> Tous les forums > Forum Sécurité
 Navi search et system doctor
Ajouter un message à la discussion
Page : [1] 
Page 1 sur 1
stephrem
  Posté le 15/09/2006 @ 12:48 
Aller en bas de la page 
Petit astucien
Bonjour J'ai pleins de pubs qui apparaissent. Qui peut m'aider à m'en débarraser? Merci d'avance
Publicité
baroudeur
 Posté le 15/09/2006 à 12:55 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
  Astucien

[hello] Stephrem tu peux dans un premier temps essayer la barre Google qui posséde un bloqueur de pub ici; http://toolbar.google.com/intl/fr/ si les problèmes persistent suit cette procédure ; https://forum.pcastuces.com/sujet.asp?SUJET_ID=224226 déplace ton sujet dans le forum de "sécurité" en cliquant sur le triangle jaune en haut a droite de ta page . un modérateur te le déplacera post tes differents rapports d'analyse ou d'autres astuciens prendront le relais pour t'aider dans les démarches a suivre . très bonne journée
philae
 Posté le 15/09/2006 à 15:12 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

Bonjour, [hello] baroudeur, maintenant tu es dans le forum sécurité
Navi search et system doctor
la barre google ne sera pas suffisante. clique sur le lien de ma signature, fait les manips préconisées et poste les rapports demandés ainsi que celui ci : * Télécharge [url="https://europe.f-secure.com/exclude/blacklight/index.shtml"]Blacklight[/url] (de F-Secure) (le premier de la page) en image [url="https://forum.pcastuces.com/sujet.asp?SUJET_ID=291882"]ICI[/url] à la lettre H Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau. Double-clique blbeta.exe et accepte la licence; clique Scan puis Next Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres). Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "Rename" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe
stephrem
 Posté le 15/09/2006 à 15:35 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
Voici le rapport et pour info ewido n'a rien trouvé dans l'analyse en mode sans échec C'est quoi wbemtest.exe???? 09/15/06 15:28:08 [Info]: BlackLight Engine 1.0.46 initialized 09/15/06 15:28:08 [Info]: OS: 5.1 build 2600 () 09/15/06 15:28:09 [Note]: 7019 4 09/15/06 15:28:09 [Note]: 7005 0 09/15/06 15:28:13 [Note]: 7006 0 09/15/06 15:28:13 [Note]: 7011 1556 09/15/06 15:28:14 [Note]: 7026 0 09/15/06 15:28:14 [Note]: 7026 0 09/15/06 15:28:14 [Note]: 7024 3 09/15/06 15:28:14 [Info]: Hidden process: C:\windows\system32\dvogtus.exe 09/15/06 15:28:15 [Note]: FSRAW library version 1.7.1019 09/15/06 15:28:39 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\\\__delete_on_reboot__msclock32 09/15/06 15:28:39 [Note]: 10002 1 09/15/06 15:28:39 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\\\__delete_on_reboot__msclock32 09/15/06 15:28:39 [Note]: 10002 1 09/15/06 15:28:40 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\\\__delete_on_reboot__msclock32 09/15/06 15:28:40 [Note]: 10002 1 09/15/06 15:28:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:52 [Note]: 7002 0 09/15/06 15:28:52 [Note]: 7003 1 09/15/06 15:28:52 [Note]: 10002 1 09/15/06 15:28:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:52 [Note]: 7002 0 09/15/06 15:28:52 [Note]: 7003 1 09/15/06 15:28:52 [Note]: 10002 1 09/15/06 15:28:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:53 [Note]: 7002 0 09/15/06 15:28:53 [Note]: 7003 1 09/15/06 15:28:53 [Note]: 10002 1 09/15/06 15:28:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:53 [Note]: 7002 0 09/15/06 15:28:53 [Note]: 7003 1 09/15/06 15:28:53 [Note]: 10002 1 09/15/06 15:28:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:53 [Note]: 7002 0 09/15/06 15:28:53 [Note]: 7003 1 09/15/06 15:28:53 [Note]: 10002 1 09/15/06 15:28:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:54 [Note]: 7002 0 09/15/06 15:28:54 [Note]: 7003 1 09/15/06 15:28:54 [Note]: 10002 1 09/15/06 15:28:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:54 [Note]: 7002 0 09/15/06 15:28:54 [Note]: 7003 1 09/15/06 15:28:54 [Note]: 10002 1 09/15/06 15:28:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:54 [Note]: 7002 0 09/15/06 15:28:54 [Note]: 7003 1 09/15/06 15:28:54 [Note]: 10002 1 09/15/06 15:28:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:54 [Note]: 7002 0 09/15/06 15:28:54 [Note]: 7003 1 09/15/06 15:28:54 [Note]: 10002 1 09/15/06 15:28:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:55 [Note]: 7002 0 09/15/06 15:28:55 [Note]: 7003 1 09/15/06 15:28:55 [Note]: 10002 1 09/15/06 15:28:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:55 [Note]: 7002 0 09/15/06 15:28:55 [Note]: 7003 1 09/15/06 15:28:55 [Note]: 10002 1 09/15/06 15:28:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:55 [Note]: 7002 0 09/15/06 15:28:55 [Note]: 7003 1 09/15/06 15:28:55 [Note]: 10002 1 09/15/06 15:28:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:55 [Note]: 7002 0 09/15/06 15:28:55 [Note]: 7003 1 09/15/06 15:28:55 [Note]: 10002 1 09/15/06 15:28:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:55 [Note]: 7002 0 09/15/06 15:28:55 [Note]: 7003 1 09/15/06 15:28:55 [Note]: 10002 1 09/15/06 15:28:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:56 [Note]: 7002 0 09/15/06 15:28:56 [Note]: 7003 1 09/15/06 15:28:56 [Note]: 10002 1 09/15/06 15:28:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:56 [Note]: 7002 0 09/15/06 15:28:56 [Note]: 7003 1 09/15/06 15:28:56 [Note]: 10002 1 09/15/06 15:28:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:56 [Note]: 7002 0 09/15/06 15:28:56 [Note]: 7003 1 09/15/06 15:28:56 [Note]: 10002 1 09/15/06 15:28:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:57 [Note]: 7002 0 09/15/06 15:28:57 [Note]: 7003 1 09/15/06 15:28:57 [Note]: 10002 1 09/15/06 15:28:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:57 [Note]: 7002 0 09/15/06 15:28:57 [Note]: 7003 1 09/15/06 15:28:57 [Note]: 10002 1 09/15/06 15:28:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:57 [Note]: 7002 0 09/15/06 15:28:57 [Note]: 7003 1 09/15/06 15:28:57 [Note]: 10002 1 09/15/06 15:28:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:57 [Note]: 7002 0 09/15/06 15:28:57 [Note]: 7003 1 09/15/06 15:28:57 [Note]: 10002 1 09/15/06 15:28:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:57 [Note]: 7002 0 09/15/06 15:28:57 [Note]: 7003 1 09/15/06 15:28:57 [Note]: 10002 1 09/15/06 15:28:58 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:58 [Note]: 7002 0 09/15/06 15:28:58 [Note]: 7003 1 09/15/06 15:28:58 [Note]: 10002 1 09/15/06 15:28:58 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:58 [Note]: 7002 0 09/15/06 15:28:58 [Note]: 7003 1 09/15/06 15:28:58 [Note]: 10002 1 09/15/06 15:28:58 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:58 [Note]: 7002 0 09/15/06 15:28:58 [Note]: 7003 1 09/15/06 15:28:58 [Note]: 10002 1 09/15/06 15:28:58 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:58 [Note]: 7002 0 09/15/06 15:28:58 [Note]: 7003 1 09/15/06 15:28:58 [Note]: 10002 1 09/15/06 15:28:59 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:59 [Note]: 7002 0 09/15/06 15:28:59 [Note]: 7003 1 09/15/06 15:28:59 [Note]: 10002 1 09/15/06 15:28:59 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:59 [Note]: 7002 0 09/15/06 15:28:59 [Note]: 7003 1 09/15/06 15:28:59 [Note]: 10002 1 09/15/06 15:28:59 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:59 [Note]: 7002 0 09/15/06 15:28:59 [Note]: 7003 1 09/15/06 15:28:59 [Note]: 10002 1 09/15/06 15:28:59 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:28:59 [Note]: 7002 0 09/15/06 15:28:59 [Note]: 7003 1 09/15/06 15:28:59 [Note]: 10002 1 09/15/06 15:29:00 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:00 [Note]: 7002 0 09/15/06 15:29:00 [Note]: 7003 1 09/15/06 15:29:00 [Note]: 10002 1 09/15/06 15:29:00 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:00 [Note]: 7002 0 09/15/06 15:29:00 [Note]: 7003 1 09/15/06 15:29:00 [Note]: 10002 1 09/15/06 15:29:00 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:00 [Note]: 7002 0 09/15/06 15:29:00 [Note]: 7003 1 09/15/06 15:29:00 [Note]: 10002 1 09/15/06 15:29:00 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:00 [Note]: 7002 0 09/15/06 15:29:00 [Note]: 7003 1 09/15/06 15:29:00 [Note]: 10002 1 09/15/06 15:29:00 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:00 [Note]: 7002 0 09/15/06 15:29:00 [Note]: 7003 1 09/15/06 15:29:00 [Note]: 10002 1 09/15/06 15:29:01 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:01 [Note]: 7002 0 09/15/06 15:29:01 [Note]: 7003 1 09/15/06 15:29:01 [Note]: 10002 1 09/15/06 15:29:01 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:01 [Note]: 7002 0 09/15/06 15:29:01 [Note]: 7003 1 09/15/06 15:29:01 [Note]: 10002 1 09/15/06 15:29:01 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/15/06 15:29:01 [Note]: 7002 0 09/15/06 15:29:01 [Note]: 7003 1 09/15/06 15:29:01 [Note]: 10002 1 09/15/06 15:30:45 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus.dat 09/15/06 15:30:45 [Note]: 10002 1 09/15/06 15:30:45 [Info]: Hidden file: C:\windows\system32\dvogtus.exe 09/15/06 15:30:46 [Note]: 10002 1 09/15/06 15:30:46 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus_nav.dat 09/15/06 15:30:46 [Note]: 10002 1 09/15/06 15:30:46 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus_navps.dat 09/15/06 15:30:46 [Note]: 10002 1 09/15/06 15:31:05 [Info]: Hidden file: c:\WINDOWS\Prefetch\DVOGTUS.EXE-33B1A658.pf 09/15/06 15:31:05 [Note]: 10002 1 09/15/06 15:34:06 [Note]: 7007 0

Modifié par stephrem le 15/09/2006 15:40
philae
 Posté le 15/09/2006 à 15:46 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

ok, post également le rapport d'ewido, le rapport HijackThis et fait ceci : * Fais un clic droit de souris sur ce lien http://perso.numericable.fr/~altshift/Info/Fichiers/IA.bat / "enregistrer sous" Mets le fichier sur le bureau, double-clique dessus Ne tiens pas compte de ce qui sera écrit dans la fenetre noire un rapport va s'ouvrir au bout de quelques instants, dans un fichier texte : poste-le.
stephrem
 Posté le 15/09/2006 à 19:34 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
--------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 15:01:17 15/09/2006 + Scan result: Nothing found. ::Report end Logfile of HijackThis v1.99.1 Scan saved at 19:32:33, on 15/09/2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\WINDOWS\System32\drivers\CDAC11BA.EXE C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\FICHIE~1\SYMANT~1\SECURI~1\NSCSRVCE.EXE C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\Matt.SLY\LOCALS~1\Temp\Rar$EX00.368\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file) O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [Wanadoo Messager.exe] "C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe" /background O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SSC_UserPrompt] "C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe" O4 - HKLM\..\Run: [siService.exe] "C:\Program Files\Sunbelt Software\iHateSpam\siService.exe" O4 - HKLM\..\Run: [SearchUpgrader] C:\Program Files\Common files\SearchUpgrader\SearchUpgrader.exe O4 - HKLM\..\Run: [P2P Networking2] C:\WINDOWS\System32\P2P Networking\P2P Networking2.exe /AUTOSTART O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe" O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Fichiers communs\CMEII\CMESys.exe" O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Fichiers communs\Symantec Shared\ccRegVfy.exe" O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [BDNewsAgent] C:\Program Files\Softwin\BitDefender Free Edition\\bdnagent.exe O4 - HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender Free Edition\\bdmcon.exe O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar3.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar3.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar3.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar3.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar3.dll/cmcache.html O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/165ae61524ca528e3919/netzip/RdxIE601_fr.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {602890BA-07A1-4A93-A89F-6BDDD8BB9BA5} - http://es6-scripts.dlv4.com/binaries/egauth4/egauth4_1051_FR_XP.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://www.securitoo.com/fra/pages/navol/fscax.cab O16 - DPF: {9EB4F647-FE4A-42F9-9F5C-B8FB28DD02F9} - http://scripts.dlv4.com/binaries/IA/sysia32svc_FR_XP.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab O18 - Protocol: bw+0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw+0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw-0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw00s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw10s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw20s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw30s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw40s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw50s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw60s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw70s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw80s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bw90s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwa0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwb0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwc0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwd0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwe0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O18 - Protocol: offline-8876480 - {D5A0DE8A-2314-40B2-B347-DB0C82F29F08} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O20 - AppInit_DLLs: FHook.dll O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccProxy.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Documents and Settings\Matt.SLY\Bureau>Rem 15072006 C:\Documents and Settings\Matt.SLY\Bureau>C: C:\Documents and Settings\Matt.SLY\Bureau>cd\ C:\>( echo *** RÚpertoires *** echo. dir "C:\Program Files\Fichiers communs" /on dir "C:\Program Files" /on echo. echo *** Fichiers *** echo. dir *_nav??.dat /s dir *ms?lock32*.dll /s dir eg*.dll /s dir p2e*.dll /s dir sys*svc32*.dll /s dir *procia* /s dir *mseg*pid*.dll /s dir *WMCRRS* /s echo. echo *** Registre *** echo. reg query "HKLM\SOFTWARE" | find /i "egdhtml" echo. reg query "HKCU\Software" | find /i "epk_extr" echo. reg query "HKU" /s | find "MailSkinner" echo. echo [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] echo. reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "EGDACCESS" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "eg_auth" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "eglivecam" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "EGACCESS" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "p2esocks" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "egdhtml" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs" | find /i "EGCOMSERVICE" echo. echo [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] echo. reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "EGDACCESS" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "eg_auth" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "eglivecam" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "EGACCESS" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "p2esocks" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "egdhtml" reg query "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage" | find /i "EGCOMSERVICE" echo. echo Magic Control echo. reg query "HKU" /s | find "LanConfig" reg query "HKU" /s | find "mc\SA" echo. echo *** TerminÚ *** ) 1>IA.txt

Modifié par stephrem le 15/09/2006 19:37
philae
 Posté le 15/09/2006 à 21:36 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

re le rapport de blbeta, n'est pas le bon. Peux tu stp le refaire.
stephrem
 Posté le 16/09/2006 à 08:50 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
09/16/06 08:43:45 [Info]: BlackLight Engine 1.0.46 initialized 09/16/06 08:43:45 [Info]: OS: 5.1 build 2600 () 09/16/06 08:43:46 [Note]: 7019 4 09/16/06 08:43:46 [Note]: 7005 0 09/16/06 08:43:48 [Note]: 7006 0 09/16/06 08:43:48 [Note]: 7011 1584 09/16/06 08:43:49 [Note]: 7026 0 09/16/06 08:43:49 [Note]: 7026 0 09/16/06 08:43:49 [Note]: 7024 3 09/16/06 08:43:49 [Info]: Hidden process: C:\windows\system32\dvogtus.exe 09/16/06 08:43:50 [Note]: FSRAW library version 1.7.1019 09/16/06 08:44:27 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\__delete_on_reboot__msclock32 09/16/06 08:44:27 [Note]: 10002 1 09/16/06 08:44:27 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\__delete_on_reboot__msclock32 09/16/06 08:44:27 [Note]: 10002 1 09/16/06 08:44:27 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\.housecall\Quarantine\\__delete_on_reboot__msclock32 09/16/06 08:44:27 [Note]: 10002 1 09/16/06 08:44:46 [Note]: 4020 1827 4259840 09/16/06 08:44:46 [Note]: 4018 1827 4259840 09/16/06 08:44:46 [Note]: 4020 1827 4259840 09/16/06 08:44:46 [Note]: 4018 1827 4259840 09/16/06 08:44:48 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:48 [Note]: 7002 0 09/16/06 08:44:48 [Note]: 7003 1 09/16/06 08:44:49 [Note]: 10002 1 09/16/06 08:44:49 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:49 [Note]: 7002 0 09/16/06 08:44:49 [Note]: 7003 1 09/16/06 08:44:49 [Note]: 10002 1 09/16/06 08:44:49 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:49 [Note]: 7002 0 09/16/06 08:44:49 [Note]: 7003 1 09/16/06 08:44:49 [Note]: 10002 1 09/16/06 08:44:49 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:49 [Note]: 7002 0 09/16/06 08:44:49 [Note]: 7003 1 09/16/06 08:44:49 [Note]: 10002 1 09/16/06 08:44:49 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:49 [Note]: 7002 0 09/16/06 08:44:49 [Note]: 7003 1 09/16/06 08:44:49 [Note]: 10002 1 09/16/06 08:44:50 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:50 [Note]: 7002 0 09/16/06 08:44:50 [Note]: 7003 1 09/16/06 08:44:50 [Note]: 10002 1 09/16/06 08:44:50 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:50 [Note]: 7002 0 09/16/06 08:44:50 [Note]: 7003 1 09/16/06 08:44:50 [Note]: 10002 1 09/16/06 08:44:50 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:50 [Note]: 7002 0 09/16/06 08:44:50 [Note]: 7003 1 09/16/06 08:44:50 [Note]: 10002 1 09/16/06 08:44:50 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:50 [Note]: 7002 0 09/16/06 08:44:50 [Note]: 7003 1 09/16/06 08:44:50 [Note]: 10002 1 09/16/06 08:44:51 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:51 [Note]: 7002 0 09/16/06 08:44:51 [Note]: 7003 1 09/16/06 08:44:51 [Note]: 10002 1 09/16/06 08:44:51 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:51 [Note]: 7002 0 09/16/06 08:44:51 [Note]: 7003 1 09/16/06 08:44:51 [Note]: 10002 1 09/16/06 08:44:51 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:51 [Note]: 7002 0 09/16/06 08:44:51 [Note]: 7003 1 09/16/06 08:44:51 [Note]: 10002 1 09/16/06 08:44:51 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:51 [Note]: 7002 0 09/16/06 08:44:51 [Note]: 7003 1 09/16/06 08:44:51 [Note]: 10002 1 09/16/06 08:44:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:52 [Note]: 7002 0 09/16/06 08:44:52 [Note]: 7003 1 09/16/06 08:44:52 [Note]: 10002 1 09/16/06 08:44:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:52 [Note]: 7002 0 09/16/06 08:44:52 [Note]: 7003 1 09/16/06 08:44:52 [Note]: 10002 1 09/16/06 08:44:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:52 [Note]: 7002 0 09/16/06 08:44:52 [Note]: 7003 1 09/16/06 08:44:52 [Note]: 10002 1 09/16/06 08:44:52 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:52 [Note]: 7002 0 09/16/06 08:44:52 [Note]: 7003 1 09/16/06 08:44:52 [Note]: 10002 1 09/16/06 08:44:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:53 [Note]: 7002 0 09/16/06 08:44:53 [Note]: 7003 1 09/16/06 08:44:53 [Note]: 10002 1 09/16/06 08:44:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:53 [Note]: 7002 0 09/16/06 08:44:53 [Note]: 7003 1 09/16/06 08:44:53 [Note]: 10002 1 09/16/06 08:44:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:53 [Note]: 7002 0 09/16/06 08:44:53 [Note]: 7003 1 09/16/06 08:44:53 [Note]: 10002 1 09/16/06 08:44:53 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:53 [Note]: 7002 0 09/16/06 08:44:53 [Note]: 7003 1 09/16/06 08:44:53 [Note]: 10002 1 09/16/06 08:44:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:54 [Note]: 7002 0 09/16/06 08:44:54 [Note]: 7003 1 09/16/06 08:44:54 [Note]: 10002 1 09/16/06 08:44:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:54 [Note]: 7002 0 09/16/06 08:44:54 [Note]: 7003 1 09/16/06 08:44:54 [Note]: 10002 1 09/16/06 08:44:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:54 [Note]: 7002 0 09/16/06 08:44:54 [Note]: 7003 1 09/16/06 08:44:54 [Note]: 10002 1 09/16/06 08:44:54 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:54 [Note]: 7002 0 09/16/06 08:44:54 [Note]: 7003 1 09/16/06 08:44:54 [Note]: 10002 1 09/16/06 08:44:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:55 [Note]: 7002 0 09/16/06 08:44:55 [Note]: 7003 1 09/16/06 08:44:55 [Note]: 10002 1 09/16/06 08:44:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:55 [Note]: 7002 0 09/16/06 08:44:55 [Note]: 7003 1 09/16/06 08:44:55 [Note]: 10002 1 09/16/06 08:44:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:55 [Note]: 7002 0 09/16/06 08:44:55 [Note]: 7003 1 09/16/06 08:44:55 [Note]: 10002 1 09/16/06 08:44:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:55 [Note]: 7002 0 09/16/06 08:44:55 [Note]: 7003 1 09/16/06 08:44:55 [Note]: 10002 1 09/16/06 08:44:55 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:55 [Note]: 7002 0 09/16/06 08:44:55 [Note]: 7003 1 09/16/06 08:44:55 [Note]: 10002 1 09/16/06 08:44:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:56 [Note]: 7002 0 09/16/06 08:44:56 [Note]: 7003 1 09/16/06 08:44:56 [Note]: 10002 1 09/16/06 08:44:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:56 [Note]: 7002 0 09/16/06 08:44:56 [Note]: 7003 1 09/16/06 08:44:56 [Note]: 10002 1 09/16/06 08:44:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:56 [Note]: 7002 0 09/16/06 08:44:56 [Note]: 7003 1 09/16/06 08:44:56 [Note]: 10002 1 09/16/06 08:44:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:56 [Note]: 7002 0 09/16/06 08:44:56 [Note]: 7003 1 09/16/06 08:44:56 [Note]: 10002 1 09/16/06 08:44:56 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:56 [Note]: 7002 0 09/16/06 08:44:56 [Note]: 7003 1 09/16/06 08:44:56 [Note]: 10002 1 09/16/06 08:44:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:57 [Note]: 7002 0 09/16/06 08:44:57 [Note]: 7003 1 09/16/06 08:44:57 [Note]: 10002 1 09/16/06 08:44:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:57 [Note]: 7002 0 09/16/06 08:44:57 [Note]: 7003 1 09/16/06 08:44:57 [Note]: 10002 1 09/16/06 08:44:57 [Info]: Hidden file: c:\Documents and Settings\Matt.SLY\Local Settings\Temporary Internet Files\Content.IE5 09/16/06 08:44:57 [Note]: 7002 0 09/16/06 08:44:57 [Note]: 7003 1 09/16/06 08:44:57 [Note]: 10002 1 09/16/06 08:46:52 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus.dat 09/16/06 08:46:52 [Note]: 10002 1 09/16/06 08:46:52 [Info]: Hidden file: C:\windows\system32\dvogtus.exe 09/16/06 08:46:53 [Note]: 10002 1 09/16/06 08:46:53 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus_nav.dat 09/16/06 08:46:53 [Note]: 10002 1 09/16/06 08:46:53 [Info]: Hidden file: c:\WINDOWS\system32\dvogtus_navps.dat 09/16/06 08:46:53 [Note]: 10002 1 09/16/06 08:47:20 [Info]: Hidden file: c:\WINDOWS\Prefetch\DVOGTUS.EXE-33B1A658.pf 09/16/06 08:47:20 [Note]: 10002 1 09/16/06 08:48:31 [Note]: 7007 0
philae
 Posté le 16/09/2006 à 15:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

Bonjour, me suis emmêlée les pinceaux dans les noms hier soir, désolée, le rapport de blbeta était le bon, c'est l'autre qui n'est pas bon, celui de IA.bat peux tu le refaire stp.
Publicité
stephrem
 Posté le 17/09/2006 à 12:19 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
Bonjour Actuellement je ne suis plus sur le pc qui à le problème de system doctor et je ne sais pas quand je pourrai de nouveau m'occuper du problème de ce pc. Merci encore pour ton aide
philae
 Posté le 17/09/2006 à 14:17 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonjour, dommage, il est pourtant bien infecté. il ne faudrait pas trop traîner
stephrem
 Posté le 17/09/2006 à 22:29 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Petit astucien
Pour le desinfecter il faudra vraiment faire par petite étape car la personne à qui appartient le pc n'aime pas trifouiller dans son pc et surtout elle n'est pas patiente du tout. Donc je vais voir avec elle si elle peut quand meme le faire.

Modifié par stephrem le 17/09/2006 22:32
philae
 Posté le 17/09/2006 à 22:32 
Aller en bas de la page Revenir au message précédent Revenir en haut de la page
Grande Maîtresse astucienne

bonsoir, le rapport IA.bat n'est pas le bon.
Page : [1] 
Page 1 sur 1

Vous devez être connecté pour participer à la discussion.
Cliquez ici pour vous identifier.

Vous n'avez pas de compte ? Créez-en un gratuitement !
Recevoir PC Astuces par e-mail


La Lettre quotidienne +226 000 inscrits
Avec l'actu, des logiciels, des applis, des astuces, des bons plans, ...

Les bonnes affaires
Une fois par semaine, un récap des meilleurs offres.

Les fonds d'écran
De jolies photos pour personnaliser votre bureau. Une fois par semaine.

Les nouveaux Bons Plans
Des notifications pour ne pas rater les bons plans publiés sur le site.

Les bons plans du moment PC Astuces

Tous les Bons Plans
89,99 €Caméra de sécurité connectée Blink Outdoor à 89,99 €
Valable jusqu'au 07 Mai

Amazon fait une belle promotion sur sa caméra de sécurité connectée Blink Outdoor qui passe à 89,99 € livrée gratuitement au lieu de 120 € habituellement. Gardez l'esprit tranquille avec cette caméra polyvalente sans fil pour l'extérieur, dotée d'une autonomie de 2 ans (piles au lithium fournies), d’un système audio bidirectionnel, de la détection de mouvements personnalisable, de la vision nocturne infrarouge et de l’enregistrement en direct en Full HD 1080p dans le cloud (via un abonnement) ou en local (en branchant directement un périphérique de stockage USB sur la base de synchronisation fournie).

Cette caméra est accompagnée d'un module de synchronisation (avec votre réseau WiFi) et fonctionne directement. Notez que les lots de plusieurs caméras sont également en promotion : 2 caméras à 164,99 € (82,49 € par caméra), 3 caméras à 224,99 € (74,99 € / caméra) et 4 caméras à 284,99 € (71,25 € / caméra).


> Voir l'offre
13,99 €Clé USB Sandisk Ultra 64 Go à double connectique USB 3.1 Type A et C à 13,99 €
Valable jusqu'au 06 Mai

Amazon fait une promotion sur la clé USB Sandisk Ultra 64 Go à double connectique USB 3.1 Type A et C qui passe à 13,99 € alors qu'on la trouve ailleurs à plus de 25 €. Cette clé USB  dispose d'un connecteur réversible USB Type C et d'un connecteur classique de type A. Grâce à elle, transférez en toute simplicité et rapidement (jusqu'à 150 Mo/s) vos fichiers entre vos smartphones, tablettes et ordinateurs. 


> Voir l'offre
27,32 €Souris sans fil silencieuse Logitech M590 avec Flow à 27,32 € livré
Valable jusqu'au 08 Mai

Amazon Italie fait une promotion sur la souris silencieuse Logitech M590 à 22,61 €. Comptez 4,71 € pour la livraison en France soit un total de 27,32 € livré alors qu'on la trouve ailleurs à plus de 40 €. La Logitech Wireless Mouse M590 Multi-Device Silent est équipée de la technologie Logitech Flow. Cette dernière, révolutionnaire, vous permet de déplacer le curseur de votre souris d'un ordinateur à un autre (jusqu'à 3 ordinateurs), d'effectuer des copier-coller de texte, d'une image ou encore d'un fichier d'une machine à une autre. Grâce à une réduction des bruits de plus de 90%, elle apporte une expérience silencieuse avec le même confort de clic.  


> Voir l'offre

Sujets relatifs
Pub intempestive navi search, system doctor !!...
pb system doctor + navi search
infecter par system doctor,navi search
System doctor?
Encore...System doctor
Hijackthis fenetre winantivirus, system doctor....
Norton toujours vivant+system doctor
help (winantivurs,winantispyware,system doctor,..)
System Doctor
System doctor impossible de s'en débarasser
Plus de sujets relatifs à Navi search et system doctor
 > Tous les forums > Forum Sécurité