[LOGICIEL] svchots.exe

Posté(e) le 20 janvier 200520 a

Bonjour,

Ad-Watch me dit sans arrêt (toutes les 3 sec) qu'une modification du registre est détectée, et ceci me semble bizarre car cela ne se passait pas auparavent.

En voici les caractéristiques :

Racine : HKEY_LOCAL_MACHINE

Clé : Software\Microsoft\Windows\CurrentVersion\Run

Valeur : ®Windows Update

Données :

Nouvelles Données : svchosts.exe

Ce processus n'est pas actif et je ne trouve pas cette valeur dans mon registre.

J'ai aussi analyser mon pc avec Symantec AntiVirus, Ad-Aware et Microsoft Spyware, mais rien ne change.

Est-ce normal ?

Citer

Posté(e) le 20 janvier 200520 a

Nouvelles Données : svchosts.exe

Ce n'est pas un process windows mais bien un ver.

Regarde ici

L'onglet description est a regarder.....

Google est ton ami :francais:

Citer

Posté(e) le 20 janvier 200520 a

Un scan antivirus en ligne chez www.secuser.com avec la restauration system désactivée , puis un rapport Hijackthis

Citer

Posté(e) le 20 janvier 200520 a

Auteur

L'Antivirus ne trouve rien.

Voici le log Hijackthis :

Logfile of HijackThis v1.99.0

Scan saved at 12:41:29, on 20/01/2005

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Launch Manager\QtDTAcer.EXE

C:\WINDOWS\System32\sistray.EXE

C:\WINDOWS\System32\khooker.exe

C:\WINDOWS\system32\GSICON.EXE

C:\WINDOWS\system32\dslagent.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

C:\Program Files\D-Tools\daemon.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

C:\Program Files\Logitech\MouseWare\system\em_exec.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\PROGRA~1\INCRED~1\bin\IMApp.exe

C:\Program Files\Microsoft AntiSpyware\gcasServ.exe

C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe

C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe

C:\WINDOWS\system32\_textpad.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Delphine\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.popupsearches.com/sidesearch.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.popupsearches.com/sidesearch.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ulg.ac.be/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Favoris

F3 - REG:win.ini: run=hpfsched

N3 - Netscape 7: user_pref("browser.startup.homepage", "http://www.ulg.ac.be"); (C:\Documents and Settings\Delphine\Application Data\Mozilla\Profiles\default\v551pu83.slt\prefs.js)

N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://C%3A%5CProgram%20Files%5CNetscape%5CNetscape%5Csearchplugins%5CNetscape_France.src"); (C:\Documents and Settings\Delphine\Application Data\Mozilla\Profiles\default\v551pu83.slt\prefs.js)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: RsyncHlpr Class - {16B238D5-80DE-47CE-8F17-B3ECE2C2248D} - C:\WINDOWS\system32\rsyncmon.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtDTAcer.EXE

O4 - HKLM\..\Run: [siS Tray] C:\WINDOWS\System32\sistray.EXE

O4 - HKLM\..\Run: [siS KHooker] C:\WINDOWS\System32\khooker.exe

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe

O4 - HKLM\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"

O4 - HKLM\..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=032704 serial=DR11CTD-9999999-KHM

O4 - HKLM\..\Run: [uStorag] c:\program files\u-storage tool2.91\ustorage.exe sys_auto_run C:\Program Files\U-Storage Tool2.91

O4 - HKLM\..\Run: [®Windows Update] svchosts.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [incrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c

O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN Messenger\Messenger Plus\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [®Windows Update] svchosts.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: Assistant d'Acrobat.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\ipsecdialer.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: Ajouter au tueur de pub - C:\Program Files\MyIE2\config/blacklist.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: PowerBand - {DCBE36AB-077E-4701-B6E4-2ADBA267451F} - C:\Program Files\MyIE2\Plugin\PowerBand\PowerBand.dll

O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll

O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/

O16 - DPF: Dexia netbanking - http://netbanking.dexia.be/PC//Dynamic/Sha...t//DexiaIIA.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab30149.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab30149.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_FR_XP.cab

O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/200404...meInstaller.exe

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab

O16 - DPF: {CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.0_03) -

O16 - DPF: {DD3641E5-A9CF-11D1-9AA1-444553540000} (Surround Video V3.0 Control Object) - http://www.lanson.net/svideo3.cab

O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup...er/imloader.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{8794E559-0C13-4532-869E-958482555272}: NameServer = 195.238.2.21 195.238.2.22

O18 - Protocol: bw+0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw+0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw-0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw00s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw10s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw20s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw30s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw40s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw50s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw60s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw70s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw80s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bw90s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwa0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwb0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwc0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwd0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwe0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwf0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O18 - Protocol: bwg0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwg0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwh0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwi0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwj0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwk0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwl0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwm0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwn0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwo0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwp0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwq0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwr0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bws0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwt0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwu0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwv0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bww0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwx0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwy0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: bwz0s - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O18 - Protocol: offline-8876480 - {72682655-485F-4E94-BBCF-C3201C434A22} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: Adobe LM Service - Unknown - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Cisco Systems, Inc. VPN Service - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\DefWatch.exe

O23 - Service: Service d'administration du Gestionnaire de disque logique - Unknown - C:\WINDOWS\System32\dmadmin.exe

O23 - Service: Journal des événements - Unknown - C:\WINDOWS\system32\services.exe

O23 - Service: Service COM de gravage de CD IMAPI - Unknown - C:\WINDOWS\System32\imapi.exe

O23 - Service: Macromedia Licensing Service - Unknown - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe

O23 - Service: Partage de Bureau à distance NetMeeting - Unknown - C:\WINDOWS\System32\mnmsrvc.exe

O23 - Service: Symantec AntiVirus Client - Symantec Corporation - C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Rtvscan.exe

O23 - Service: Plug-and-Play - Unknown - C:\WINDOWS\system32\services.exe

O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance - Unknown - C:\WINDOWS\system32\sessmgr.exe

O23 - Service: Carte à puce - Unknown - C:\WINDOWS\System32\SCardSvr.exe

O23 - Service: Journaux et alertes de performance - Unknown - C:\WINDOWS\system32\smlogsvc.exe

O23 - Service: Cliché instantané de volume - Unknown - C:\WINDOWS\System32\vssvc.exe

O23 - Service: Carte de performance WMI - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe

Citer

Posté(e) le 20 janvier 200520 a

Infecté ! je te donne le résultat après le repas :oops:

Passe CWSHredder et Spysweeper en attendant ( cf .ma signature ) , puis reboot et poste un nouveau rapport dans TOPIC UNIQUE " HIJACKTHIS "

Citer

Connexion

[LOGICIEL] svchots.exe

Featured Replies

Archivé

Account

Navigation

Rechercher

Configure browser push notifications

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)