(resolu) bonjour

Thanos · le 23 mai 2008

salut

Rien d'inquiêtant sur ce rapport à priori.

1°) Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne doit plus voir l'icône du Teatimer dans la barre de tâches!

Ne fais pas l'impasse sur cette étape, car ca fera échouer la manipulation qui va suivre.

2°) Désactive l'UAC comme indiqué ici >> http://www.zebulon.fr/astuces/220-desactiv...dans-vista.html

3°) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-Ferme tous les programmes et clique sur "Fix Checked"

4°) Un petit scan en ligne >>

Clique sur le lien suivant > ESET Online Scanner Link

Coche la case YES, I accept the Terms Of Use
Clique sur le bouton Start
Clique ensuite sur le bouton Install
Clique sur Start
Le scanner va se mettre à jour.
Ne coche pas la case Remove found threats
Clique sur le bouton Scan
Le scan va se lancer: soit patient.
Lorsque le scan s'achève, clique sur le menu Details
Copie/colle le contenu du rapport généré: il se trouve ici > C:\Program Files\EsetOnlineScanner et se nomme log.txt

Poste le rapport stp

michael_down5 · le 23 mai 2008

salut

Rien d'inquiêtant sur ce rapport à priori.

1°) Désactive le teatimer de Spybot en passant par les options de Spybot: une fois dans le logiciel, il faut aller dans le menu "Mode" => coche "Mode avancé" => "Outils"(en bas de page)=> "Résident" => et tu décoches cette case: "Résident Teatimer" . Tu ne doit plus voir l'icône du Teatimer dans la barre de tâches!

Ne fais pas l'impasse sur cette étape, car ca fera échouer la manipulation qui va suivre.

2°) Désactive l'UAC comme indiqué ici >> http://www.zebulon.fr/astuces/220-desactiv...dans-vista.html

3°) Démarre Hijackthis, clique sur "Do a system scan only", et coche les lignes suivantes :

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

-Ferme tous les programmes et clique sur "Fix Checked"

4°) Un petit scan en ligne >>

Clique sur le lien suivant > ESET Online Scanner Link

Coche la case YES, I accept the Terms Of Use

Clique sur le bouton Start

Clique ensuite sur le bouton Install

Clique sur Start

Le scanner va se mettre à jour.

Ne coche pas la case Remove found threats

Clique sur le bouton Scan

Le scan va se lancer: soit patient.

Lorsque le scan s'achève, clique sur le menu Details

Copie/colle le contenu du rapport généré: il se trouve ici > C:\Program Files\EsetOnlineScanner et se nomme log.txt

Poste le rapport stp

bonjour et merci tout est fait j attend l analyse de http://www.eset.com/onlinescan/ merci de m aide

michael_down5 · le 23 mai 2008

bonjour et merci tout est fait j attend l analyse de http://www.eset.com/onlinescan/ merci de m aide

voial aucun probleme

# version=4

# OnlineScanner.ocx=1.0.0.635

# OnlineScannerDLLA.dll=1, 0, 0, 79

# OnlineScannerDLLW.dll=1, 0, 0, 78

# OnlineScannerUninstaller.exe=1, 0, 0, 49

# vers_standard_module=3125 (20080523)

# vers_arch_module=1.064 (20080214)

# vers_adv_heur_module=1.064 (20070717)

# EOSSerial=775df131e86c014d98fa8d3717c2a5fb

# end=finished

# remove_checked=false

# unwanted_checked=true

# utc_time=2008-05-23 04:13:38

# local_time=2008-05-23 06:13:38 (+0100, Paris, Madrid (heure d'été))

# country="Belgium"

# osver=6.0.6001 NT Service Pack 1

# scanned=510253

# found=0

# scan_time=9986

je c pas si ya encore quelque chose a faire ? merci

michael_down5 · le 23 mai 2008

?re bonjour plus rien a faire tout est nikel ?

Thanos · le 24 mai 2008

Salut

Rien de mauvais n'a été détecté par le scan en ligne.

Une petite supression à faire dans la base de registre >>

Stp rend toi sur cette page afin de télécharger le fichier fix.reg sur ton bureau > http://www.sendspace.com/file/a7u51f

pour cela, clique sur le lien en bas de page > Download Link: fix.reg

Double clique sur le fichier et accepte la fusion avec le registre lorsque tu verras le message s'afficher.

Elimine le fichier après ca.

Je te redemanderais un dernier scan avec DSS: poste le rapport main.txt pour vérification

Modifié le 24 mai 2008 par Thanos

michael_down5 · le 24 mai 2008

re merci de la reponse

Deckard's System Scanner v20071014.68

Run by soumi on 2008-05-24 03:07:05

Computer is in Normal Mode.

--------------------------------------------------------------------------------

-- HijackThis (run as soumi.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 3:07:09, on 24/05/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Program Files\Common Files\Logishrd\LComMgr\Communications_Helper.exe

C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\rundll32.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\soumi\Desktop\dss.exe

C:\Users\soumi\Desktop\soumi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.fr.msn.be/0SEFRBE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: &Translator Internet - {8E4AA109-7239-4B85-8196-7377A53DDEFF} - C:\PROGRA~1\Antadis\TRANSL~1\DELPHI~1.DLL

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"

O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [synTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')

O4 - Startup: Memeo AutoBackup Launcher.lnk.disabled

O4 - Startup: Sidebar.lnk = D:\Program Files\Windows Sidebar\sidebar.exe

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O18 - Protocol: bw+0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {469D8FA1-D291-4279-A8FA-2C9A6E4E2C20} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe

O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: lxdiCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxdiserv.exe

O23 - Service: lxdi_device - - C:\Windows\system32\lxdicoms.exe

O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)

O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--

End of file - 21207 bytes

-- Files created between 2008-04-24 and 2008-05-24 -----------------------------

2008-05-22 16:38:19 5710 --a------ C:\Windows\system32\tmp.reg

2008-05-22 16:36:59 25600 --a------ C:\Windows\system32\WS2Fix.exe

2008-05-22 16:36:59 289144 --a------ C:\Windows\system32\VCCLSID.exe <Not Verified; S!Ri; >

2008-05-22 16:36:59 86528 --a------ C:\Windows\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>

2008-05-22 16:36:59 288417 --a------ C:\Windows\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>

2008-05-22 16:36:59 53248 --a------ C:\Windows\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>

2008-05-22 16:36:59 82944 --a------ C:\Windows\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>

2008-05-22 16:36:59 51200 --a------ C:\Windows\system32\dumphive.exe

2008-05-22 16:36:59 82944 --a------ C:\Windows\system32\404Fix.exe <Not Verified; S!Ri.URZ; IEDFix>

2008-05-17 19:56:50 0 d-------- C:\Program Files\Western Digital

2008-05-17 19:56:06 0 d-------- C:\Users\All Users\eSellerate

2008-05-17 19:54:34 0 d-------- C:\Program Files\Memeo

2008-05-17 19:54:20 0 d---s---- C:\Users\All Users\Memeo

2008-05-17 19:52:51 0 d-------- C:\Program Files\Western Digital Technologies

2008-05-09 08:57:41 0 d-------- C:\Users\All Users\Malwarebytes

2008-05-09 08:57:40 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware

2008-05-02 17:32:16 0 d-------- C:\Users\soumi\.SunDownloadManager

2008-04-27 21:08:18 0 d-------- C:\Program Files\EsetOnlineScanner

2008-04-26 00:27:22 0 d-------- C:\Program Files\Windows Live Safety Center

2008-04-25 21:53:43 0 d-------- C:\Program Files\Common Files\Adobe

2008-04-24 22:30:20 0 d-------- C:\NVIDIA

2008-04-24 19:49:15 0 d-------- C:\Users\All Users\Sony Ericsson

-- Find3M Report ---------------------------------------------------------------

2008-05-24 02:59:24 12 --a------ C:\Windows\bthservsdp.dat

2008-05-23 23:55:23 669578 --a------ C:\Windows\system32\perfh00C.dat

2008-05-23 23:55:23 123556 --a------ C:\Windows\system32\perfc00C.dat

2008-05-22 11:43:49 0 d-------- C:\Program Files\a-squared Free

2008-05-20 17:23:07 0 d-------- C:\Program Files\Microsoft Silverlight

2008-05-19 17:23:32 0 d-------- C:\Program Files\Google

2008-05-18 20:24:34 0 d-------- C:\Users\soumi\AppData\Roaming\LimeWire

2008-05-18 20:23:46 0 d-------- C:\Program Files\LimeWire

2008-05-17 19:56:41 0 d--h----- C:\Program Files\InstallShield Installation Information

2008-05-14 18:12:04 0 d-------- C:\Program Files\Windows Mail

2008-05-10 22:59:08 0 d-------- C:\Users\soumi\AppData\Roaming\ma-config.com

2008-05-10 00:04:55 0 d-------- C:\Program Files\Java

2008-05-09 08:57:48 0 d-------- C:\Users\soumi\AppData\Roaming\Malwarebytes

2008-05-09 08:57:17 0 d-------- C:\Users\soumi\AppData\Roaming\Download Manager

2008-04-25 21:53:43 0 d-------- C:\Program Files\Common Files

2008-04-24 19:49:35 0 d-------- C:\Program Files\Common Files\Teleca Shared

2008-04-24 17:23:40 174 --ahs---- C:\Program Files\desktop.ini

2008-04-23 23:53:09 0 d-------- C:\Program Files\Windows Sidebar

2008-04-23 23:53:09 0 d-------- C:\Program Files\Windows Calendar

2008-04-23 23:53:09 0 d-------- C:\Program Files\Movie Maker

2008-04-23 23:53:04 0 d-------- C:\Program Files\Windows Collaboration

2008-04-23 23:53:01 0 d-------- C:\Program Files\Windows Photo Gallery

2008-04-23 23:53:01 0 d-------- C:\Program Files\Windows Journal

2008-04-23 23:52:52 0 d-------- C:\Program Files\Windows Defender

2008-04-23 21:57:03 0 d-------- C:\Program Files\Astonsoft

2008-04-23 21:18:39 0 d-------- C:\Users\soumi\AppData\Roaming\Macromedia

2008-04-23 20:53:47 0 d-------- C:\Users\soumi\AppData\Roaming\GlarySoft

2008-04-21 20:42:37 0 d-------- C:\Users\soumi\AppData\Roaming\LG Electronics

2008-04-21 20:42:16 0 d-------- C:\Users\soumi\AppData\Roaming\LGSync

2008-04-20 23:32:06 0 d-------- C:\Users\soumi\AppData\Roaming\Teleca

2008-04-20 21:24:48 0 d-------- C:\Program Files\Free Audio Pack

2008-04-20 12:11:52 0 d-------- C:\Program Files\LG Electronics

2008-04-20 12:11:03 0 d-------- C:\Program Files\LGE GSM PC Sync

2008-04-15 00:23:48 0 d-------- C:\Users\soumi\AppData\Roaming\Media Player Classic

2008-04-14 23:46:43 0 d-------- C:\Program Files\Common Files\Symantec Shared

2008-04-14 23:29:10 0 d-------- C:\Program Files\K-Lite Codec Pack

2008-04-14 23:24:02 0 d-------- C:\Users\soumi\AppData\Roaming\Bitdefender

2008-04-14 23:21:03 0 d-------- C:\Program Files\Common Files\BitDefender

2008-04-14 23:04:58 0 d-------- C:\Program Files\DivX

2008-04-14 23:03:10 0 d-------- C:\Program Files\VideoLAN

2008-04-14 22:59:18 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2008-04-08 22:27:49 0 d-------- C:\Program Files\ffdshow

2008-04-08 22:25:09 0 d-------- C:\Program Files\Windows Media Components

2008-04-08 22:23:17 0 d-------- C:\Program Files\MMConvert

2008-04-05 23:53:29 0 d-------- C:\Program Files\CCleaner

2008-03-31 17:22:11 0 d-------- C:\Program Files\Messenger Plus! Live

2008-03-04 12:33:18 7680 --a------ C:\Windows\system32\ff_vfw.dll

-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [19/01/2008 09:38]

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [18/01/2008 19:31]

"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [18/10/2006 10:56]

"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [18/10/2006 10:32]

"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [25/07/2007 16:02]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [21/09/2007 04:10 C:\Windows\KHALMNPR.Exe]

"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [09/10/2007 15:46]

"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [16/02/2008 17:45]

"Windows Mobile-based device management"="%windir%\WindowsMobile\wmdc.exe" []

"NvSvc"="C:\Windows\system32\nvsvc.dll" [13/07/2007 08:34]

"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [13/07/2007 08:34]

"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [13/07/2007 08:34]

"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [15/09/2007 02:29]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 04:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [19/01/2008 09:33]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [19/01/2008 09:33]

"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [18/10/2007 12:34]

"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [20/12/2007 19:57]

"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [20/03/2006 17:34]

C:\Users\soumi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Memeo AutoBackup Launcher.lnk.disabled [17/05/2008 20:05:11]

Sidebar.lnk - C:\Program Files\Windows Sidebar\sidebar.exe [23/04/2008 23:04:26]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=2 (0x2)

"EnableLUA"=0 (0x0)

"EnableUIADesktopToggle"=0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

@="IEEE 1394 Bus host controllers"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

@="SBP2 IEEE 1394 Devices"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

@="SecurityDevices"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]

path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk

backup=C:\Windows\pss\WinZip Quick Pick.lnk.CommonStartup

backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]

"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FaxCenterServer]

"C:\Program Files\\Lexmark Fax Solutions\fm3032.exe" /s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Health Check Scheduler]

[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechCommunicationsManager]

"C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]

"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMSX]

"C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

"C:\Program Files\MSN Messenger\msnmsgr.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]

RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

"C:\Program Files\HP\QuickPlay\QPService.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpywareTerminator]

"C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalService nsi lltdsvc SSDPSRV upnphost SCardSvr w32time EventSystem RemoteRegistry WinHttpAutoProxySvc lanmanworkstation TBS SLUINotify THREADORDER fdrespub netprofm fdphost wcncsvc QWAVE Mcx2Svc WebClient SstpSvc

LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum

bthsvcs BthServ

WindowsMobile wcescomm rapimgr

LocalServiceRestricted WcesComm RapiMgr

bdx scan

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]

C:\Windows\system32\unregmp2.exe /ShowWMP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]

%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

-- End of Deckard's System Scanner: finished at 2008-05-24 03:07:42 ------------

Thanos · le 24 mai 2008

salut

Une dernière manipulation à faire dans la base de registre car une valeur a été modifiée >>

Stp rend toi sur cette page afin de télécharger le fichier userinit.reg sur ton bureau > http://www.sendspace.com/file/8fzfz0

pour cela, clique sur le lien en bas de page > Download Link: userinit.reg

Double clique sur le fichier et accepte la fusion avec le registre lorsque tu verras le message s'afficher.

Elimine le fichier après ca.

Un service installé par Norton à éliminer >>

Ouvre Hijackthis et clique sur "Open the misc tools section"=> puis "Delete an NT service".

la fenêtre "Delete a Windows NT service" va s'ouvrir
Dans la fenêtre qui s'ouvre, copie/colle ceci => Planificateur LiveUpdate automatique

Note : assure-toi de ne pas mettre d'espace avant le nom du service que tu as copié/collé dans le champs.
clique sur OK
Une autre fenêtre devrait s'ouvrir, donnant des informations sur le service et demandant si tu veux re-démarrer.
Cliquer sur YES

lorsque le pc aura redémarré, poste un tout dernier rapport hijackthis stp

Comment fonctionne ton pc ?

Modifié le 24 mai 2008 par Thanos

michael_down5 · le 24 mai 2008

re la manipulation ne marche pas avec Planificateur LiveUpdate automatique aussi avec le registre c est bon merci que dois je faire pour Planificateur LiveUpdate automatique ? merci

Thanos · le 26 mai 2008

salut

Si la manipulation avec hijackthis n'a pas fonctionné pour supprimer le service, tu peux essayer comme ceci >>

1°) Commence par faire apparaitre la boite Exécuter dans le menu Démarrer

Pour cela suis la manip >> en image ici <<

2°) Une fois ceci fait, procède ainsi >>

Clique sur le menu Démarrer > Executer et tape cmd

dans la boite de dialogue qui s'ouvre, tu tapes à la suite:

sc stop Planificateur LiveUpdate automatique puis tape sur la touche [Entrée] pour valider.

sc delete Planificateur LiveUpdate automatique puis tape sur la touche [Entrée] pour valider.

Un message t'avertis du succès de l'opération. (service deleted succesfully)

Quitte l'invite de commandes.

Poste un dernier rapport hijackthis stp

michael_down5 · le 26 mai 2008

bonjour voila sa dit le service spécifié n existe pas en tant que service installe voila je poste le rapport on c'est jamais

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:30:33, on 26/05/2008

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

Running processes:

C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Common Files\Logishrd\LComMgr\Communications_Helper.exe

C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\cmd.exe