kernel Audio Processing Filter Driver; \??\C:\WINDOWS\system32\drivers\Lvckap.sys [] R3 lvmvdrv;Logitech Machine Vision Engine Loader; \??\C:\WINDOWS\system32\drivers\lvmvdrv.sys [] R3 LVPrcMon;Logitech LVPrcMon Driver; \??\C:\WINDOWS\system32\drivers\LVPrcMon.sys [] R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\drivers\lvusbsta.sys [2005-09-01 22528] R3 LVUVC;Logitech QuickCam Pro 5000(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc.sys [2005-09-01 1081856] R3 mouhid;Pilote HID de souris; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12288] R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090222.003\NAVENG.SYS [] R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090222.003\NAVEX15.SYS [] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-04-24 555648] R3 SRTSP;Symantec Real Time Storage Protection; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SRTSP.SYS [] R3 SYMDNS;SYMDNS; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMDNS.SYS [] R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [] R3 SYMFW;SYMFW; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMFW.SYS [] R3 SYMIDS;SYMIDS; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMIDS.SYS [] R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272] R3 SYMNDIS;SYMNDIS; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMNDIS.SYS [] R3 SYMREDRV;SYMREDRV; \??\C:\WINDOWS\system32\drivers\NIS\1002000.007\SYMREDRV.SYS [] R3 usbaudio;Pilote USB audio (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbehci;Pilote miniport de contrôleur hôte amélioré USB 2.0 Microsoft; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 UsbFltr;WayTech USB Filter Driver; C:\WINDOWS\System32\Drivers\UsbFltr.sys [2004-07-28 9984] R3 usbhub;Concentrateur USB2; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000] S3 CCDECODE;Décodeur sous-titre fermé; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 IBNP;IBackup Network Provider; C:\WINDOWS\system32\drivers\IBNP.sys [] S3 LHidKe;SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-09-05 27136] S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2006-09-05 71936] S3 MidiSyn;MidiSyn; C:\WINDOWS\system32\drivers\MidiSyn.sys [2002-09-19 235100] S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;Codec NABTS/FEC VBI; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Connection TV/vidéo Microsoft; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 SLIP;Détrameur décalage BDA; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-12-05 36272] S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-11-07 32000] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 WSTCODEC;Codec Teletext standard; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe [2008-12-20 155648] R2 AdobeActiveFileMonitor;Adobe Active File Monitor; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-12 98304] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424] R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2003-02-28 184405] R2 Bonjour Service;Service Bonjour; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-27 152984] R2 LVPrcSrv;Logitech Process Monitor; c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [2005-09-01 81920] R2 MDM;Machine Debug Manager; C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120] R2 NMSAccessU;NMSAccessU; C:\Program Files\CDBurnerXP\NMSAccessU.exe [2008-06-15 71096] R2 Norton Internet Security;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe [2008-12-05 115560] R2 PDAgent;PDAgent; C:\Program Files\Raxco\PerfectDisk\PDAgent.exe [2007-11-06 414984] R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect; C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-12 118784] R2 SoundMAX Agent Service (default);SoundMAX Agent Service; C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe [2002-09-20 45056] R3 PDEngine;PDEngine; C:\Program Files\Raxco\PerfectDisk\PDEngine.exe [2007-11-06 734472] R3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328] S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2003-02-28 110677] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632] S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360] S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240] -----------------EOF----------------- -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Voici mon rapport HijackThis... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 16:41:52, on 2009-02-22 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\CDBurnerXP\NMSAccessU.exe C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Q-Type\Versato.exe C:\Program Files\Q-Type\OSD.EXE C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Messenger\usnsvc.exe H:\Bibliothèque de logiciels divers\Zone de téléchargement\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sympatico.my.msn.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [Cloneur Expert Monitor] "C:\Program Files\Micro Application\Cloneur Expert\TrueImageMonitor.exe" O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Fichiers communs\Acronis\Schedule2\schedhlp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Activer le Pilote Q-Type.lnk = C:\Program Files\Q-Type\Versato.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD5/JSCDL/jre...ows-i586-jc.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bw+0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {383DA36C-9BD1-4A5D-BF43-A9DD6AF71621} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\coIEPlg.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Fichiers communs\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.2.0.7\ccSvcHst.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- End of file - 22099 bytes -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
OK Falkra. Je vais poster un HijackThis très bientôt pour savoir si mon ordinateur est sécurisé. Je vais faire ça ce soir mais pour toi ça ira pour demain matin car il y a le décalage horaire. J'habite à Montréal. Bye. -
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Malgré la manipulation décrite ci-haut, je croyais que le virus avait été éradiqué. Mais non, il était toujours là. J'ai dû effacer manuellement des fichiers MP3 que j'avais téléchargés avec LimeWire et là, Norton a pû éradiquer le virus. J'aimerais qu'on m'explique quelque chose. Pourquoi il fallait que j'efface moi-même les fichiers avant que Norton puisse détruire le virus? Pourquoi Norton ne peut pas faire le travail lui-même au complet? Merci. -
Je veux savoir comment je fais pour démarrer en mode sans échec? Quand je redémarre mon ordinateur et que je fais F8, tout ce que je vois c'est un écran qui apparait avec la liste de mes lecteurs et on me demande de faire un choix sur quel lecteur je veux démarrer. Merci.
-
Infection par Trojan.Brisv.A!inf
Cirrius02 a répondu à un(e) sujet de Cirrius02 dans Analyses et éradication malwares
Le problème est résolu. J'ai téléchargé sur le site de Symantec un logiciel d'éradication spécifique pour ce Trojan que j'ai exécuté en mode sans échec. J'ai refait un scan de mon ordinateur avec mon antivirus et tout est OK. Suite à ceci, j'ai le rapport d'éradication avec le logiciel d'éradication de Norton: ========== Detected Files ========== G:\LimeWire\Incomplete\T-3545426-bank of newfoundland great big.mp3 detected as Trojan.Brisv.A!inf G:\LimeWire\Incomplete\T-3545427-bank of newfoundland great big.mp3 detected as Trojan.Brisv.A!inf ========== Repaired Files ========== G:\LimeWire\Incomplete\T-3545426-bank of newfoundland great big.mp3 G:\LimeWire\Incomplete\T-3545427-bank of newfoundland great big.mp3 ========== Registry Entries Set ========== HKCU\Software\Microsoft\MediaPlayer\Preferences\"URLAndExitCommandsEnabled" = 0x1 -
En consultant l'historique des interventions de mon antivirus Norton Internet Security, je me rends compte qu'il y eu une infection non résolue le 7 février 2009. Mon antivirus donne comme indication de faire une suppression manuelle. Que dois-je faire??? Merci. Ma configuration: Windows XP SP3 Mozilla Firefox 3.0 Motherboard Asus P4P800 Deluxe Chipset Intel 865PE Processeur Intel Pentium 2.4 gigahertz 800 FSB HT Mémoire vive: 1 gig DDR 400 Carte vidéo: PowerColor Radeon 9600 pro 128 meg Boitier Antec SLK1600 Disque Dur Western Digital 40 gig + Western Digital SATA 160 gig Lecteur CD/DVD-Rom Sony Graveur CD Yamaha Graveur Plextor PX-810UF
-
Hello, J'ai monté un cd de récupération avec PEBuilder et j'y ai mis Drive Image XML, notamment. J'ai redémarré sur ce cd pour voir si tout fonctionnait et c'était OK. On voyait le logo Bart PE et DiX était fonctionnel. Ensuite j'ai décidé d'effacer le dossier à la racine de C, le dossier pebuilder3110a. Plus tard dans la soirée j'ai refait le même test, mais là au démarrage du cd une erreur est apparue. Il manquait un fichier, et le démarrage a échoué. Ma question: est-ce qu'on doit conserver ce dossier pour le bon fonctionnement du cd? Merci.
-
Bonsoir, Au début janvier, j'ai installé sur mon ordinateur Mozilla Firefox qui soit dit en passant est très très stable, contrairement à IE7. Ma question est la suivant: pourquoi que depuis avoir installé Firefox, il n'y a plus eu aucune mises à jour automatique qui s'est effectuée sur mon ordinateur? Est-ce qu'il y a une relation? Merci.