[résolu] rapport hijackthis et anti malware

[Bluemonday]

Bonjour !

 

Je viens vous voir parce que l'ordinateur que j'utilise en ce moment est bien infecté.

J'ai lancé une analyse avec l'anti virus MCAfee, un anti malware (malware bytes), spybot et AFT Cleaner.

J'ai recommencé ces opérations en mode sans échec. Un malware persiste toujours : svchost.exe qui est caché dans les fichiers temporaires. De plus, spybot n'a pas réussi à supprimer un certain win32.fraudl.oad (encore un malware) en mode sans échec. Il a proposé de relancer l'analyse lors du redémarrage en mode normal, chose qu'il a faite, il a corrigé deux autres problèmes mais celui là n'apparaissait plus.

Depuis, Mc Afee n'arrive toujours pas à supprimer svchost.exe, je cite "échec dû à l'impossibilité de nettoyer l'élément détecté".

 

Je vous poste ici le rapport hijackthis ainsi que celui de l'anti malware

 

hijackthis

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:06:30, on 11/02/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

C:\Program Files\McAfee\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\WINDOWS\system32\mfevtps.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\McAfee\Common Framework\udaterui.exe

C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\CameraAssistant.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Windows\LSD\LClock\lclock.exe

C:\Documents and Settings\Administrateur\Administrateur.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility\RtWLan.exe

C:\WINDOWS\system32\sistray.exe

C:\Program Files\LimeWire\LimeWire.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\Program Files\OpenOffice.org 3\program\soffice.exe

C:\Program Files\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe

C:\Documents and Settings\Administrateur\Mes documents\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: (no name) - {B9B220C1-A500-59BD-F413-02B52A2C8953} - (no file)

O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [skyTel] SkyTel.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [shStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LClock] C:\Windows\LSD\LClock\lclock.exe

O4 - HKCU\..\Run: [Administrateur] C:\Documents and Settings\Administrateur\Administrateur.exe

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [] C:\Documents and Settings\Administrateur\Administrateur.exe

O4 - HKCU\..\Run: [updateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe /ot /as /ss

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WinLSD_SP3] %systemroot%\LSD\end.cmd (User 'Default user')

O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe

O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe

O4 - Global Startup: BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility.lnk = C:\Program Files\BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility\RtWLan.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe

O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\RazaWebHook32.dll/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O18 - Protocol: bw+0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O20 - Winlogon Notify: rkotrig - C:\WINDOWS\SYSTEM32\rkotrig.dll

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: Service McAfee Framework (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe

 

--

End of file - 20420 bytes

 

Malware bytes

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

 

Version de la base de données: 5710

 

Windows 5.1.2600 Service Pack 3 (Safe Mode)

Internet Explorer 8.0.6001.18702

 

10/02/2011 19:23:27

mbam-log-2011-02-10 (19-23-27).txt

 

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|)

Elément(s) analysé(s): 164622

Temps écoulé: 20 minute(s), 28 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 1

Clé(s) du Registre infectée(s): 8

Valeur(s) du Registre infectée(s): 9

Elément(s) de données du Registre infecté(s): 5

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 11

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

c:\WINDOWS\system32\nsfj6k06r.dll (Trojan.Agent) -> Delete on reboot.

 

Clé(s) du Registre infectée(s):

HKEY_CLASSES_ROOT\CLSID\{B9B220C1-A500-59BD-F413-02B52A2C8953} (Trojan.Agent) -> Delete on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9B220C1-A500-59BD-F413-02B52A2C8953} (Trojan.Agent) -> Delete on reboot.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B9B220C1-A500-59BD-F413-02B52A2C8953} (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Malware.Packer.Gen) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GoogleUpdateBeta (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msupdate (Rootkit.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.

 

Valeur(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{B9B220C1-A500-59BD-F413-02B52A2C8953} (Trojan.Agent) -> Value: {B9B220C1-A500-59BD-F413-02B52A2C8953} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+MV0NbeJsiv (Trojan.Downloader) -> Value: uPc+MV0NbeJsiv -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\uPc+MV0NbeJsiv (Trojan.Downloader) -> Value: uPc+MV0NbeJsiv -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HNUGROXRrsb (Malware.Packer.Gen) -> Value: HNUGROXRrsb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HNUGROXRrsb (Malware.Packer.Gen) -> Value: HNUGROXRrsb -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Value: cdoosoft -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Value: WINID -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\idstrf (Malware.Trace) -> Value: idstrf -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceClassicControlPanel (Hijack.ControlPanelStyle) -> Value: ForceClassicControlPanel -> Quarantined and deleted successfully.

 

Elément(s) de données du Registre infecté(s):

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\WINDOWS\system32\nsfj6k06r.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\d8wxp.dll (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\documents and settings\administrateur\local settings\Temp\usitbleo.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\documents and settings\administrateur\local settings\Temp\herss.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\WINDOWS\system32\sshnas21.dll (Trojan.Agent) -> Quarantined and deleted successfully.

c:\documents and settings\administrateur\local settings\Temp\cvasds0.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

c:\WINDOWS\mdm.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\WINDOWS\setup.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.

c:\documents and settings\networkservice\local settings\application data\Google\Update\googleupdatebeta.exe (Trojan.Agent) -> Quarantined and deleted successfully.

c:\WINDOWS\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

c:\WINDOWS\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

 

Pensez vous pouvoir m'aider ?

Merci et bonne journée à tous

Modifié le 19 février 2011 par Bluemonday

[bernard53]

Bonsoir

 

Fait ceci s.t.p

 

 

* Télécharge sur le bureau RogueKiller (par tigzy)

* Lance le puis valide choix 2.

 

* Un rapport (RKreport.txt) a du se créer à côté de l'exécutable, colle son contenu dans la réponse

 

 

ensuite ceci.

 

 

Télécharges << ZHPDiag>> (de Nicolas Coolman)

 

dezzipes le fichier sur ton bureau...

Fais un clic-droit sur l'icône ZHPDiag .exe et choisis "exécuter en tant qu'administrateur".

 

 

L'installation va créer raccourcis (ZHPDiag et ZHPFix et MBRchek) sur ton bureau

 

 

 

A la fin de l'installation ZHPDiag va se lancer....

 

Cliques sur l'icône "Options" (image du tournevis) et coches toutes les options.

Cliques sur "Lancer le diagnostique" (image de la loupe) et patiente...

 

A la fin du scan cliques sur l'icône "sauvegarder le fichier sous" (image de la disquette bleu) et enregistre le rapport sur ton bureau.

 

Mets le rapport ici car il prend bien de la place.

Cijoint.fr - Service gratuit de dépôt de fichiers

[Bluemonday]

Bonsoir,

 

Merci pour la réponse

 

voici le rapport de rogue killer

 

RogueKiller V3.9.0 by Tigzy

contact at Forum Sciences / Forum Informatique - Sur la Toile (SLT)

mail: tigzyRK<at>gmail<dot>com

Feedback: [RogueKiller] Remontées (1/9)

 

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Administrateur [Admin rights]

Mode: Remove -- Time : 11/02/2011 21:54:12

 

Bad processes:

 

Deregistred:

HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SSHNAS ->

 

HOSTS File:

127.0.0.1 localhost

127.0.0.1 mpa.one.microsoft.com

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

[...]

 

 

Finished

 

 

 

 

 

Par contre, je rencontre un souci pour partager le rapport de ZHPDiag. la connexion échoue à chaque fois que je charge mon fichier. J'ai essayé avec un autre site, pareil.

J'ai testé avec un autre fichier txt et ça a fonctionné. Le problème viendrait donc du fichier. Il ne dépasse pourtant pas la taille maximale.

 

Si je recommence l'analyse pour enregistrer un second rapport, ça ne faussera pas le résultat (sait on jamais, le deuxième fichier serait peut être accepté, lui...) ?

 

A bientôt

[bernard53]

Renomme le fichier en.txt et poste le s.t.p

[Bluemonday]

Bé, l'est déjà en .txt

(mais pour dissiper tout mal entendu j'ai effacé et renommé mais ça ne marche toujours point)

 

C'est vraiment limité à 8Mo ? En tout sur le compte ou par fichier ?

Parce que mozilla me dit qu'il est possible que la connexion echoue à cause d'une surchage du site. Ca ferait pas ça lorsque les fichiers sont trop lourd par hasard ?

 

(désolée hein, en plus je pose des problèmes pour poster les rapports...)

Modifié le 12 février 2011 par Bluemonday

[bernard53]

essai ici.

 

Rendez vous sur Envoyez et partagez vos fichiers puis:

1.Cliquez sur "Parcourir" afin de sélectionner le rapport "OTL.txt"

2.Cliquez sur "Envoyer"

[Bluemonday]

Ca ne marche toujours pas...

Par contre, juste une question (stupide sans doute), pourquoi OTL ? C'est un nom au pif ?

Je ne peux pas vous l'envoyer par mail ? Je me doute que ça ne se fait pas trop mais là je ne vois pas de solution...

[bernard53]

je t'ai marqué OTL alors que cela n'est pas la cause pour le dépot du fichier .

 

Mets le rapport directement ici alors dans ta réponse.

Modifié le 14 février 2011 par bernard53

[Bluemonday]

okiche

 

jle poste en plusieurs fois, ça ne passe pas :/

 

Rapport de ZHPDiag v1.27.1600 par Nicolas Coolman, Update du 10/02/2011

Run by Administrateur at 11/02/2011 22:03:28

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

 

---\\ System Information

Windows XP Professional Service Pack 3 (Build 2600)

Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 895 MB (18% free)

System Restore: Activé (Enable)

System drive C: has 43 GB (61%) free of 70 GB

 

---\\ Logged in mode

Computer Name: XP1

User Name: Administrateur

All Users Names: HelpAssistant, ASPNET, Administrateur,

Unselected Option: None

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Documents and Settings\Administrateur\Application Data

%LocalAppData%=C:\Documents and Settings\Administrateur\Local Settings\Application Data

%StartMenu%=C:\Documents and Settings\Administrateur\Menu Démarrer

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 43 Go of 70 Go)

D:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Hard drive, Flash drive, Thumb drive (Free 54 Go of 70 Go)

I:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D1EA0A366973ECA3E03F1ACBEFDA8F43] - (.Microsoft Corporation - Explorateur Windows.) (.25/07/2009 10:32:20.) -- C:\Windows\Explorer.exe [979968]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.25/07/2009 10:31:17.) -- C:\Windows\System32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.25/07/2009 10:32:39.) -- C:\Windows\System32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.25/07/2009 10:31:43.) -- C:\Windows\System32\drivers\ntfs.sys [574976]

 

 

---\\ Processus lancés

[MD5.493B1D854F98D611CCA249014C6E631A] - (.Logitech Inc. - Logitech LVPrcSrv Module..) -- c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe [81920]

[MD5.77AC10DB097DFD0CD3071465B644D0AB] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.C3D7E3DCC470D0A5230A485549F21908] - (.McAfee, Inc. - Common Shell3 - Scanners' interface to the.) -- C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe [19456]

[MD5.4CD3EE64736B4D156DAC5C1D6EB60C24] - (.McAfee, Inc. - Framework Service.) -- C:\Program Files\McAfee\Common Framework\FrameworkService.exe [103744]

[MD5.9DF3A434657512B31549F8D20AFFAD5F] - (.McAfee, Inc. - Task Manager.) -- C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe [62800]

[MD5.B87B41F2C05788F04A3B487902803FD2] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\WINDOWS\system32\mfevtps.exe [67904]

[MD5.291ADFCB72658349A929B903BC47F8EA] - (.McAfee, Inc. - On-Access Scanner service.) -- C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe [143088]

[MD5.901D251617EE3C80E8701311C2DE4295] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16116224]

[MD5.19DFA4463D9FBA9E7046E8264D0656D8] - (.McAfee, Inc. - Common User Interface.) -- C:\Program Files\McAfee\Common Framework\udaterui.exe [136512]

[MD5.825A1841A76429732BC6C03BD5C656AA] - (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [124240]

[MD5.D168AD316F07904F2D0DCF7204E8B5E0] - (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.EXE [225280]

[MD5.F1E5A76CD7835C19A5A1C6CA307AB76E] - (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe [489472]

[MD5.35CADFC53E7D7E4336E7C9C04D66C82B] - (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe [262144]

[MD5.E0D6538B62C79FCBF0B27F95FAF3208B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [246504]

[MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320]

[MD5.38CC541D105DCBA3D3768D6B191D9505] - (.Pas de propriétaire - LClock Application.) -- C:\Windows\LSD\LClock\lclock.exe [65536]

[MD5.C570A932B9F2FBE60BC0E00F22FA825D] - (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Administrateur.exe [139776]

[MD5.5588812731C64305F2579DD8215037E0] - (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [32768]

[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480]

[MD5.793C739B005156996411CAFE91121018] - (.Realtek Semiconductor Corp. - RtWLan ( For WinXP/2003) Application.) -- C:\Program Files\BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility\RtWLan.exe [933888]

[MD5.A76162AC8BC3CAD5822880AA3B25B7F5] - (.Silicon Integrated Systems Corporation - SiS Compatible Super VGA Tray Application.) -- C:\WINDOWS\system32\sistray.exe [262144]

[MD5.7A2FAB25EDDC6B2C6AA19BA3EB5E0A04] - (.McAfee, Inc. - McAfee Security Agent Taskbar Extension.) -- C:\Program Files\McAfee\Common Framework\McTray.exe [91456]

[MD5.ABC2C67DFD48930F846934B907C3D606] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000]

[MD5.15D982E21248E9BE337D9B40247AF30E] - (.OpenOffice.org - OpenOffice.org 3.2.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368]

[MD5.E9638B0CBB5DAE86F6E9DA843C19399D] - (.Sun Microsystems, Inc. - Java Update Checker.) -- C:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [490216]

[MD5.B60DDDD2D63CE41CB8C487FCFBB6419E] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [638816]

[MD5.3A4C97796130037CBB555F5BC8419F28] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [630272]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Administrateur] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

M0 - MFSP: prefs.js [Administrateur - jmzgulko.default] Google

M2 - MFEP: prefs.js [Administrateur - jmzgulko.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R1 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.18777 (longhorn_ie8_gdr.090424-1700)) -- C:\WINDOWS\system32\ieframe.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) - {B9B220C1-A500-59BD-F413-02B52A2C8953} Clé orpheline

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [siSPower] . (.Silicon Integrated Systems Corporation - Dynamic link library for setting Power Sche.) -- C:\Windows\System32\SiSPower.dll

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\Windows\RTHDCPL.exe

O4 - HKLM\..\Run: [skyTel] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- C:\Windows\SkyTel.exe

O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\Windows\ALCMTR.exe

O4 - HKLM\..\Run: [McAfeeUpdaterUI] . (.McAfee, Inc. - Common User Interface.) -- C:\Program Files\McAfee\Common Framework\udaterui.exe

O4 - HKLM\..\Run: [shStatEXE] . (.McAfee, Inc. - VirusScan tray icon.) -- C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.exe

O4 - HKLM\..\Run: [LVCOMSX] . (.Logitech Inc. - LVCom Server.) -- C:\WINDOWS\system32\LVCOMSX.exe

O4 - HKLM\..\Run: [LogitechCameraAssistant] . (.Logitech Inc. - Logitech Camera Assistant.) -- C:\Program Files\Logitech\Video\CameraAssistant.exe

O4 - HKLM\..\Run: [LogitechVideo[inspector]] . (.Logitech Inc. - Install Helper.) -- C:\Program Files\Logitech\Video\InstallHelper.exe

O4 - HKLM\..\Run: [LogitechCameraService(E)] . (.Logitech Inc. - Logitech Camera Service(E).) -- C:\WINDOWS\system32\ElkCtrl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe

O4 - HKLM\..\RunOnce: [WIAWizardMenu] . (.Microsoft Corporation - Installateur de classes d'images fixes.) -- C:\WINDOWS\system32\sti_ci.dll

O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LClock] . (.Pas de propriétaire - LClock Application.) -- C:\Windows\LSD\LClock\lclock.exe

O4 - HKCU\..\Run: [Administrateur] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Administrateur.exe

O4 - HKCU\..\Run: [LDM] . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe

O4 - HKCU\..\RunOnce: [CanonUPW_000] Clé orpheline

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\Run: [LClock] . (.Pas de propriétaire - LClock Application.) -- C:\Windows\LSD\LClock\lclock.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\Run: [Administrateur] . (.Pas de propriétaire - Pas de description.) -- C:\Documents and Settings\Administrateur\Administrateur.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\Run: [LDM] . (.Logitech - Logitech Desktop Messenger.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\LSD\end.cmd

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (.not file.)

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-18\..\RunOnce: [WinLSD_SP3] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\LSD\end.cmd

O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (.not file.)

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] Clé orpheline

O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-19\..\RunOnce: [WinLSD_SP3] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\LSD\end.cmd

O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (.not file.)

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] Clé orpheline

O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-20\..\RunOnce: [WinLSD_SP3] . (.Pas de propriétaire - Pas de description.) -- C:\WINDOWS\LSD\end.cmd

O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] Clé orpheline

O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe

O4 - HKUS\S-1-5-21-527237240-448539723-1177238915-500\..\RunOnce: [CanonUPW_000] Clé orpheline

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility.lnk . (.Realtek Semiconductor Corp..) -- C:\Program Files\BlueStork BS-WN-USB NANO 11n USB Wireless LAN Utility\RtWLan.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk . (.Logitech.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Utility Tray.lnk . (.Silicon Integrated Systems Corporation.) -- C:\WINDOWS\system32\sistray.exe

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 3.2.lnk . (.Pas de propriétaire.) -- C:\Program Files\OpenOffice.org 3\program\quickstart.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\Administrateur\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Download with &Shareaza . (.Shareaza Development Team - Shareaza Web Download Hook.) -- C:\Program Files\Shareaza\RazaWebHook32.dll

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} . (.not file.) - (.not file.)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.not file.) - (.not file.)

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{CA30E4A4-9C40-4F2B-91A9-AE48F2A4F226}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{CA30E4A4-9C40-4F2B-91A9-AE48F2A4F226}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{CA30E4A4-9C40-4F2B-91A9-AE48F2A4F226}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Protocole additionnel et piratage de protocole (O18)

O18 - Handler: bw+0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw+0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw-0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw-0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw00 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw00s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw10 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw10s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw20 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw20s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw30 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw30s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw40 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw40s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw50 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw50s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw60 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw60s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw70 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw70s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw80 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw80s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw90 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bw90s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwa0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwa0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwb0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwb0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwc0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwc0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwd0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwd0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwe0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwe0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwf0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwf0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Handler: bwg0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwg0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwh0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwh0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwi0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwi0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwj0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwj0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwk0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwk0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwl0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwl0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwm0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwm0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwn0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwn0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwo0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwo0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwp0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwp0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwq0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwq0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwr0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwr0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bws0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bws0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwt0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwt0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwu0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwu0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwv0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwv0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bww0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bww0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwx0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwx0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwy0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwy0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwz0 - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: bwz0s - {b0672cc9-bf87-4ee7-b6e0-8619078c6ecc} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Handler: offline-8876480 - {B0672CC9-BF87-4EE7-B6E0-8619078C6ECC} . (.BackWeb Technologies Inc. - BackWeb Runner Application.) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: rkotrig . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\rkotrig.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: (LVPrcSrv) . (.Logitech Inc. - Logitech LVPrcSrv Module..) - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: (McAfeeEngineService) . (.McAfee, Inc. - Common Shell3 - Scanners' interface to the.) - C:\Program Files\McAfee\VirusScan Enterprise\EngineServer.exe

O23 - Service: (McAfeeFramework) . (.McAfee, Inc. - Framework Service.) - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: (McShield) . (.McAfee, Inc. - On-Access Scanner service.) - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

O23 - Service: (McTaskManager) . (.McAfee, Inc. - Task Manager.) - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

O23 - Service: (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\WINDOWS\system32\mfevtps.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\Windows\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\Windows\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\Windows\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys

O41 - Driver: McAfee Inc. mfetdik (mfetdik) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\Windows\System32\drivers\mfetdik.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\Windows\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\Windows\System32\DRIVERS\redbook.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: (SiSkp) . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) - C:\Windows\System32\DRIVERS\srvkp.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\Windows\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: ArcSoft VideoImpression 1.6 - (.Pas de propriétaire.) [HKLM] -- {A0ACD7D7-E79D-4593-BBF8-65D17889FA25}

O42 - Logiciel: BlueStork BS-WN-USB NANO Wireless LAN Driver and Utility - (.BlueStork.) [HKLM] -- {9C049499-055C-4a0c-A916-1D8CA1FF45EB}

O42 - Logiciel: EPSON SX125 Series Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON SX125 Series Manual

O42 - Logiciel: EPSON SX125 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX125 Series

O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner

O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {39F58DDB-B2B8-4B86-AF20-4706A80EB30D}

O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178}

O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {03B8AA32-F23C-4178-B8E6-09ECD07EAA47}

O42 - Logiciel: GIMP 2.6.9 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Java 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Logiciel QuickCam de Logitech - (.Logitech, Inc..) [HKLM] -- {C191BE7C-8542-4A61-973A-714EF76C5995}

O42 - Logiciel: Logitech Desktop Messenger - (.Logitech, Inc..) [HKLM] -- {900B1197-53F5-4F46-A882-2CFFFE2EEDCB}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee Agent - (.McAfee, Inc..) [HKLM] -- {A638557B-1F13-40A0-9627-C892FBCA6960}

O42 - Logiciel: McAfee VirusScan Enterprise - (.McAfee, Inc..) [HKLM] -- {147BCE03-C0F1-4C9F-8157-6A89B6D2D973}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Hotfix (KB928366) - (.Pas de propriétaire.) [HKLM] -- M928366

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM] -- {97B3824E-B2D2-4C49-A860-BCA56F10B040}

O42 - Logiciel: Programme de gestion Camera de Logitech® - (.Pas de propriétaire.) [HKLM] -- QcDrv

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Shareaza 2.5.3.0 - (.Shareaza Development Team.) [HKLM] -- Shareaza_is1

O42 - Logiciel: SiS VGA Utilities - (.Pas de propriétaire.) [HKLM] -- SiS VGA Driver

O42 - Logiciel: SiSAGP driver - (.Pas de propriétaire.) [HKLM] -- {DC226AC9-0314-496C-BE6A-B6A132628466}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: aMSN 0.98.3 - (.Pas de propriétaire.) [HKLM] -- aMSN

[Bluemonday]

---\\ HKCU & HKLM Software Keys

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Broderbund Software]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\EPSON]

[HKCU\Software\Google]

[HKCU\Software\Intel]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Logitech]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\McAfee]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\OfferBox]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Shareaza]

[HKCU\Software\SmartTweak]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\aMSN]

[HKCU\Software\shockwave.com]

[HKLM\Software\ABBYY]

[HKLM\Software\Adobe]

[HKLM\Software\AppDataLow]

[HKLM\Software\ArcSoft]

[HKLM\Software\BackWeb]

[HKLM\Software\C07ft5Y]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\EPSON]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Logitech]

[HKLM\Software\MDC]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Network Associates]

[HKLM\Software\ODBC]

[HKLM\Software\OfferBox]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SEIKO EPSON CORPORATION]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Schlumberger]

[HKLM\Software\Secure]

[HKLM\Software\Set8188SU]

[HKLM\Software\Set8191SU]

[HKLM\Software\Set8192GU]

[HKLM\Software\Set8192SU]

[HKLM\Software\Set8712]

[HKLM\Software\Shareaza]

[HKLM\Software\SiS]

[HKLM\Software\Silicon Integrated Systems Corp.]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trust]

[HKLM\Software\VideoLAN]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\mozilla.org]