epicea100
-
Compteur de contenus
5 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par epicea100
-
bonjour, suite au controle de sécurité du site,le rapport indique que mes ports sont fermés mais reste visibles. comment dois je faire pour les rendre invisibles. zone alarm familiale ne me permet pas de le faire. merci chris
-
siszyd32.exe impossible a supprime ds démarrage
epicea100 a répondu à un(e) sujet de epicea100 dans Analyses et éradication malwares
dernier rapport combofix contenu combofix-quarantined ComboFix 09-12-24.02 - chris 26/12/2009 17:47:02.2.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.555 [GMT 1:00] Lancé depuis: c:\documents and settings\chris\Bureau\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 091226-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-26 au 2009-12-26 )))))))))))))))))))))))))))))))))))) . 2009-12-25 21:47 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-12-25 21:47 . 2009-12-25 21:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-12-25 21:47 . 2009-12-25 21:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-12-25 21:47 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-12-24 19:30 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-12-24 19:30 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-12-24 19:30 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-12-24 19:30 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-12-24 19:30 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-12-24 19:30 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-12-24 19:30 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-12-24 19:30 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-12-24 19:30 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-12-23 17:50 . 2009-12-23 17:50 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-25 22:22 . 2008-05-24 21:46 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-12-25 21:42 . 2008-05-24 21:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-25 15:45 . 2008-05-24 22:37 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-12-25 13:25 . 2008-11-07 20:55 -------- d-----w- c:\program files\InterVideo 2009-12-23 17:50 . 2009-12-23 17:50 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2009-12-18 12:24 . 2009-11-29 08:47 0 ----a-w- c:\documents and settings\chris\errorlog.tmp 2009-12-15 11:17 . 2008-11-22 10:13 12743111 ----a-w- c:\windows\Internet Logs\tvDebug.zip 2009-12-13 18:24 . 2001-08-28 12:00 48856 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-13 18:24 . 2001-08-28 12:00 368076 ----a-w- c:\windows\system32\perfh00C.dat 2009-10-29 07:42 . 2001-08-28 12:00 916480 ------w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2004-08-19 23:09 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-19 23:09 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-04 06:00 265728 ------w- c:\windows\system32\drivers\http.sys 2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll 2008-05-24 22:21 . 2008-05-24 22:21 4704 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( SnapShot@2009-12-25_15.34.30 ))))))))))))))))))))))))))))))))))))))))) . + 2009-12-26 16:26 . 2009-12-26 16:26 16384 c:\windows\Temp\Perflib_Perfdata_69c.dat + 2008-05-24 20:38 . 2009-12-01 11:06 25966024 c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-06 7700480] "nwiz"="nwiz.exe" [2006-10-06 1617920] "RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-07 98304] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-6-12 110592] hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [24/12/2009 20:30 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24/12/2009 20:30 20560] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [25/05/2008 12:46 1105664] . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.cherche.us uDefault_Search_URL = hxxp://www.cherche.us/keyword/ uSearchMigratedDefaultURL = hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.cherche.us/keyword/%s IE: Recherche avec cherche.us - c:\documents and settings\chris\scriptjava.html LSP: c:\program files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll Trusted Zone: chat-land.org Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(656) c:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll c:\program files\Fichiers communs\Ahead\Lib\NeroSearchTrayHook.dll c:\program files\Fichiers communs\Ahead\Lib\MFC71U.DLL c:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO800u.dll c:\windows\system32\ieframe.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . Heure de fin: 2009-12-26 17:51:27 ComboFix-quarantined-files.txt 2009-12-26 16:51 ComboFix2.txt 2009-12-25 15:36 Avant-CF: 121.953.259.520 octets libres Après-CF: 121.912.492.032 octets libres Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 258C542590932D04A628FE4F26414D80 2009-12-25 15:33:44 . 2009-12-26 16:49:15 8,905 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2009-12-25 15:29:58 . 2009-12-26 16:46:21 102 ----a-w- C:\Qoobox\Quarantine\catchme.log rapport malwarebytes d'hier Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3429 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 25/12/2009 23:18:30 mbam-log-2009-12-25 (23-18-30).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|) Eléments examinés: 179426 Temps écoulé: 25 minute(s), 52 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): C:\Documents and Settings\chris\Menu Démarrer\Programmes\Démarrage\siszyd32.exe (Trojan.Agent) -> Delete on reboot. C:\Documents and Settings\chris\Application Data\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully. dernier rapport malwarebytes Malwarebytes' Anti-Malware 1.42 Version de la base de données: 3429 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 26/12/2009 18:13:26 mbam-log-2009-12-26 (18-13-26).txt Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|) Eléments examinés: 170349 Temps écoulé: 17 minute(s), 40 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) merci de me dire si tous est rentré dans l'ordre,mais apparament tous est ok,plus de siszyd32 et l'uc qui étais a 50% ou plus est a present a +- 5% bonne fete a tous chris -
Infecté par siszyd32
epicea100 a répondu à un(e) sujet de atchiguel dans Analyses et éradication malwares
Télécharger sur le bureau Malwarebyte's Anti-Malware = double-clic sur mbam-setup pour lancer l'installation = Installer simplement sans rien modifier = Quand le programme lancé ==> cocher Exécuter un examen complet = Clic Rechercher = Eventuellement décocher les disque à ne pas analyser = Clic Lancer l'examen = En fin de scan ( 1h environ), si infection trouvée ==> Clic Afficher résultat = Fermer vos applications en cours = Vérifier si tout est coché et clic Supprimer la sélection -
siszyd32.exe impossible a supprime ds démarrage
epicea100 a répondu à un(e) sujet de epicea100 dans Analyses et éradication malwares
-
siszyd32.exe impossible a supprime ds démarrage
epicea100 a posté un sujet dans Analyses et éradication malwares
Bonjour, quelqu'un peut il m'aider a appliqué une procedure qui me permette d'elimine un fichier (siszyd32.exe),il est dans les fichiers de demarrage. Ccleaner ne permet pas de le désactiver ou de le supprimé,pas moyen de le désactivé non plus avec msconfig. mon antivirus est avast 4.8 edition familiale le pare feu=zone alarm spybot-search & destroy ne le voie pas. voici le rapport combofix ComboFix 09-12-24.02 - chris 25/12/2009 16:32:08.1.2 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.599 [GMT 1:00] Lancé depuis: c:\documents and settings\chris\Bureau\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 091225-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: ZoneAlarm Firewall *disabled* {829BDA32-94B3-44F4-8446-F8FCFF809F8B} . ((((((((((((((((((((((((((((( Fichiers créés du 2009-11-25 au 2009-12-25 )))))))))))))))))))))))))))))))))))) . 2009-12-24 19:30 . 2009-11-24 23:49 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-12-24 19:30 . 2009-11-24 23:48 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-12-24 19:30 . 2009-11-24 23:47 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-12-24 19:30 . 2009-11-24 23:51 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-12-24 19:30 . 2009-11-24 23:50 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-12-24 19:30 . 2009-11-24 23:50 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-12-24 19:30 . 2009-11-24 23:50 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-12-24 19:30 . 2009-11-24 23:47 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-12-24 19:30 . 2009-11-24 23:54 1280480 ----a-w- c:\windows\system32\aswBoot.exe 2009-12-23 17:50 . 2009-12-23 17:50 148 ----a-w- c:\windows\system32\fjhdyfhsn.bat . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-12-25 13:25 . 2008-11-07 20:55 -------- d-----w- c:\program files\InterVideo 2009-12-24 09:17 . 2008-05-24 21:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-12-23 17:50 . 2009-12-23 17:50 16 ----a-w- c:\windows\system32\config\systemprofile\Application Data\fvgqad.dat 2009-12-18 12:24 . 2009-11-29 08:47 0 ----a-w- c:\documents and settings\chris\errorlog.tmp 2009-12-15 11:17 . 2008-11-22 10:13 12743111 ----a-w- c:\windows\Internet Logs\tvDebug.zip 2009-12-13 18:24 . 2001-08-28 12:00 48856 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-13 18:24 . 2001-08-28 12:00 368076 ----a-w- c:\windows\system32\perfh00C.dat 2009-11-28 09:38 . 2008-05-24 21:46 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-10-29 07:42 . 2001-08-28 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2009-10-21 05:39 . 2004-08-19 23:09 75776 ----a-w- c:\windows\system32\strmfilt.dll 2009-10-21 05:39 . 2004-08-19 23:09 25088 ----a-w- c:\windows\system32\httpapi.dll 2009-10-20 16:20 . 2004-08-04 06:00 265728 ------w- c:\windows\system32\drivers\http.sys 2009-10-13 10:33 . 2001-08-28 12:00 271360 ----a-w- c:\windows\system32\oakley.dll 2009-10-12 13:39 . 2001-08-28 12:00 79872 ----a-w- c:\windows\system32\raschap.dll 2009-10-12 13:39 . 2001-08-28 12:00 150528 ----a-w- c:\windows\system32\rastls.dll 2008-05-24 22:21 . 2008-05-24 22:21 4704 --sha-w- c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2006-06-01 94208] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-06 7700480] "nwiz"="nwiz.exe" [2006-10-06 1617920] "RTHDCPL"="RTHDCPL.EXE" [2008-05-07 16862208] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-07 98304] "ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2009-02-15 981384] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ Adobe Gamma Loader.lnk - c:\program files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-6-12 110592] hp psc 1000 series.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-4-6 147456] hpoddt01.exe.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] 2008-04-14 02:34 1695232 ------w- c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\system32\\sessmgr.exe"= "c:\\WINDOWS\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [24/12/2009 20:30 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [24/12/2009 20:30 20560] R3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [25/05/2008 12:46 1105664] . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.cherche.us uDefault_Search_URL = hxxp://www.cherche.us/keyword/ uSearchMigratedDefaultURL = hxxp://google.cherche.us/Result.php?client=pub-0420647136319153&cof=GIMP%3A009900%3BT%3A000000%3BALC%3A551a8b%3BGFNT%3AB7B7B7%3BLC%3A2200cc%3BBGC%3AFFFFFF%3BVLC%3A551a8b%3BGALT%3A008B45%3BFORID%3A11%3BDIV%3A%23FFFFF0%3B&ie=ISO-8859-1&q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uSearchURL,(Default) = hxxp://www.cherche.us/keyword/%s IE: Recherche avec cherche.us - c:\documents and settings\chris\scriptjava.html LSP: c:\program files\Google\Google Desktop Search\GoogleDesktopNetwork1.dll Trusted Zone: chat-land.org Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-12-25 16:34 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'explorer.exe'(2192) c:\program files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll c:\program files\Fichiers communs\Ahead\Lib\NeroSearchTrayHook.dll c:\program files\Fichiers communs\Ahead\Lib\MFC71U.DLL c:\program files\Fichiers communs\Ahead\Lib\BCGCBPRO800u.dll c:\windows\system32\ieframe.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . Heure de fin: 2009-12-25 16:36:02 ComboFix-quarantined-files.txt 2009-12-25 15:36 Avant-CF: 121.942.519.808 octets libres Après-CF: 121.904.140.288 octets libres WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn Current=3 Default=3 Failed=1 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - E6525C1B0EE154FAB31EE46B5A69C30D j'ajoute le rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:58:59, on 25/12/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe C:\DOCUME~1\chris\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe C:\WINDOWS\system32\wbem\wmiprvse.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.cherche.us/keyword/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cherche.us R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.cherche.us/keyword/%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.cherche.us R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: siszyd32.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: hp psc 1000 series.lnk = ? O4 - Global Startup: hpoddt01.exe.lnk = ? O8 - Extra context menu item: Recherche avec cherche.us - C:\Documents and Settings\chris\scriptjava.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O15 - Trusted Zone: *.chat-land.org O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1211659346335 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O18 - Protocol: bw+0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: offline-8876480 - {3B853670-C8F2-49E0-812B-EFEF9F77E3C6} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe -- End of file - 19649 bytes merci chris