Aller au contenu

artourner

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    35

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par artourner

  1. artourner
    jarive pas a avoir toolscleaner2. sa me met un ecran noir. pourtant j'ai cliquer dessus et sa me met page url introuvable donc j'ai fait un clik droit dessus puis enregistrer sous la j'ai eu l'aplication mais qd je clik dessus sa me met un ecran noir ms dos 16 bit........ donc que faire
  2. artourner
    * Home| * What is TotalScan?| * We love feedback!| * FAQ Full scan: Searching for all malicious software Scanning Searching 2,271,666 viruses, spyware, Trojans and other threats. It also uses heuristic technologies to detect unknown viruses. 100% Item in progress: Items scanned: 518755 Items with viruses, spyware, Trojans... detected: 26 Suspicious files detected: 0 * Results PC infected * 13 examples of less dangerous malicious software. * We detected that Bitdefender Antivirus is enabled and up-to-date. El texto que corresponda en cada momento After completely scanning your PC, we have not detected any ACTIVE or LATENT malicious software. Become a TotalScan Pro member Includes disinfection! < Back to home Scan details High danger level (0) Medium danger level (3) Adware/VideoAc... Adware Latent Hide + Info C:\System Volume Informat...9C528}\RP210\A0034629.exe Trj/Agent.GQT Virus Latent Hide + Info C:\System Volume Informat...9C528}\RP211\A0036695.exe C:\qoobox\Quarantine\C\WI...\main_uninstaller.exe.vir Trj/Rebooter.J Virus Latent Hide + Info C:\Documents and Settings...u\SmitfraudFix\Reboot.exe C:\System Volume Informat...9C528}\RP211\A0036931.exe Low danger level (10) Cookie/Bluestr... Tracking Cookie Latent Hide + Info C:\Program Files\Wanadoo\...ies.txt[.bluestreak.com/] Cookie/Doublec... Tracking Cookie Latent Hide + Info C:\Program Files\Wanadoo\...es.txt[.doubleclick.net/] Application/Su... Tracking Application Latent Hide + Info C:\Documents and Settings...\SmitfraudFix\restart.exe C:\System Volume Informat...9C528}\RP211\A0036932.exe Application/Ni... Tracking Application Latent Hide + Info C:\System Volume Informat...\A0036723.exe[nircmd.exe] C:\Documents and Settings...\ComboFix.exe[nircmd.exe] C:\System Volume Informat...9C528}\RP211\A0036712.exe C:\WINDOWS\NirCmd.exe C:\System Volume Informat...9C528}\RP211\A0037036.exe HackTool/EvID Hack Tool Latent Hide + Info C:\Documents and Settings...rd.exe[EvID4226Patch.exe] Cookie/Tradedo... Tracking Cookie Latent Hide + Info C:\Program Files\Wanadoo\...s.txt[.tradedoubler.com/] Cookie/Adtech Tracking Cookie Latent Hide + Info C:\Program Files\Wanadoo\...\cookies.txt[.adtech.de/] Adware/SweetBa... Adware Latent Hide + Info C:\Program Files\Macrogam...eetIMBarForIE\toolbar.dll Cookie/Xiti Tracking Cookie Latent Hide + Info C:\Program Files\Wanadoo\...x\cookies.txt[.xiti.com/] Application/Pr... Tracking Application Latent Hide + Info C:\Documents and Settings...\SmitfraudFix\Process.exe C:\System Volume Informat...9C528}\RP211\A0036891.exe C:\Documents and Settings...e[sDFix\apps\Process.exe] C:\System Volume Informat...9C528}\RP211\A0036930.exe C:\Documents and Settings...au\SDFix\apps\Process.exe C:\WINDOWS\system32\Process.exe * << * 1 * 2 * 3 * 4 * 5 * >> Suspicious files (3) * << * 1 * 2 * 3 * 4 * 5 * >> Recommendations * Disinfect * Send suspicious files to laboratory * Install permanent protection * Enable your permanent protection * Update your permanent protection How can I do this? You should periodically carry out a FULL scan of your PC with TotalScan. That way you will reduce the chances of infection.
  3. artourner
    je n'ai pa trouver le programme alcohol toolbar. et je n'ai ossi pas trouver le fichier C:\WINDOWS\msduo2.dll. voici le rapport ComboFix 07-09-21.2 - "vincent" 2007-09-28 17:01:36.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.557 [GMT 2:00] . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\dat.txt C:\WINDOWS\rs.txt C:\WINDOWS\search_res.txt . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-28 to 2007-09-28 )))))))))))))))))))))))))))))))))))) . 2007-09-27 21:58 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-27 21:58 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-27 21:58 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-27 21:58 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-27 16:49 <REP> d-------- C:\WINDOWS\ERUNT 2007-09-26 23:26 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-26 22:01 <REP> d-------- C:\Program Files\Trend Micro 2007-09-25 23:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-25 22:43 2,614 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Bitdefender 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender 2007-09-25 21:38 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender 2007-09-25 17:12 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-09-25 17:11 <REP> d-------- C:\Program Files\BitDefender 2007-09-24 19:16 <REP> d-------- C:\Program Files\Microsoft Works 2007-09-24 19:15 <REP> d-------- C:\Program Files\MSBuild 2007-09-24 19:14 <REP> d-------- C:\Program Files\Microsoft.NET 2007-09-24 19:10 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2007-09-24 19:09 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-09-24 18:44 29,968 --a------ C:\WINDOWS\system32\mdimon.dll 2007-09-24 18:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help 2007-09-24 18:33 <REP> dr-h----- C:\MSOCache 2007-09-23 22:36 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Microsoft Web Folders 2007-09-23 20:55 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys 2007-09-23 20:55 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys 2007-09-23 20:55 <REP> d-------- C:\Program Files\Alcohol Soft 2007-09-18 22:37 <REP> d-------- C:\Program Files\Micro Application 2007-09-09 00:50 <REP> d-------- C:\Program Files\iTunes 2007-09-09 00:50 <REP> d-------- C:\Program Files\iPod 2007-09-05 19:25 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Media Player Classic 2007-09-05 19:23 740,442 --a------ C:\WINDOWS\system32\divx.dll 2007-09-05 19:23 73,728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-09-05 19:23 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-09-05 19:23 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-09-05 19:23 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-09-05 19:23 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-09-05 19:23 163,840 --a------ C:\WINDOWS\system32\unrar.dll 2007-09-05 19:23 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-09-05 19:23 <REP> d-------- C:\Program Files\K-Lite Codec Pack 2007-09-05 19:08 <REP> d-------- C:\Program Files\MP3 Player Utilities 3.68 2007-09-03 23:40 <REP> d-------- C:\Program Files\TagRename 2007-08-29 01:25 <REP> d-------- C:\Program Files\Medieval Software 2007-08-28 01:15 <REP> d-------- C:\Program Files\Fichiers communs\NSV . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-28 16:53 --------- d-------- C:\Program Files\Wanadoo 2007-09-28 16:52 --------- d-------- C:\Program Files\eMule 2007-09-25 21:38 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Lavasoft 2007-09-24 12:41 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-09-23 22:36 --------- d-------- C:\Program Files\microsoft frontpage 2007-09-18 22:37 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-06 23:14 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Azureus 2007-09-05 01:08 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Ahead 2007-09-02 02:17 --------- d-------- C:\Program Files\Winamp 2007-08-29 15:27 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Apple Computer 2007-08-27 20:29 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\EPSON 2007-08-24 14:05 --------- d-------- C:\Program Files\Image-Line 2007-08-24 13:59 --------- d-------- C:\Program Files\VstPlugins 2007-08-20 21:05 --------- d-------- C:\Program Files\HighCriteria 2007-08-17 22:54 --------- d-------- C:\Program Files\tcpmp 2007-08-17 22:54 --------- d-------- C:\Program Files\Mio DigiWalker 2007-08-16 19:10 --------- d-------- C:\Program Files\RawFlow 2007-08-15 23:15 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google 2007-08-15 22:08 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-08-12 22:02 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\iPod2PC3 2007-08-12 21:33 --------- d-------- C:\Program Files\Fichiers communs\eSellerate 2007-08-09 13:48 --------- d-------- C:\Program Files\PC Inspector File Recovery 2007-08-04 23:13 --------- d-------- C:\Program Files\JetAudio 2007-08-04 23:13 --------- d-------- C:\Program Files\Fichiers communs\COWON 2007-08-04 23:13 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\COWON 2007-08-02 17:03 188432 --a------ C:\WINDOWS\system32\drivers\bdfsfltr.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-20 15:54 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2007-07-16 21:23 359808 --a------ C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-07-09 15:14 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll . ((((((((((((((((((((((((((((( snapshot_2007-09-26_233152,50 ))))))))))))))))))))))))))))))))))))))))) . ----a-w 163,328 2007-09-26 12:40:09 C:\WINDOWS\ERUNT\SDFIX\ERDNT.EXE ----a-w 8,314,880 2007-09-27 14:50:19 C:\WINDOWS\ERUNT\SDFIX\Users000001\NTUSER.DAT ----a-w 180,224 2007-09-27 14:50:19 C:\WINDOWS\ERUNT\SDFIX\Users000002\UsrClass.dat ----a-w 163,328 2007-09-26 12:40:09 C:\WINDOWS\ERUNT\SDFIX_First_Run\ERDNT.EXE ----a-w 8,314,880 2007-09-27 14:49:58 C:\WINDOWS\ERUNT\SDFIX_First_Run\Users000001\NTUSER.DAT ----a-w 180,224 2007-09-27 14:49:58 C:\WINDOWS\ERUNT\SDFIX_First_Run\Users000002\UsrClass.dat ----a-w 79,360 2006-12-01 04:20:32 C:\WINDOWS\system32\swxcacls.exe . ----a-w 79,360 2006-12-01 04:20:34 C:\WINDOWS\system32\swxcacls.exe . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-04-08 17:31] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 00:47] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "TotalRecorderScheduler"="C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" [2006-05-12 01:32] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-15 00:22] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 16:55] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-09-25 21:41] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-05 20:05] "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-01-29 18:34] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-16 09:47] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2004-05-06 12:13] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme R1 bdftdif;bdftdif;\??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys R3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe -kbdx S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx scan . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-08 17:37:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-04-03 19:32:42 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-09-27 20:42:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-28 17:04:14 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . Completion time: 2007-09-28 17:05:00 C:\ComboFix-quarantined-files.txt ... 2007-09-28 17:04 C:\ComboFix2.txt ... 2007-09-26 23:32 . --- E O F ---
  4. artourner
    SmitFraudFix v2.231 Rapport fait à 21:54:30,31, 27/09/2007 Executé à partir de C:\Documents and Settings\vincent\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:00:57, on 27/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?78df20d9ad0945d9b3e25c103df5cae3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?78df20d9ad0945d9b3e25c103df5cae3 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: bw+0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 22747 bytes merci
  5. artourner
    SmitFraudFix v2.231 Rapport fait à 21:27:04,96, 27/09/2007 Executé à partir de C:\Documents and Settings\vincent\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\WINDOWS\System32\FTRTSVC.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\eMule\emule.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\div32.dll PRESENT ! C:\WINDOWS\mssql.dll PRESENT ! C:\WINDOWS\syscore.dll PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\vincent »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\vincent\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\vincent\Favoris C:\DOCUME~1\vincent\Favoris\Error Cleaner.url PRESENT ! C:\DOCUME~1\vincent\Favoris\Privacy Protector.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="My Current Home Page" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: VIA Rhine II Fast Ethernet Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\..\{473F8800-FB59-4A5B-AA05-F5063C244BD2}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin merci pour ta patience
  6. artourner
    pour les icones c'est bon j'ai refait un redemarrage et tout est normale. est ce que je suis encore infecté?
  7. artourner
    SDFix: Version 1.107 Run by vincent on 27/09/2007 at 16:51 Microsoft Windows XP [version 5.1.2600] Running From: C:\DOCUME~1\vincent\Bureau\SDFix Safe Mode: Checking Services: Restoring Windows Registry Values Restoring Windows Default Hosts File Restoring Default HomePage Value Restoring Default Desktop Components Value Rebooting... Normal Mode: Checking Files: Trojan Files Found: C:\Documents and Settings\vincent\Bureau\Error Cleaner.url - Deleted C:\Documents and Settings\vincent\Favoris\Error Cleaner.url - Deleted C:\Documents and Settings\vincent\Bureau\Privacy Protector.url - Deleted C:\Documents and Settings\vincent\Favoris\Privacy Protector.url - Deleted C:\Documents and Settings\vincent\Bureau\Spyware&Malware Protection.url - Deleted C:\Documents and Settings\vincent\Favoris\Spyware&Malware Protection.url - Deleted C:\WINDOWS\dat.txt - Deleted C:\WINDOWS\drvsvp.dll - Deleted C:\WINDOWS\mscore.dll - Deleted C:\WINDOWS\rs.txt - Deleted C:\WINDOWS\search_res.txt - Deleted Removing Temp Files... ADS Check: C:\WINDOWS No streams found. C:\WINDOWS\system32 No streams found. C:\WINDOWS\system32\svchost.exe No streams found. C:\WINDOWS\system32\ntoskrnl.exe No streams found. Final Check: Remaining Services: ------------------ Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] Remaining Files: --------------- File Backups: - C:\DOCUME~1\vincent\Bureau\SDFix\backups\backups.zip Files with Hidden Attributes: Tue 3 Apr 2007 208 A.SHR --- "C:\BOOT.BAK" Wed 4 Jul 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Thu 27 Sep 2007 65,536 A..H. --- "C:\Documents and Settings\vincent\Local Settings\Application Data\Microsoft\Outlook\~outlook.pst.tmp" Finished! Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:06:51, on 27/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: MSVPS System - {428FA4A4-C8EC-427C-85DE-11C80F67893A} - C:\WINDOWS\div32.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?78df20d9ad0945d9b3e25c103df5cae3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?78df20d9ad0945d9b3e25c103df5cae3 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: bw+0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O21 - SSODL: mssql - {85EAE298-A86C-4978-9153-A45592646453} - C:\WINDOWS\mssql.dll O21 - SSODL: syscore - {5D97266B-A0A9-4F52-9851-27B9BE52DBD7} - C:\WINDOWS\syscore.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 22860 bytes tous mes icone sont surlignée en bleu comme si je selectionné. peut ton faire quelque chose a ce probleme? merci
  8. artourner
    voici le rapport. ComboFix 07-09-21.2 - "vincent" 2007-09-26 23:27:27.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.298 [GMT 2:00] * Created a new restore point . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . C:\DOCUME~1\vincent\Favoris\Error Cleaner.url C:\DOCUME~1\vincent\Favoris\Privacy Protector.url C:\DOCUME~1\vincent\Favoris\Spyware&Malware Protection.url C:\DOCUME~1\vincent\ravmonlog C:\WINDOWS\dat.txt C:\WINDOWS\main_uninstaller.exe C:\WINDOWS\pack.epk C:\WINDOWS\rs.txt C:\WINDOWS\search_res.txt C:\WINDOWS\system32\nnuubdcbji.dat C:\WINDOWS\system32\nnuubdcbji.exe C:\WINDOWS\system32\nnuubdcbji_nav.dat C:\WINDOWS\system32\nnuubdcbji_navps.dat C:\WINDOWS\system32\nvs2.inf . ((((((((((((((((((((((((((((( Fichiers créés 2007-08-26 to 2007-09-26 )))))))))))))))))))))))))))))))))))) . 2007-09-26 23:26 51,200 --a------ C:\WINDOWS\NirCmd.exe 2007-09-26 22:01 <REP> d-------- C:\Program Files\Trend Micro 2007-09-26 17:57 241,664 --a------ C:\WINDOWS\div32.dll 2007-09-26 17:57 229,376 --a------ C:\WINDOWS\syscore.dll 2007-09-26 17:57 212,992 --a------ C:\WINDOWS\mssql.dll 2007-09-25 23:30 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-09-25 22:43 2,744 --a------ C:\WINDOWS\system32\tmp.reg 2007-09-25 22:42 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-09-25 22:42 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-09-25 22:42 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe 2007-09-25 22:42 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Bitdefender 2007-09-25 21:39 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BitDefender 2007-09-25 21:38 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender 2007-09-25 17:42 229,376 --a------ C:\WINDOWS\msduo2.dll 2007-09-25 17:42 217,088 --a------ C:\WINDOWS\mscore.dll 2007-09-25 17:42 212,992 --a------ C:\WINDOWS\drvsvp.dll 2007-09-25 17:12 81,984 --a------ C:\WINDOWS\system32\bdod.bin 2007-09-25 17:11 <REP> d-------- C:\Program Files\BitDefender 2007-09-24 19:16 <REP> d-------- C:\Program Files\Microsoft Works 2007-09-24 19:15 <REP> d-------- C:\Program Files\MSBuild 2007-09-24 19:14 <REP> d-------- C:\Program Files\Microsoft.NET 2007-09-24 19:10 <REP> d-------- C:\Program Files\Microsoft Visual Studio 8 2007-09-24 19:09 <REP> d-------- C:\WINDOWS\SHELLNEW 2007-09-24 18:44 29,968 --a------ C:\WINDOWS\system32\mdimon.dll 2007-09-24 18:35 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help 2007-09-24 18:33 <REP> dr-h----- C:\MSOCache 2007-09-23 22:36 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Microsoft Web Folders 2007-09-23 20:55 5,248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys 2007-09-23 20:55 160,640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys 2007-09-23 20:55 <REP> d-------- C:\Program Files\Alcohol Soft 2007-09-18 22:37 <REP> d-------- C:\Program Files\Micro Application 2007-09-09 00:50 <REP> d-------- C:\Program Files\iTunes 2007-09-09 00:50 <REP> d-------- C:\Program Files\iPod 2007-09-05 19:25 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\Media Player Classic 2007-09-05 19:23 740,442 --a------ C:\WINDOWS\system32\divx.dll 2007-09-05 19:23 73,728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-09-05 19:23 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-09-05 19:23 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-09-05 19:23 282,624 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-09-05 19:23 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-09-05 19:23 163,840 --a------ C:\WINDOWS\system32\unrar.dll 2007-09-05 19:23 1,559,040 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-09-05 19:23 <REP> d-------- C:\Program Files\K-Lite Codec Pack 2007-09-05 19:08 <REP> d-------- C:\Program Files\MP3 Player Utilities 3.68 2007-09-03 23:40 <REP> d-------- C:\Program Files\TagRename 2007-08-29 01:25 <REP> d-------- C:\Program Files\Medieval Software 2007-08-28 01:15 <REP> d-------- C:\Program Files\Fichiers communs\NSV 2007-08-27 20:29 <REP> d-------- C:\DOCUME~1\vincent\APPLIC~1\EPSON 2007-08-27 17:23 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy 2007-08-26 20:07 <REP> d-------- C:\Program Files\Winamp . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-09-26 22:48 --------- d-------- C:\Program Files\Wanadoo 2007-09-26 22:44 --------- d-------- C:\Program Files\eMule 2007-09-25 21:38 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Lavasoft 2007-09-23 22:36 --------- d-------- C:\Program Files\microsoft frontpage 2007-09-18 22:37 --------- d--h----- C:\Program Files\InstallShield Installation Information 2007-09-06 23:14 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Azureus 2007-09-05 01:08 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Ahead 2007-08-29 15:27 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Apple Computer 2007-08-24 14:05 --------- d-------- C:\Program Files\Image-Line 2007-08-24 13:59 --------- d-------- C:\Program Files\VstPlugins 2007-08-20 21:05 --------- d-------- C:\Program Files\HighCriteria 2007-08-17 22:54 --------- d-------- C:\Program Files\tcpmp 2007-08-17 22:54 --------- d-------- C:\Program Files\Mio DigiWalker 2007-08-16 19:10 --------- d-------- C:\Program Files\RawFlow 2007-08-15 23:15 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google 2007-08-15 22:08 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MailFrontier 2007-08-12 22:02 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\iPod2PC3 2007-08-12 21:33 --------- d-------- C:\Program Files\Fichiers communs\eSellerate 2007-08-09 13:48 --------- d-------- C:\Program Files\PC Inspector File Recovery 2007-08-04 23:13 --------- d-------- C:\Program Files\JetAudio 2007-08-04 23:13 --------- d-------- C:\Program Files\Fichiers communs\COWON 2007-08-04 23:13 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\COWON 2007-08-02 17:03 188432 --a------ C:\WINDOWS\system32\drivers\bdfsfltr.sys 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll 2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll 2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe 2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll 2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll 2007-07-30 19:19 271224 --a------ C:\WINDOWS\system32\mucltui.dll 2007-07-30 19:19 207736 --a------ C:\WINDOWS\system32\muweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll 2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll 2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll 2007-07-26 15:46 --------- d-------- C:\DOCUME~1\vincent\APPLIC~1\Samsung 2007-07-26 15:27 --------- d-------- C:\Program Files\Samsung 2007-07-20 15:54 77824 --a------ C:\WINDOWS\system32\xcomm.dll 2007-07-16 21:23 359808 --a------ C:\WINDOWS\system32\dllcache\TCPIP.SYS 2007-07-09 15:14 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll 2007-06-26 16:36 669696 --a------ C:\WINDOWS\system32\dllcache\wininet.dll 2007-06-26 15:56 851968 --------- C:\WINDOWS\system32\dllcache\vgx.dll 2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll 2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{428FA4A4-C8EC-427C-85DE-11C80F67893A}] 2007-09-26 12:51 241664 --a------ C:\WINDOWS\div32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06] "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-04-08 17:31] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-28 00:47] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "TotalRecorderScheduler"="C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" [2006-05-12 01:32] "WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-15 00:22] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 16:55] "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2007-09-25 21:41] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-04-05 20:05] "ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2007-01-29 18:34] "WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-16 09:47] "AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2004-05-06 12:13] "SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00] "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "drvsvp"= {6D2593AE-57B8-4534-AE23-9B06CD82F317} - C:\WINDOWS\drvsvp.dll [2007-09-25 16:44 212992] "mssql"= {85EAE298-A86C-4978-9153-A45592646453} - C:\WINDOWS\mssql.dll [2007-09-26 12:51 212992] "syscore"= {5D97266B-A0A9-4F52-9851-27B9BE52DBD7} - C:\WINDOWS\syscore.dll [2007-09-26 12:51 229376] R1 bdftdif;bdftdif;\??\C:\Program Files\Fichiers communs\BitDefender\BitDefender Firewall\bdftdif.sys R3 bdfsfltr;bdfsfltr;C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys R3 BDSelfPr;BDSelfPr;\??\C:\Program Files\BitDefender\BitDefender 2008\bdselfpr.sys R3 scan;BitDefender Threat Scanner;C:\WINDOWS\System32\svchost.exe -kbdx S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bdx scan *Newly Created Service* - CATCHME . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-09-08 17:37:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Program Files\Apple Software Update\SoftwareUpdate.exe "2007-04-03 19:32:42 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job" - C:\WINDOWS\system32\OOBE\oobebaln.exe "2007-09-26 20:42:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job" . ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-09-26 23:31:28 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\bdfsfltr] "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\ . Completion time: 2007-09-26 23:32:16 C:\ComboFix-quarantined-files.txt ... 2007-09-26 23:32 . --- E O F --- mon pc est t'il fortement infecté??? et t'il possible de le guerir??? merci encore
  9. artourner
    voila le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:02:36, on 26/09/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\System32\FTRTSVC.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Macrogaming\SweetIM\SweetIM.exe C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Wanadoo\ComComp.exe C:\PROGRA~1\Wanadoo\Toaster.exe C:\PROGRA~1\Wanadoo\Inactivity.exe C:\PROGRA~1\Wanadoo\PollingModule.exe C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE C:\PROGRA~1\Wanadoo\Watch.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=...6Ojg5&lid=2 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: MSVPS System - {428FA4A4-C8EC-427C-85DE-11C80F67893A} - C:\WINDOWS\mscore.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll (file missing) O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKLM\..\Run: [TotalRecorderScheduler] "C:\Program Files\HighCriteria\TotalRecorder\TotRecSched.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount O4 - HKCU\..\Run: [sweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?78df20d9ad0945d9b3e25c103df5cae3 O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?78df20d9ad0945d9b3e25c103df5cae3 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU) O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxmultijoueurs.orange.fr/Gameshel...ronGameHost.cab O18 - Protocol: bw+0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {6784A364-BA04-46C9-9854-E895A461BE47} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O21 - SSODL: drvsvp - {6D2593AE-57B8-4534-AE23-9B06CD82F317} - C:\WINDOWS\drvsvp.dll O21 - SSODL: mssql - {85EAE298-A86C-4978-9153-A45592646453} - C:\WINDOWS\mssql.dll O21 - SSODL: syscore - {5D97266B-A0A9-4F52-9851-27B9BE52DBD7} - C:\WINDOWS\syscore.dll O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender S.R.L. - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe -- End of file - 23098 bytes merci
  10. artourner
    VOILA MON PROBLEME EST QUE DES MESSAGES NARETTENT PAS DE SAFICHER AUTOMATIQUEMENT EN ME DISANT QUE MON ORDINATEUR EST INFECTER. ET EN PLUS MAINTENANT J AI UNE CROIX ROUGE QUI CLIGNOTE. J AI ESSAYER DE VOIR LES AUTRES MESSAGE POUR ME DEPANNER TOUT SEUL MAIS LE PROBLEME C EST QUE CE N EST PAS LES MEME NOMS DE "VIRUS,MALWARE,SPYWARE" EN ATTENDANT VOTRE AIDE JE VOUS REMERCI.
×
×
  • Créer...